CVE-2025-53786: Frequently Asked Questions About Microsoft Exchange Server Hybrid Deployment Elevation of Privilege Vulnerability CVE-2025-53786是Microsoft Exchange Server混合部署中的权限提升漏洞，允许本地管理员控制云端环境。该漏洞因Exchange Server与Exchange Online共享服务主体而产生。微软已发布热修复补丁，并建议配置专用应用以缓解风险。CISA发布警报并要求联邦机构迅速应对。... 2025-8-7 20:6:25 | 阅读: 23 | 收藏 | Tenable Blog - www.tenable.com tenable security exchange nessus cloud

We're a Major Player in the 2025 IDC MarketScape for CNAPP. Here's Why That Matters for Your Cloud Security. “With a strong focus on CNAPP through Tenable Cloud Security and exposure management with Tenable On... 2025-8-7 13:0:0 | 阅读: 18 | 收藏 | Tenable Blog - www.tenable.com cloud security tenable exposure cnapp

CVE-2025-54987, CVE-2025-54948: Trend Micro Apex One Command Injection Zero-Days Exploited In The Wild Trend Micro发布针对两个未修补零日漏洞的临时缓解工具，这些漏洞影响其Apex One Management Console的本地版本。攻击者可利用这些漏洞上传文件并执行命令。目前尚未有补丁，预计八月中旬发布。... 2025-8-6 18:44:38 | 阅读: 22 | 收藏 | Tenable Blog - www.tenable.com security apex tenable injection

Act Now: $100M in FY25 Cyber Grants for SLTTs Available Before August 15 美国政府提供超过1亿美元的网络安全拨款，分为州和部落项目，重点在治理、评估、保护和培训。申请截止8月15日。Tenable提供解决方案支持。... 2025-8-6 18:10:0 | 阅读: 16 | 收藏 | Tenable Blog - www.tenable.com tenable governments resilience slcgp

The AI Security Dilemma: Navigating the High-Stakes World of Cloud AI 人工智能为组织带来机遇的同时也扩大了攻击面。研究显示，AI工作负载比传统工作负载更易受攻击。云服务默认设置和配置问题引入风险。需加强安全管理以确保AI安全可靠。... 2025-8-6 15:0:0 | 阅读: 12 | 收藏 | Tenable Blog - www.tenable.com cloud security tenable workloads adoption

Introducing Tenable AI Exposure: Stop Guessing, Start Securing Your AI Attack Surface read file error: read notes: is a directory... 2025-8-6 12:30:0 | 阅读: 9 | 收藏 | Tenable Blog - www.tenable.com tenable exposure security damien

CVE-2025-54135, CVE-2025-54136: Frequently Asked Questions About Vulnerabilities in Cursor IDE (CurXecute and MCPoison) 文章披露了Cursor代码编辑器的两个漏洞CurXecute和MCPoison，影响其对MCP服务器的处理。这些漏洞可能导致代码执行，并被广泛使用的Fortune 500公司等用户所影响。Cursor已发布更新修复这些问题。... 2025-8-6 02:44:20 | 阅读: 14 | 收藏 | Tenable Blog - www.tenable.com tenable mcp security nessus cloud

Frequently Asked Questions About SonicWall Gen 7 Firewall Ransomware Activity 近期针对 SonicWall Gen 7 防火墙的勒索软件攻击增多，可能与 SSL VPN 的零日漏洞有关。Akira 勒索软件被用于攻击，即使启用多因素认证也难挡攻击。SonicWall 建议禁用 SSL VPN 或采取缓解措施。目前尚未有补丁或 CVE 编号发布。... 2025-8-5 22:6:25 | 阅读: 10 | 收藏 | Tenable Blog - www.tenable.com ransomware firewalls tenable security wolf

The White House AI Action Plan: A Critical Opportunity to Secure the Future read file error: read notes: is a directory... 2025-8-5 12:59:59 | 阅读: 25 | 收藏 | Tenable Blog - www.tenable.com security tenable exposure robert

In Cybersecurity, We Have to Work Together 文章指出，未来的网络安全依赖于开放、协作的平台整合行业最佳解决方案。传统孤立的安全方法已过时，需结合新策略主动保护复杂环境。Tenable One通过300多个集成提供统一风险管理和攻击路径可视化，帮助组织更高效地应对威胁。... 2025-8-5 10:0:0 | 阅读: 13 | 收藏 | Tenable Blog - www.tenable.com security tenable exposure unified siloed

How Exposure Management Moves Beyond Vulnerability Scans to A Unified View of Risk read file error: read notes: is a directory... 2025-8-4 13:0:0 | 阅读: 20 | 收藏 | Tenable Blog - www.tenable.com exposure security unified tenable webinar

Cybersecurity Snapshot: AI Security Trails AI Usage, Putting Data at Risk, IBM Warns, as OWASP Tackles Agentic AI App Security Check out fresh insights on AI data security from IBM’s “Cost of a Data Breach Report 2025.” Plus, O... 2025-8-1 13:0:0 | 阅读: 35 | 收藏 | Tenable Blog - www.tenable.com security scattered spider agentic

Applying Tenable’s Risk-based Vulnerability Management to the Australian Cyber Security Centre's Essential Eight read file error: read notes: is a directory... 2025-7-30 00:30:0 | 阅读: 27 | 收藏 | Tenable Blog - www.tenable.com tenable security maturity

Identity is the New Perimeter: Why Your IdP Isn’t Enough 文章探讨了身份识别在云安全中的核心作用，并指出尽管身份提供商（如Okta、Microsoft Entra ID和Google Cloud Identity）增强了认证和授权机制，但组织仍面临过度权限、休眠凭证和配置错误的信任策略等关键风险。Tenable Cloud Security通过持续发现、风险映射和实施最小权限原则等措施，帮助组织弥补这些安全漏洞。... 2025-7-29 13:0:0 | 阅读: 17 | 收藏 | Tenable Blog - www.tenable.com tenable cloud security nessus accuracy

Tenable Is Named a Gartner Peer Insights Customers’ Choice for the Vulnerability Assessment Market read file error: read notes: is a directory... 2025-7-28 12:29:59 | 阅读: 19 | 收藏 | Tenable Blog - www.tenable.com tenable security reviews flexibility

The Keys to Implementing Exposure Management Tenable的网络研讨会探讨了企业在实施风险暴露管理平台时的顾虑，包括证明 ROI、工具集成复杂性和资源不足。通过统一数据源、API 集成和分阶段部署等方法，企业可有效克服这些挑战，提升安全效率和业务价值。... 2025-7-28 10:30:0 | 阅读: 19 | 收藏 | Tenable Blog - www.tenable.com exposure security tenable unified webinar

Cybersecurity Snapshot: SharePoint Attacks Trigger Urgent Patching Calls, While U.S. Gov’t Unveils AI Innovation Plan 文章概述了本周网络安全动态，包括SharePoint漏洞紧急修复、白宫AI创新计划强调安全、CISA警告Interlock勒索软件风险、凭据与无凭据扫描调查结果、Q2勒索ware攻击下降但活跃团伙增加以及Q2最常见恶意软件排名。... 2025-7-25 13:0:0 | 阅读: 33 | 收藏 | Tenable Blog - www.tenable.com ransomware security microsoft interlock

Narrowing the Focus: Enhancements to Tenable VPR and How It Compares to Other Prioritization Models Tenable发布增强版漏洞优先级评分（VPR），引入丰富威胁情报、AI驱动见解及上下文元数据。改进后VPR识别当前或潜在被利用CVE效率翻倍，并与现有策略对比显示其覆盖范围和效率更优。... 2025-7-24 13:15:0 | 阅读: 20 | 收藏 | Tenable Blog - www.tenable.com vpr cves enhanced probability prioritized

Tackling Shadow AI in Cloud Workloads 随着企业对云AI系统的采用激增，保护这些系统成为网络安全团队的首要任务。影子AI——未经批准使用AI应用和服务的现象——已成为关键威胁。员工未经授权使用AI工具导致数据治理和合规性问题。通过提高对所有AI资产的可见性和收紧访问控制与权限管理，可以有效应对影子AI威胁。... 2025-7-23 14:0:0 | 阅读: 22 | 收藏 | Tenable Blog - www.tenable.com cloud security tenable shadow

Forrester Names Tenable a Leader in the Q3 2025 Unified Vulnerability Management Solutions Wave™ Report Tenable凭借其Tenable One平台在统一漏洞管理领域表现卓越，被Forrester评为领导者，并在战略和路线图方面获得最高评分。该平台整合了多源安全数据，助力客户实现主动风险管理，并通过收购Vulcan Cyber进一步增强能力。... 2025-7-21 14:29:29 | 阅读: 19 | 收藏 | Tenable Blog - www.tenable.com tenable forrester security unified proactive