Blog da Tenable
Inscrever-seOpen Banking Is the Future: 5 Ways to Secure Your Network
Como destruir os ataques generalizados contra o Active Directory e identidades
Proteger o Active Directory e a infraestrutura de identidade é essencial para evitar aumento de privilégios, movimento lateral e persistência de um invasor.As we look deeper into recent high-profile breache...
Como destruir os caminhos de ataque: por que a aquisição da Alsid pela Tenable é importante.
This acquisition allows us to combine Tenable's ability to assess the state of the digital infrastructure with Alsid's ability to assess the state of Active Directory, helping security professionals a...
How to Migrate to Office 365 the Secure Way
Looking to extend your Active Directory to the cloud? This guide explores options for securely migrating your on-prem identities and access controls to Office 365. Cloud computing offers lower costs,...
The Top 10 Active Directory Security Questions CISOs Must Ask
Active Directory has become the primary target for advanced cyberattacks and ransomware groups. Here's what you should consider when evaluating security vendors. For more than 20 years, Active Directo...
Insider Threats in Active Directory: How to Safeguard Privileged and Non-Privileged User Accounts
In this post, we define privileges related to Active Directory and highlight the key security risks of internal privileged and non-privileged user groups. What do we mean by “privileges”? For the purp...
Primary Group ID Attack in Active Directory: How to Defend Against Related Threats
The Primary Group ID in Active Directory, created to help manage access to sensitive resources, has become a critical vulnerability that attackers can exploit to escalate privileges without leaving a...
How to Stop the Kerberos Pre-Authentication Attack in Active Directory
Here’s a look at how to safeguard your Active Directory from the known roasting attack on Kerberos Pre-Authentication. As part of the Kerberos authentication process in Active Directory, there is an i...
Proteção do Active Directory: How to Prevent the SDProp and adminSDHolder Attack
Attackers can get into your Active Directory by leveraging the SDProp process and gaining privileges through the adminSDHolder object. Here's how to stop them. Attackers use every possible trick and p...
Proteção do Active Directory: 3 Ways to Close the No-Password Loophole
Any Active Directory user can have their password requirements negated with a simple command. Here’s how to identify these gaps before an attacker does. With Active Directory being around for so long,...
Tenable Assure: Announcing the 2021 Global Partner Award Winners
Celebrating the elite defenders who are helping organizations around the world conquer their cyber risk. Cybersecurity is always a team effort. Day in, day out, defenders rely on an ecosystem of team...
Oracle April 2021 Critical Patch Update Addresses 257 CVEs including ‘Zerologon’ (CVE-2020-1472)
Oracle addresses over 250 CVEs in its second quarterly update of 2021 with 390 patches, including 34 critical updates. Background On April 20, Oracle released its Critical Patch Update (CPU) for Apri...
CVE-2021-22893: Zero-Day Vulnerability in Pulse Connect Secure Exploited in the Wild
Threat actors are leveraging a zero-day vulnerability in Pulse Connect Secure, for which there is no immediate patch scheduled for release. Update May 3, 2021: The Analysis and Solution sections have...
