Blog da Tenable
CVE-2026-35616: Fortinet FortiClientEMS improper access control vulnerability exploited in the wild
Tenable Cyber Watch: Governo dosO governo atualiza o guia de ransomware, o estudo Lineaje revela os riscos da cadeia de suprimentos em OSS e muito mais
This week’s edition of the Tenable Cyber Watch unpacks the most recent updates to the U.S. government’s #StopRansomware Guide and addresses the steps organizations can take to boost digital trust. Also covered: why companies must be careful when using open source software.
Perguntas frequentes sobre vulnerabilidades de transferência do MOVEit e gangue CL0P Ransomware
Frequently asked questions relating to vulnerabilities in MOVEit Transfer, including one that was exploited by the prolific CL0P ransomware gang.
Cybersecurity Snapshot: Para uma segurança reforçada na nuvem, concentre-se na configuração
Check out the NCSC’s advice about proper configuration in cloud security. Plus, a detailed guide about LockBit ransomware. Also, don’t miss OWASP’s revised list of top API security risks. Plus, CISA’s warning about remote network management tools. e muito mais.
CVE-2023-20887: Operações do VMware Aria para injeção de comando nas redes
VMware issues advisory to address three flaws in its VMware Aria Operations for Networks solution, including a critical command injection flaw assigned a CVSSv3 score of 9.8.
Patch Tuesday da Microsoft de Junho de 2023 aborda 70 CVEs (CVE-2023-29357)
Microsoft addresses 70 CVEs in its June 2023 Patch Tuesday update including six rated as critical.
CVE-2023-27997: Heap-Based Buffer Overflow in Fortinet FortiOS and FortiProxy SSL-VPN (XORtigate)
Fortinet says a critical flaw in its SSL-VPN product may have been exploited in the wild in a limited number of cases. Organizations are strongly encouraged to apply these patches immediately.
Tenable Cyber Watch: Seis equívocos cibernéticos comuns e críticos, melhores práticas para impulsionar a segurança do IAM, e mais
This week’s edition of the Tenable Cyber Watch unpacks the six most critical and common cyber misconceptions and shares tips on how to better distribute software bills of materials. Also covered: the best practices to boost IAM security from CISA and the NSA.
Cybersecurity Snapshot: Está criando o seu próprio ChatGPT?Saiba como evitar riscos à segurança dos modelos de IA
Find out why cyber teams must get hip to AI security ASAP. Plus, check out the top risks of ChatGPT-like LLMs. Also, learn what this year’s Verizon DBIR says about BEC and ransomware. Plus, the latest trends on SaaS security. e muito mais.
Mastering the Art of Kubernetes Security
With Kubernetes’ explosive adoption by the development community comes an urgent need to secure clusters and ensure their compliance effectively.
