Tenable blog
Detecting Remote Monitoring and Management Tools Used by Attackers
Microsoft Azure Virtual Machines: Public IP Configuration Is Not Always As It Seems
If you’re not familiar enough with the SKU attribute of the Azure public IP address, you may think you’re configuring your virtual machines as public to the internet … but you aren’t....
Cybersecurity Snapshot: U.S. Gov’t Turns Up Heat on Breach Notifications, While Cyber Concerns Still Hamper Cloud Value
Learn all about the FCC’s plan to accelerate telecom breach reports. Plus, why cyber worries remain a cloud obstacle. Also, find out how to rate your cloud MSP’s cybersecurity strength. Then check out our ad-hoc poll on cloud security. And much more!...
Google: Monitor These Emerging Cloud Security Challenges in 2023
A new report from Google outlines a set of evolving threats that cloud security teams should keep an eye on in the new year....
Microsoft’s January 2023 Patch Tuesday Addresses 98 CVEs (CVE-2023-21674)
Microsoft addresses 98 CVEs including a zero-day vulnerability that was exploited in the wild....
Tenable Cyber Watch: Key 2022 Data for Cloud Security, VM, EASM, Web App Security, and More
It's that time again! Time to grab another cup of coffee and tune into this week's episode of the Tenable Cyber Watch newscast, the weekly video news digest that helps you zero-in on the things that matter right now in cybersecurity. As she does every Monday, Tenable Cyber Watch host Jirah Mickle...
Why JIT Access is an Essential Part of Cloud Security
Automating JIT in the cloud is win-win for improving security and business productivity -- and cracks a nut that PAM can’t....
Cybersecurity Snapshot: Discover the Most Valuable Cyber Skills, Key Cloud Security Trends and Cyber’s Big Business Impact
Happy New Year! Learn all about the cybersecurity expertise that employers value most; Google Cybersecurity Action Team’s latest take on cloud security trends; a Deloitte report on cybersecurity’s growing business influence; a growth forecast for cyber spending; and more!...
CVE-2022-47523: ManageEngine Password Manager Pro, PAM360 and Access Manager Plus SQL Injection Vulnerability
Zoho patches a newly disclosed high-severity SQL injection flaw in several ManageEngine products; attackers have historically targeted several ManageEngine products over the last three years....
Visibility of the Unknown: Understanding EASM and How It Can Help
External attack surface management (EASM) is difficult and oftentimes confusing, especially in a world of poor inventory controls and a growing attack surface. This blog discusses what's required to do EASM successfully....
