These Services Shall Not Pass: Abusing Service Tags to Bypass Azure Firewall Rules (Customer Action Required)
Azure customers whose firewall rules rely on Azure Service Tags, pay attention: You could be at risk due to a vulnerability detected by Tenable Research. Here’s what you need to know to determine if you’re affected, and if so, what you should do right away to protect your Azure environment from…
Linguistic Lumberjack: Attacking Cloud Services via Logging Endpoints (Fluent Bit - CVE-2024-4323)
Tenable Research has discovered a critical memory corruption vulnerability dubbed Linguistic Lumberjack in Fluent Bit, a core component in the monitoring infrastructure of many cloud services.
O estudo de segurança da nuvem da Tenable revela que impressionantes 95% das organizações pesquisadas sofreram uma violação relacionada à nuvem em um período de 18 meses
As descobertas do estudo Panorama de segurança da nuvem de 2024 da Tenable são um sinal claro da necessidade de uma segurança proativa e robusta para a nuvem. Read on to learn more about the study’s findings, including the main challenges cloud security teams face, their strategies for better protecting their cloud…
FlowFixation: Serviço do Apache Airflow da AWS assume a vulnerabilidade, e por que negligenciar as proteções coloca os principais CSPs em risco
Tenable Research discovered a one-click account takeover vulnerability in the AWS Managed Workflows Apache Airflow service that could have allowed full takeover of a victim’s web management panel of the Airflow instance. The discovery of this now-resolved vulnerability reveals a broader problem of…
A IDC classifica a Tenable como a número 1 em participação no mercado mundial de gerenciamento de vulnerabilidades de dispositivos pelo quinto ano consecutivo
O último relatório da empresa de pesquisa também fornece informações de mercado que os profissionais de segurança podem usar para melhorar sua estratégia de gerenciamento de vulnerabilidades.
Pig Butchering Scam: From Tinder and TikTok to WhatsApp and Telegram, How Scammers Are Stealing Millions in a Long Con
In part one of a two-part series on Pig butchering, we detail the pervasive scam that has impacted thousands of victims around the world, resulting in the loss of hundreds of millions of dollars. This blog highlights the who and the how of Pig butchering scams, and details the Pig butchering…
Pig Butchering Scam: How Bitcoin, Ethereum, Litecoin and Spot Gold (XAUUSD) Investments Are Used in Romance Scams to Steal Hundreds of Millions
This is the second part of a two-part series based on firsthand research into pig butchering scams from the end of 2022 into early 2024. In this post, we delve into the types of investment scams perpetrated by pig butchers to steal hundreds of millions of dollars from victims, including in the form…
The Kids Aren’t Alright: Vulnerabilities in Edulog Portal Revealed K-12 Student Location Data
Tenable Research discovered security flaws in a popular transportation management app that allowed access to student location data. While these issues have been fixed, the findings again prove the importance of strong authentication and access control.
Maximize Your Vulnerability Scan Value with Authenticated Scanning
Want to get a lot more value out of your vulnerability scans? Start doing authenticated scanning
Navigating the Roadblocks: Overcoming People, Process, and Technology Challenges for Preventive Security in Japan
Uncover the obstacles hindering preventive cybersecurity and ways to build cyber resilience for your Japanese organisation in a commissioned study conducted in 2023 by Forrester Consulting on behalf of Tenable.
ApatchMe - Authenticated Stored XSS Vulnerability in AWS and GCP Apache Airflow Services
Unpatched Apache Airflow instances used in Amazon Web Services (AWS) and Google Cloud Platform (GCP) allow an exploitable stored XSS through the task instance details page.
What’s Stopping Organisations in India from Practicing Preventive Cybersecurity?
Uncover the obstacles hindering preventive cybersecurity and ways to build cyber resilience for your Indian organisation in a commissioned study conducted in 2023 by Forrester Consulting on behalf of Tenable.
Entre em contato com nossa equipe de vendas