3CX Desktop App for Windows and macOS Reportedly Compromised in Supply Chain Attack
March 30, 2023A softphone desktop application from 3CX, makers of a popular VoIP PBX solution used by over 600,000 organizations, has reportedly been trojanized as part of a supply chain attack
Five Core Principles for Hybrid Cloud Security
March 29, 2023How to build a hybrid-cloud security strategy that is effective, scalable and affordable.
Exposure Management: 7 Benefits of a Platform Approach
March 28, 2023When it comes to preventive cybersecurity, there have been longstanding debates over whether it's more effective to operate an array of best-of-breed point solutions or to take a more consolidated platform approach. Here are seven reasons an exposure management platform can help reduce cyber risk.
EPA Issues Cybersecurity Regulations for Public Water Systems: How Tenable Can Help
March 27, 2023EPA released new regulations that require states to assess cybersecurity risks at drinking water systems and ensure these systems have sufficient cyber protections. Here’s what you need to know — and how Tenable can help.
Tenable Cyber Watch: U.K. Cyber Agency Raises Privacy Concerns About ChatGPT, CISA Program Tackles Ransomware in Critical Infrastructure, and more
March 27, 2023This week’s edition of the Tenable Cyber Watch unpacks CISA’s new pilot program that detects vulnerabilities in critical infrastructure and addresses the FBI’s plea for more ransomware victims to report attacks. Also covered: Why the U.K. National Cyber Security Centre is warning ChatGPT users to tread carefully when submitting queries with sensitive information.
Federating Kubernetes Workloads with Cloud Identities
March 27, 2023Your K8s workloads legitimately need access to sensitive cloud resources – federated identities let you grant it easily and securely.
Cybersecurity Snapshot: Strengthen Identity and Access Management Security with New CISA/NSA Best Practices
March 24, 2023Learn about a new guide packed with best practices recommendations to improve IAM systems security. Plus, cybersecurity ranks as top criteria for software buyers. Also, guess who’s also worried about ChatGPT? Oh, and do you know what a BISO is? And much more!
Navigating Cloud Security: Why Segregating Environments from Dev to Production is so Important
March 22, 2023Segregation in cloud environments is important for security — this post explores why and offers best practice tips for acting on it.
Tenable Cyber Watch: A Look at the U.S. National Cybersecurity Strategy, A Powerful AI Tech Gears Up for Prime Time, and more
March 20, 2023This week’s edition of the Tenable Cyber Watch unpacks the White House’s National Cybersecurity Strategy and explores how artificial intelligence will help cyber teams with complex attacks. Also covered: Why software vendors should prepare to submit letters of attestation to the GSA.
OpenAI’s ChatGPT and GPT-4 Used as Lure in Phishing Email, Twitter Scams to Promote Fake OpenAI Tokens
March 17, 2023Hoping to cash in on the massive interest around OpenAI’s GPT-4 – ChatGPT’s new multimodal model – scammers have launched phishing campaigns via email and Twitter designed to steal cryptocurrency. Check out how they’re carrying out the scams and how you can avoid becoming a victim.
Cybersecurity Snapshot: CISA Pinpoints Vulnerabilities in Critical Infrastructure Orgs that Ransomware Groups Could Exploit
March 17, 2023Learn about CISA’s new program to help critical infrastructure organizations stamp out vulnerabilities associated with ransomware attacks. Plus, a U.S. government advisory with the latest on LockBit 3.0. Also, find out why the U.K.’s cyber agency is warning users about ChatGPT. And much more!
Microsoft’s March 2023 Patch Tuesday Addresses 76 CVEs (CVE-2023-23397)
March 14, 2023Microsoft addresses 76 CVEs including two zero-days exploited in the wild, one of which was publicly disclosed.