Microsoft’s June 2025 Patch Tuesday Addresses 65 CVEs (CVE-2025-33053)
Microsoft addresses 65 CVEs, including two zero-day vulnerabilities, with one being exploited in the wild....
Como usar métricas baseadas em risco em um programa de gerenciamento de exposição
Todas as segundas-feiras, a Tenable Exposure Management Academy fornece a orientação prática e real de que você precisa para mudar do gerenciamento de vulnerabilidades para o gerenciamento de exposição. In this post, Tenable security engineers Arnie Cabral and Jason Schavel share how you can use risk-based metrics. ...
Cybersecurity Snapshot: Experts Issue Best Practices for Migrating to Post-Quantum Cryptography and for Improving Orgs’ Cyber Culture
Check out a new roadmap for adopting quantum-resistant cryptography. Plus, find out how your company can create a better cybersecurity environment. In addition, MITRE warns about protecting critical infrastructure from cyber war. And get the latest on exposure response strategies and on CISO compens...
Segurança da nuvem mais forte em cinco etapas: três maneiras rápidas de melhorar a segurança do Kubernetes no GCP
In this fifth installment of Tenable’s “Stronger Cloud Security in Five” blog series, we offer three best practices for quickly hardening your Kubernetes environment’s security in GCP: remove wide inbound access to cluster APIs; remove root permissions from containers; and remove privileged permissi...
Abuso de extensões do lado do cliente (CSE): uma porta dos fundos para o seu ambiente de AD
Crucial for applying Active Directory Group Policy Objects, client-side extensions (CSEs) are powerful but also present a significant, often overlooked, attack vector for persistent backdoors. Rather than cover well-documented common abuses of built-in CSEs, this article demonstrates how to create c...
Perguntas frequentes sobre BadSuccessor
Frequently asked questions about “BadSuccessor,” a zero-day privilege escalation vulnerability in Active Directory domains with at least one Windows Server 2025 domain controller....
Ir além dos silos com o gerenciamento de exposição
Todas as segundas-feiras, a Tenable Exposure Management Academy fornece a orientação prática e real de que você precisa para mudar do gerenciamento de vulnerabilidades para o gerenciamento de exposição. In this post, Tenable’s chief security officer Robert Huber looks at how exposure management can help you move beyond silos....
Cybersecurity Snapshot: New Standard for AI System Security Published, While Study Finds Cyber Teams Boost Value of Business Projects
Check out ETSI’s new global standard for securing AI systems and models. Plus, learn how CISOs and their teams add significant value to orgs’ major initiatives. In addition, discover what webinar attendees told Tenable about their cloud security challenges. And get the latest on properly decommissio...
Antecipando-se aos riscos da IA: o que vem a seguir na Tenable
The acquisition of Apex Security adds a powerful new layer of visibility, context and control to the Tenable One Exposure Management Platform to govern usage, enforce policy and control exposure across both the AI that organizations use and the AI they build....
Where Capability Meets Opportunity: Introducing the Tenable Research Special Operations Team
Meet the elite squad that’s hunting the next major cyberattack. With more than 150 years of combined research experience and expert analysis, the Tenable Research Special Operations team arms organizations with the critical and actionable intelligence necessary to proactively defend the modern attac...
ICYMI: uma retrospectiva dos destaques da Exposure Management Academy
Todas as segundas-feiras, a Tenable Exposure Management Academy fornece a orientação prática e real de que você precisa para mudar do gerenciamento de vulnerabilidades para o gerenciamento de exposição. This week, we look back on some highlights from the first couple of months of posts, including the broad view exposure management p...
Cybersecurity Snapshot: AI Data Security Best Practices Released, While New Framework Seeks To Help IT Pros Gain Cyber Skills
Check out expert recommendations for protecting your AI system data. Plus, boost your IT department’s cybersecurity skills with a new interactive framework. In addition, learn about a malware campaign targeting critical infrastructure orgs. And get the latest on Russian cyber espionage and on a NIST...