News

Latest news on the subject of B2B cyber security >>> PR agencies: Add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Tag: Tenable

AI use: protection and threat to data security in 2025
17 January 2025
| No comments
| Data Security & Backup, PR News
AI use: protection and threat to data security in 2025

This year, companies should make data security in the cloud a top priority as AI adoption increases. Developing and implementing new security policies for AI tools will be an important step in preventing data leaks. In the coming year, companies will face increasing pressure to secure large-scale AI initiatives while protecting a growing number of data assets from cyber threats. Here are Tenable's key predictions for the future of cloud security: AI adoption and more stringent security As the technology becomes more widely available, more and more companies will incorporate AI into their infrastructure and...

Read more

Zero-day vulnerability in Firefox and Windows
23 December 2024
| No comments
| Short news
B2B Cyber ​​Security ShortNews

The recent exploit chain used by the RomCom group (also known as Storm-0978) – which included a zero-day vulnerability in Firefox (CVE-2024-9680) and a privilege escalation zero-day vulnerability in Microsoft Windows (CVE-2024-49039) – highlights the sheer determination of threat actors, but also how difficult it has become for them to circumvent browser protections. As browser security becomes more robust, threat actors are forced to link vulnerabilities together to circumvent protections. Organizations should therefore not only focus on the vulnerabilities with the highest criticality, but rather identify the attack paths that allow vulnerabilities to be exploited regardless of the…

Read more

Vulnerability discovered in Open Policy Agent (OPA)
30 November 2024
| No comments
| Short news
B2B Cyber ​​Security ShortNews

A security research team has discovered a Server Message Block Force Authentication (SMB) vulnerability in all versions of Open Policy Agent (OPA) for Windows prior to v0.68.0. OPA is one of the most widely used open source policy engines. The vulnerability, tracked as CVE-2024-8260, is due to insufficient input validation that allows users to pass an arbitrary SMB share instead of a rego file as an argument to the OPA CLI or one of the OPA Go library functions. Successful exploitation can lead to unauthorized access by compiling the Net-NTLMv2 hash — i.e., the credentials — of the user currently connected to the Windows device on which the…

Read more

Security solution: Protection for high-security needs in the cloud
7 November 2024
| No comments
| Cloud security, Short news
B2B Cyber ​​Security ShortNews

A new security solution supports customers who operate in highly secure or otherwise isolated environments. The solution detects, assesses and analyzes IT assets and containers to prevent breaches. Based on Tenable Security Center, Tenable Enclave Security protects IT assets and modern workloads using risk assessments and contextual information that enable customers to identify security risks before they cause damage. Public authorities are bound by special security and compliance guidelines when using cloud solutions. The solution is an important building block when it comes to meeting public sector customers and commercial organizations with strict requirements for...

Read more

CloudImposer had its sights set on Google Cloud Platform
12 October 2024
| No comments
| Short news
B2B Cyber ​​Security ShortNews

A critical remote code execution (RCE) vulnerability called CloudImposer could have allowed malicious actors to infect millions of Google Cloud Platform (GCP) servers and customer systems. The Tenable Research Team has discovered a critical remote code execution (RCE) vulnerability called CloudImposer that could have allowed malicious actors to execute code on potentially millions of Google Cloud Platform (GCP) servers and customer systems. The vulnerability indicates a serious security flaw in Google Cloud services, specifically affecting App Engine, Cloud Function, and Cloud Composer. The discovery follows a careful analysis of GCP documentation…

Read more

Security in AI Solutions and Large Language Models
3 October 2024
| No comments
| PR News
Security in AI Solutions and Large Language Models

Tenable AI Aware, an exposure management company, announced the release of AI Aware, an advanced detection capability that can quickly determine whether artificial intelligence solutions are in use and whether AI-related vulnerabilities and security weaknesses exist. Tenable AI Aware provides insights into security vulnerabilities in AI applications, libraries and plugins, enabling organizations to confidently identify and remediate AI risks without impacting business operations. The rapid development and adoption of AI technologies over the past two years has brought with it major cybersecurity and compliance risks that organizations must address without relying on proven best practices…

Read more

Only a few vulnerabilities are critical
September 22, 2024
| No comments
| Short news
B2B Cyber ​​Security ShortNews

As part of its study "The Critical Few: How to Expose and Close the Threats that Matter", an exposure management company identifies the most important vulnerabilities in companies and provides concrete recommendations for action to eliminate potentially business-critical cyber threats. Over the past two decades, Tenable has collected and analyzed around 50 trillion data points on more than 240.000 vulnerabilities. Based on this extensive data set, Tenable has developed a methodology that shows that only 3 percent of these vulnerabilities usually result in serious breaches. Security teams are confronted with vast amounts of fragmented vulnerability and threat intelligence data. Tenable has...

Read more

Vulnerability in the Google Cloud Platform (GCP)
September 12, 2024
| No comments
| Short news
B2B Cyber ​​Security ShortNews

An exposure management company announces that the research team has identified a vulnerability in the Google Cloud Platform (GCP). This affects the serverless compute service "Cloud Function" and the CI/CD pipeline service "Cloud Build". GCP has fixed the ConfusedFunction vulnerability for future Cloud Build accounts. However, existing Cloud Build instances remain at risk - companies should react immediately. Cloud Functions in GCP are event-triggered serverless functions that automatically scale and execute code as soon as they are triggered by certain events (such as HTTP requests or data changes). When a GCP user creates or updates a Cloud Function,...

Read more

Identify weak points and act efficiently
September 3, 2024
| No comments
| PR News
Identify weak points and act efficiently

Security teams are faced with large amounts of vulnerability and threat intelligence data. That's why Tenable has developed new features in its Vulnerability Management that provide actionable insights into IT and cloud environments. Tenable Vulnerability Intelligence and Exposure Response are two new powerful, context-based prioritization and response capabilities. These are available in Tenable Vulnerability Management, Tenable One and Tenable Cloud Security. Combined, these features contextualize vulnerability data from internal and external sources, helping organizations close the most critical security gaps to their business. Identifying vulnerabilities is a Sisyphean task Security teams are faced with vast amounts of fragmented data...

Read more

Germany: 44 percent of all cyber attacks successful
12 January 2024
| Ein Kommentar
| Stories
Germany: 44% of all cyber attacks successful - Image by Moondance on Pixabay / CC0

According to a study of German cybersecurity and IT leaders, security teams are so busy defending against cyberattacks that they no longer have resources for preventive cyber defense. Tenable® today highlighted that 44% of cyberattacks suffered by German companies in the past two years were successful. Security teams are therefore forced to focus their working hours and measures on reactive containment of cyberattacks instead of preventing them in advance. Since less than half (48%) of German companies are convinced that they can successfully manage their own risk exposure with the help of their cybersecurity procedures...

Read more

© 2024 MedPressIT Selinger
Cookie Settings