"The one who wields the fire power is destined to save the world, but Owen Johnson has turned his back on that life. But after the Dragon's Claw's attack, Owen and his family are reeling from the loss— and more danger lurks on the horizon!" -- Description provided by publisher.

"Sheriff Mal Reynolds has a new partner— a law enforcing robot from the Blue Sun corporation, who doesn't care about motives, about mercy, about anything other than enforcing the law— no matter the cost. The Blue Sun Corporation has helped to run the universe from the shadows for years, but they're ready to step into the light and take over. If Mal wants to keep his job and protect his sector, the smart move would be to play by their rulebook. But for Mal, there's really one choice— reunite the crew of the Serenity for one last impossible job to save the 'verse. Greg Pak and artist Dan McDaid launch Mal & the crew of Serenity into their biggest war yet, officially continuing Joss Whedon's acclaimed series." -- Provided by publisher.

"When 18-year-old Klaus gets himself kicked out of the Umbrella Academy and his allowance discontinued, he heads to a place where his ghoulish talents will be appreciated— Hollywood. But after a magical high on a stash stolen from a vampire drug lord, Klaus needs help, and doesn't have his siblings there to save him." -- Provided by publisher.

"The stage is set for the final battle as the first ever Firefly event concludes, with Sheriff Mal Reynolds— yeah, he's still getting used to it too— making a choice that may cost him those he loves most, whether he knows it or not … Shocking losses lead to stunning decisions as Mal and the crew of Serenity must face the consequences of their choices in war against the Blue Sun Corporation. The 'Verse is changing in ways no one ever expected— and a new chapter of Firefly begins here." -- Provided by publisher.

"France spirals towards a civil war, as nobles continue to ignore the people of France. Noblewoman Oscar Fraṅois de Jarjayes is forced to reconsider her life as a soldier and a woman, her loyalties and her love. Marie Antoinette and the royal family seek escape, while Robespierre and the National Assembly take up arms and demand democracy." -- Provided by publisher.

With a month to go, we’ve been busy behind the scenes planning for this year’s

In true adherence to the age old phrase 'let them eat cake' and its traditional application to the under-funded and under-fed masses, for SpotOn London cakes were duly provided much to the enjoyment of the delegates. Since this act generated its own hashtag, it also deserves a Story...

Carl Herbold is a cold-blooded psychopath who has just escaped the penitentiary where he was serving a life sentence. Bent on revenge, he's going back to where he began--Blewer County, Texas... Born deaf, lately widowed, Anna Corbett fights to keep the ranch that is her son's birthright, unaware that she is at the center of Herbold's horrific scheme--and that her world of self-imposed isolation is about to explode... Drifter Jack Sawyer arrives at Anna's ranch asking for work, hoping to protect the innocent woman and her son from Herbold's rage. But Sawyer can't outrun the secrets that stalk him--or the day of reckoning awaiting them all...

This New York Times and USA TODAY bestseller, is a collaboration between twenty bestselling mystery novelists who have joined forces to create a spellbinding story of love, betrayal, and intrigue. Pericles "Perry" Christo is a PI with a past-a former cop who lost his badge and his family when a corruption scandal left him broke and disgraced. So when wealthy Upper East Side matron Julia Drusilla summons him one cold February night, he grabs what seems to be a straightforward (and lucrative) case. The socialite is looking for her beautiful, aimless daughter, Angelina, who is about to become a very wealthy young woman. But as Christo digs deeper, he discovers there's much more to the lovely "Angel" than meets the eye. This classic noir tale twists and turns down New York's mean streets and along Hamptons' beaches and back roads during a bitterly cold and gray winter where nothing is as it seems and everyone has something to hide. In this inventive "serial novel" storytelling approach, each of the twenty bestselling writers brings his or her distinctive voice to a chapter of Inherit the Dead, building the tension to a shocking, explosive finale. The editor, Jonathan Santlofer, has arranged to donate any royalties in excess of editor and contributor compensation to Safe Horizon, the leading victim assistance agency in the country.

The singular journey of Odd Thomas is approaching its unforgettable conclusion in Saint Odd. But before Odd's destiny is revealed, this exclusive eBook short story looks back-way back-to where it all began for Odd Thomas and Stormy Llewellyn, two souls who are destined to be together forever. Amid the dizzying rides, tantalizing games of chance, and fanciful attractions of a state fair, two teenage sweethearts on the cusp of life and love's pleasures find their way to a shadowy carnival tent brimming with curiosities. There, from the bizarre and enthralling Gypsy Mummy, a mechanized merchant of dreams and prognosticator of tomorrows, the young couple learns what fate promises for them. But fate, for Odd Thomas and Stormy Llewellyn, is something altogether different: full of dark corners, sharp edges, and things no seer or soothsayer could ever anticipate. And for Odd Thomas, a gallant fry cook from a sleepy California desert town, the future beckons-to listen to unquiet spirits, pursue unsettling mysteries, and learn shocking truths ...for a purpose far greater than himself.

Modern ideas get tangled up with traditional ones in the latest intriguing installment in the beloved, best-selling No. 1 Ladies' Detective Agency series. Precious Ramotswe has taken on two puzzling cases. First she is approached by the lawyer Mma Sheba, who is the executor of a deceased farmer's estate. Mma Sheba has a feeling that the young man who has stepped forward may be falsely impersonating the farmer's nephew in order to claim his inheritance. Mma Ramotswe agrees to visit the farm and find out what she can about the self-professed nephew. Then the proprietor of the Minor Adjustment Beauty Salon comes to Mma Ramotswe for advice. The opening of her new salon has been shadowed by misfortune. Not only has she received a bad omen in the mail, but rumors are swirling that the salon is using dangerous products that burn people's skin. Could someone be trying to put the salon out of business? Meanwhile, at the office, Mma Ramotswe has noticed something different about Grace Makutsi lately. Though Mma Makutsi has mentioned nothing, it has become clear that she is pregnant . . . But in Botswana-a land where family has always been held above all else-this may be cause for controversy as well as celebration. With genuine warmth, sympathy, and wit, Alexander McCall Smith explores some tough questions about married life, parenthood, grief, and the importance of the traditions that shape and guide our lives. This is the fourteenth installment in the series. This ebook edition includes a Reading Group Guide.

One of beloved author Debbie Macomber's classic novels, this is a heartwarming story of hope and possibility. Skye Garvin treasures her work as a volunteer in the pediatric ward of the local hospital. Bringing even a small amount of joy to a suffering child-whether through her playful attitude or her gift for music-is a blessing that Skye cherishes. But due to overcrowding, her favorite young patient's new roommate is an adult-a man who catches Skye completely off guard. Despite his gruff exterior, Skye is compelled to help the unnerving man. But the old scars of personal tragedy-and a fundamental difference of faith-might undermine Skye's chances at a happy ending. Jordan Kiley can't imagine anything more frustrating than his current situation. A car accident has left him confined to a hospital bed, his arm painfully pinned in traction. He can't even feed himself. But when he first lays eyes on the beautiful volunteer, he knows there are far greater challenges awaiting him. Astutely, he senses that Skye's sparkling wit hides a heart that has been unbearably broken. And Jordan has deep secrets of his own. Can he convince Skye that she is worthy of love-and earn her heart in the process?

Find out what happened after the conclusion of the #1 New York Times bestselling Sookie Stackhouse series. Dead Ever After marked the end of the Sookie Stackhouse series-novels that garnered millions of fans and spawned the hit HBO television show True Blood. It also stoked a hunger that will never die...a hunger to know what happened next. With characters arranged alphabetically-from the Ancient Pythoness to Bethany Zanelli-bestselling author Charlaine Harris takes fans into the future of their favorite residents of Bon Temps and environs. You'll learn how Michele and Jason's marriage fared, what happened to Sookie's cousin Hunter, and whether Tara and JB's twins grew up to be solid citizens. This coda provides the answers to your lingering questions-including details of Sookie's own happily-ever-after...

THE FINAL NOVEL IN THE #1 NEW YORK TIMES BESTSELLING SOOKIE STACKHOUSE SERIES! When a shocking murder rocks the small town of Bon Temps, Louisiana, psychic cocktail waitress Sookie Stackhouse learns that she has more than one enemy waiting to get vengeance for the past, because nothing is ever clear-cut in Bon Temps. What passes for truth is only a convenient lie. What passes for justice is more spilled blood. And what passes for love is never enough...

Harlan Coben explores the dangers of obsession in this #1 New York Times bestselling masterpiece of modern suspense. Six years have passed since Jake Fisher watched Natalie, the love of his life, marry another man. Six years of hiding a broken heart by throwing himself into his career as a college professor. Six years of keeping his promise to leave Natalie alone, and six years of tortured dreams of her life with her new husband, Todd. But six years haven't come close to extinguishing his feelings, and when Jake comes across Todd's obituary, he can't keep himself away from the funeral. There he gets the glimpse of Todd's wife he's hoping for...but she is not Natalie. As Jake searches for the truth, his picture-perfect memories of Natalie begin to unravel. Mutual friends of the couple either can't be found, or don't remember Jake. No one has seen Natalie in years. And soon, Jake's search for the woman who broke his heart puts his very life at risk as he uncovers the secrets and lies that love can hide...

"Rita Mae Brown and her feline co-author Sneaky Pie Brown are back chasing mystery with their unique circle of Southern sleuths. And though the changing colors of fall are a beauty to behold, this year the scattered leaves hide a grim surprise. Autumn is in the air in the Blue Ridge Mountain community of Crozet, Virginia--and all the traditions of the changing seasons are under way. Mary Minor "Harry" Haristeen cleans her cupboards, her husband, Fair, prepares the horses for the shorter days ahead, and the clamorous barking of beagles signals the annual rabbit chase through the central Virginia hills. But the last thing the local beaglers and their hounds expect to flush out is a dead body. Disturbingly, it's the second corpse to turn up, after that of a missing truck driver too disfigured to identify. The deaths seem unrelated--until Harry picks up a trail of clues dating back to the state's post-Revolutionary past. The echoes of the Shot Heard Round the World pale in comparison to the dangerous shootout Harry narrowly escapes unscathed. Next time, it may be the killer who gets lucky. But not if Harry's furry friends Mrs. Murphy, Pewter, and Tucker can help it. Lending their sharp-nosed talents to the hunt, they'll help their mistress keep more lives from being lost--and right an injustice buried since the early days of America's independence. "As feline collaborators go, you couldn't ask for better than Sneaky Pie Brown."--The New York Times Book Review"-- Provided by publisher.

TORONTO – The Ontario Securities Commission (OSC) is warning the public about aggressive promotion of Crestview Exploration Inc.

https://www.youtube.com/watch?v=UHhFYrwJjow

https://www.youtube.com/watch?v=Ata12_CZy4A

Africa’s population is the youngest of any region, with more than 400 million young people aged 15 to 35 out of a total of 1.5 billion. But even though rising numbers of this cohort—a “youth bulge”—enter the labor market every year, African economies a... Source: IFPRI Malawi: Malawi Strategy Support Program

Date: Tuesday December 3 Time: 09:00 AM-01:00 PM Location: Steigenberger Tahrir, Diamond Hall This event is organized in collaboration between Sawiris Foundation for Social Development (SFSD), the International Food Policy Research Institute (IFPRI), a... Source: IFPRI Egypt Country Office

The CGIAR Initiative on National Policies and Strategies (NPS) presents: 'Livestock, Gender, and Agency Amid Conflict in Ethiopia' 📅 Dec 11, 2024, ILRI Info Center, Addis Ababa. Join us as we discuss CGIAR NPS’s latest findings to guide policies that strengthen Ethiopia’s livestock sector. CGIAR International Food Policy Research Institute (IFPRI) International Livestock Research Institute (ILRI) Policy Studies Institute […] Source: IFPRI Ethiopia: Ethiopia Strategy Support Program

Desde el inicio de la pandemia del COVID-19, los productores agrícolas de Guatemala han afrontado múltiples restricciones de movimiento tanto locales como nacionales, así como también disrupciones en las cadenas de valor agrícolas. Asimismo, los productores han estado expuestos a varios choques externos como las tormentas tropicales de ETA e IOTA hacia finales de 2020 y el reciente conflicto bélico en Europa del Este y crisis de precios.

After several successful years of bringing science communicators together in London and New York, the

"In Taisho-era Japan, kindhearted Tanjiro Kamado makes a living selling charcoal. But his peaceful life is shattered when a demon slaughters his entire family. His little sister Nezuko is the only survivor, but she has been transformed into a demon herself! Tanjiro sets out on a dangerous journey to find a way to return his sister to normal and destroy the demon who ruined his life … After their initial confrontation with Kokushibo, the most powerful of Muzan's demons, Tokito is severely wounded and Genya has been cut in half— but is still alive! Can his regenerative power heal even this fatal wound? Then the Hashira Himejima and Sanemi square off against Kokushibo and unleash all the skill they have against him. Himejima is blind, but if he can see into the Transparent World, he might have a chance. Who will survive this whirlwind of flashing blades?"-- Provided by publisher.

"In Taisho-era Japan, Tanjiro Kamado is a kindhearted boy who makes a living selling charcoal. But his peaceful life is shattered when a demon slaughters his entire family. His little sister Nezuko is the only survivor, but she has been transformed into a demon herself! Tanjiro sets out on a dangerous journey to find a way to return his sister to normal and destroy the demon who ruined his life … Tanjiro finally chases down the main body of the upper-rank demon Hantengu. However, dawn is approaching, and the rising sun is a threat to Nezuko. Tanjiro's concern for his sister is a distraction from the focus he needs to fight Hantengu, and if he hesitates it could be the last mistake he ever makes! Elsewhere, Tamayo ponders the nature of Nezuko's curse and how she could be so different from other demons." -- Provided by publisher

On the very day of his wedding to the beautiful Mercedes, a young merchant sailor named Edmond Dantès is falsely imprisoned for life, laying to waste his plans of marriage and hard-earned fortune. Following several long years in prison he has managed to escape and reinvent himself as the mysterious Count of Monte Cristo. It is the reign of Napoleon Bonaparte and the Count has been plotting his revenge on the three men who had him falsely imprisoned. With a new identity, an incredible education abroad and a vast fortune, he has returned completely unrecognizable to those who had committed their crimes against him.

Selina Kyle returns to Gotham City as new socialite Holly Vanderhees, but she needs to outsmart rival Batwing to rise to the top of the city's criminal underbelly.

"Starting off with an attack on S.T.A.R. Labs in Gotham City by a giant robot that steals an entire room of the laboratory— Batman is going to have to stop it before it can cause more harm … and with Lex Luthor freshly back in Gotham— he knows where to start his search. Will Batman be able to topple the billionaire before he leaves Gotham?" -- Provided by publisher.

"A brilliant general in the service of Venice, Othello is also the new husband of the adoring— and young— Desdemona, whose innocent hero worship has blossomed into love. But can a beautiful girl, so much younger than her husband, truly be faithful? Othello's trusted ensign Iago seems to think not. Can Othello trust him? Can Othello trust anyone? Manga Classics presents Shakespeare's classic story of love, hate, vengeance, and betrayal, in its full, original glory!" -- Description provided by publisher.

"Harvey Dent is dead. Or is he? A gang of thieves thrusts Gotham City into a state of fear when they are mysteriously well armed with military-grade weapons: flamethrowers, grenade launchers, and even tanks. And this gang claims it is funded by none other than former district attorney Harvey Dent. Bruce Wayne, balancing his two lives, must find the truth by tapping his growing network of agents, including Alfred Pennyworth, Jim Gordon, Waylon 'Killer Croc' Jones, and the savvy new Catwoman. Bruce is distracted by the seemingly impossible return of another figure believed dead: his grandfather Adrian Arkham. He must also comfort his longtime friend, Gotham City Mayor Jessica Dent, who is scarred both physically and mentally from her experience with the Riddler, which resulted in the gruesome death of her brother. But is Harvey back, plotting revenge on a city he proclaims to be guilty? When Batman discovers the truth behind these many mysteries, his entire world unravels … ." -- Page [4] of cover.

"Batman: White Knight Presents: Harley Quinn takes place two years after Batman: Curse of the White Knight. Azrael has wiped out criminals in Gotham, Jack Napier (formerly The Joker) is dead, Bruce Wayne (Batman) is in prison, and Harley Quinn is adjusting to life as a single mother, raising the twins she had with Jack. But as new villains arise, Harley is forced to dance with madness once again and confront her own past with The Joker and Batman while helping the Gotham City police and an eager young FBI agent uncover the truth behind a series of gruesome murders. This collection also features a chapter from Harley Quinn's newest digital first series, Harley Quinn Black + White + Red, told in a traditional black-and-white format with the color red uniquely shaping Harley Quinn's story." -- Provided by publisher.

"Sun dreams of money. Moon dreams of scientific discoveries. When their paths cross with Team Skull, both their plans go awry … Lost in an alternate dimension, Sun and Moon battle to help their new friends defend the eternally dark city of Ultra Megalopolis. But then a betrayal deprives them of their transportation home! Meanwhile, what surprising news does Lillie receive?" -- Provided by publisher

"New best friends Cookie and Broccoli are as different as peanut butter and cheese, but that doesn't stop them from taking on the first grade! Together they navigate the first day of school: finding the classroom, making new friends (all various fruits, veggies, and desserts), and silly secret greetings. When Broccoli discovers that Cookie also has shy moments, the two of them come up with the perfect solution— inviting all their classmates to join their Shy Friends Club." -- Provided by publisher.

A first installment in a graphic-novel rendering of Season 10 from the beloved animated series finds Twilight adjusting to new leadership responsibilities by recruiting her friends to help explore potentially dangerous regions throughout Equestria.

"When Amelia Earhart became the first woman to make a solo flight across the Atlantic Ocean in 1932, she immediately became an American icon and a subject of endless fascination for generations to come. In Amelia Earhart: Pioneer of the Sky!, the story of the bold and daring aviator's life is presented in graphic novel format, with full-color illustrations and historically accurate details. From her hardscrabble childhood to her final flight— and mysterious disappearance— Earhart's journey will entertain, captivate, and inspire readers of all ages." -- Provided by publisher

IntroductionThe members of the Canadian Securities Administrators (the CSA or we) are publishing for comment proposed amendments to National Instrument 94-101 Mandatory Central Counterparty Clearing of Derivatives (National Instrument 94

Recently I had the pleasure of engaging several events focusing on the intersection of food, nutrition, and health in China. First, I participated in the 3rd Belt & Road Initiative Global Health International Congress, held in Xi’an, which brought together stakeholders with a vision to strengthen exchanges and cooperation in health research for the Belt […]

Ethiopia’s agricultural sector, which is dominated by smallscale, mixed crop, and livestock farming, is the mainstay of the country’s economy. It constitutes more than half the nation’s gross domestic product (GDP), generates more than 85 percent of the foreign exchange earnings, and employs about 80 percent of the population. Ethiopia’s dependence on agriculture makes the country particularly vulnerable to the adverse impacts of climate change on crop and livestock production.

 New research conducted by Tenable®, Inc., the exposure management company, has uncovered more than 26,500 potential internet-facing assets among Southeast Asia’s top banking, financial services and insurance (BFSI) companies by market capitalisation across Indonesia, Malaysia, the Philippines, Singapore, Thailand and Vietnam.

On July 15, 2024, Tenable examined the external attack surface of over 90 BFSI organisations with the largest market capitalisations across the region. The findings revealed that the average organisation possesses nearly 300 internet-facing assets susceptible to potential exploitation, resulting in a total of more than 26,500 assets across the study group.

Singapore ranked the highest among the six countries assessed, with over 11,000 internet-facing assets identified across its top 16 BFSI companies. Over 6,000 of those assets are hosted in the United States. Next on the list is Thailand with over 5000 assets. The distribution of internet-accessible assets underscores the need for cybersecurity strategies that adapt to the rapidly evolving digital landscape.

“The results of our study reveal that many financial institutions are struggling to close the priority security gaps that put them at risk. Effective exposure management is key to closing these gaps,” said Nigel Ng, Senior Vice President, Tenable APJ. “By identifying and securing vulnerable assets before they can be exploited, organisations can better protect themselves against the growing tide of cyberattacks.” 

Cyber Hygiene Gaps 
The Tenable study revealed many potential vulnerabilities and exposed several cyber hygiene issues among the study group, including outdated software, weak encryption, and misconfigurations. These vulnerabilities provide cybercriminals with easily exploitable potential entry points, posing potential risk to the integrity and security of financial data. 

Weak SSL/TLS encryption 

A notable finding is that among the total assets, organisations had nearly 2,500 still supporting TLS 1.0—a 25-year old security protocol introduced in 1999 and disabled by Microsoft in September 2022. This highlights the significant challenge organisations with extensive internet footprints face in identifying and updating outdated technologies.

Misconfiguration increases external exposure

Another concerning discovery was that over 4,000 assets, originally intended for internal use, were inadvertently exposed and are now accessible externally. Failing to secure these internal assets poses a significant risk to organisations, as it creates an opportunity for malicious actors to target sensitive information and critical systems.

Lack of encryption 

There were over 900 assets with unencrypted final URLs, which can present a security weakness. When URLs are unencrypted, the data transmitted between the user's browser and the server is not protected by encryption, making it vulnerable to interception, eavesdropping, and manipulation by malicious actors. This lack of encryption can lead to the exposure of sensitive information, such as login credentials, personal data, or payment details, and can compromise the integrity of the communication.

API vulnerabilities amplify risk

The identification of over 2,000 API v3 out of the total number of assets among organisations' digital infrastructure poses a substantial risk to their security and operational integrity.

APIs serve as crucial connectors between software applications, facilitating seamless data exchange. However, inadequate authentication, insufficient input validation, weak access controls, and vulnerabilities in dependencies within API v3 implementations create a vulnerable attack surface.

Malicious actors can exploit such weaknesses to gain unauthorised access, compromise data integrity, and launch devastating cyber attacks.

“The cybersecurity landscape is evolving faster than ever, and financial institutions must evolve with it, so they can know where they are exposed and take action to close critical risk” Ng added. “By prioritising exposure management, these organisations can better protect their digital assets, safeguard customer trust, and ensure the resilience of their operations in an increasingly hostile digital environment.”

About Tenable
Tenable® is the exposure management company, exposing and closing the cybersecurity gaps that erode business value, reputation and trust. The company’s AI-powered exposure management platform radically unifies security visibility, insight and action across the attack surface, equipping modern organizations to protect against attacks from IT infrastructure to cloud environments to critical infrastructure and everywhere in between. By protecting enterprises from security exposure, Tenable reduces business risk for more than 44,000 customers around the globe. Learn more at tenable.com. 

Notes to Editors:

1. Tenable examined the top 12-16 BFSI companies discoverable based on market cap. 
2. In the context of this alert:

• An asset is a domain name, subdomain, or IP addresses and/or combination thereof of a device connected to the Internet or internal network. An asset may include, but not limited to web servers, name servers, IoT devices, network printers, etc. Example: foo.tld, bar.foo.tld, x.x.x.xs.
• The Attack Surface is from the network perspective of an adversary, the complete asset inventory of an organisation including all actively listening services (open ports) on each asset.

Tenable®, the exposure management company, announced today that Shelly Raban, senior cloud security researcher for Tenable, will give a presentation at fwd:cloudsec Europe 2024, taking place on 17 September, 2024 in Brussels, Belgium.

During the session titled, “Who Watches the Watchmen? Stealing Credentials from Policy-as-Code Engines (and Beyond),” Raban will explore techniques adversaries use to exploit modern policy-as-code and Infrastructure-as-code (IaC) domain-specific languages (DSLs), compromise cloud identities and exfiltrate sensitive data. Raban will conclude her presentation by sharing various detection strategies that cyber defenders can implement to detect malicious activity. 

The session will be hosted in the Main Room from 2:50 - 3:10 pm CEST. 

More information on the event is available on the fwd:cloudsec Europe website. 

More information about Tenable Cloud Security is available at: https://www.tenable.com/products/tenable-cloud-security 

About Tenable

Tenable® is the exposure management company, exposing and closing the cybersecurity gaps that erode business value, reputation and trust. The company’s AI-powered exposure management platform radically unifies security visibility, insight and action across the attack surface, equipping modern organizations to protect against attacks from IT infrastructure to cloud environments to critical infrastructure and everywhere in between. By protecting enterprises from security exposure, Tenable reduces business risk for more than 44,000 customers around the globe. Learn more at tenable.com. 

###

Media Contact:

Tenable

tenablepr@tenable.com

Tenable®, the exposure management company, today announced the release of AI Aware, advanced detection capabilities designed to rapidly surface artificial intelligence solutions, vulnerabilities and weaknesses available in Tenable Vulnerability Management, the world’s #1 vulnerability management solution. Tenable AI Aware provides exposure insight into AI applications, libraries and plugins so organizations can confidently expose and close AI risk, without inhibiting business operations.

The rapid development and adoption of AI technologies in the past two years has introduced major cybersecurity and compliance risks that organizations must proactively address without established best practices. As a result, cybersecurity teams face significant AI-related challenges, such as vulnerability detection and remediation, containing data leakage and reining in unauthorized AI use. 

According to recent Tenable Research, more than one-third of security teams are finding usage of AI applications in their environment that might not have been provisioned via formal processes. In fact, during a 75-day period between late June and early September, Tenable found over 9 million instances of AI applications on more than 1 million hosts. The cybersecurity risk of unfettered AI usage is compounded by the increasing volume of AI vulnerabilities. Tenable Research has found and disclosed several vulnerabilities in AI solutions, including in Microsoft Copilot, Flowise, Langflow, among others.

With AI Aware, Tenable transforms proactive security for AI solutions. Tenable AI Aware uniquely leverages agents, passive network monitoring, dynamic application security testing and distributed scan engines to detect approved and unapproved AI software, libraries and browser plugins, along with associated vulnerabilities, thereby mitigating risks of exploitation, data leakage and unauthorized resource consumption. The combined depth of these multiple assessment methods delivers the most complete detection of AI in the modern ecosystem. 

[Watch the Tenable AI Aware product demo video here.]

“In an effort to keep pace with the sea change introduced by AI, organizations around the world ran full speed ahead, potentially bypassing countless cybersecurity, privacy and compliance red flags,” said Shai Morag, chief product officer, Tenable. “Perhaps more so than with any other new technology we’ve seen, there are many risk factors to consider, especially with rushed development and deployment. Tenable AI Aware empowers organizations to deploy AI confidently, ensuring their security measures keep pace with the rapid evolution of AI technologies.”

In addition to AI software and vulnerability detection, key AI Aware features available in Tenable Vulnerability Management, Tenable Security Center and Tenable One include:

• Dashboard Views provide a snapshot of the most common AI software discovered in the ecosystem, top assets with vulnerabilities related to AI and the most common communication ports leveraged by AI technologies. 
• Shadow Software Development Detection illuminates the unexpected existence of the building blocks of AI development in the environment, enabling businesses to align initiatives with organizational best practices.
• Filter Findings for AI Detections enable teams to focus on AI-related findings when reviewing vulnerability assessment results. Combined with the power of Tenable Vulnerability Prioritization Rating (VPR), teams can effectively assess and prioritize vulnerabilities introduced by AI packages and libraries. 
• Asset-Centric AI-Inventory provides a complete inventory of AI-related packages, libraries and browser plugins while reviewing the detailed profile of an asset. 

Join the upcoming Tenable webinar titled, "Mitigating AI-Related Security Risks: Insights and Strategies with Tenable AI Aware" on October 9, 2024 at 11:00 am ET, by registering here.

More information on Tenable AI Aware is available at: https://www.tenable.com/products/vulnerability-management/ai-aware 

About Tenable

Tenable® is the exposure management company, exposing and closing the cybersecurity gaps that erode business value, reputation and trust. The company’s AI-powered exposure management platform radically unifies security visibility, insight and action across the attack surface, equipping modern organizations to protect against attacks from IT infrastructure to cloud environments to critical infrastructure and everywhere in between. By protecting enterprises from security exposure, Tenable reduces business risk for more than 44,000 customers around the globe. Learn more at tenable.com. 

###

Media Contact:

Tenable

tenablepr@tenable.com

Tenable®, the exposure management company, today released its 2024 Tenable Cloud Risk Report, which examines the critical risks at play in modern cloud environments. Most alarmingly, nearly four in 10 organizations globally are leaving themselves exposed at the highest levels due to the “toxic cloud trilogy” of publicly exposed, critically vulnerable and highly privileged cloud workloads. Each of these misalignments alone introduces risk to cloud data, but the combination of all three drastically elevates the likelihood of exposure access by cyber attackers.

Security gaps caused by misconfigurations, risky entitlements and vulnerabilities combine to dramatically increase cloud risk. The Tenable Cloud Risk Report provides a deep dive into the most pressing cloud security issues observed in the first half of 2024, highlighting areas such as identities and permissions, workloads, storage resources, vulnerabilities, containers and Kubernetes. It also offers mitigation guidance for organizations seeking ways to limit exposures in the cloud.

Publicly exposed and highly privileged cloud data lead to data leaks. Critical vulnerabilities exacerbate the likelihood of incidents. The report reveals that a staggering 38% of organizations have cloud workloads that meet all three of these toxic cloud trilogy criteria, representing a perfect storm of exposure for cyber attackers to target. When bad actors exploit these exposures, incidents commonly include application disruptions, full system takeovers, and DDoS attacks that are often associated with ransomware. Scenarios like these could devastate an organization, with the 2024 average cost of a single data breach approaching $5 million.¹ 

Additional key findings from the report include: 

• 84% of organizations have risky access keys to cloud resources: The majority of organizations (84.2%) possess unused or longstanding access keys with critical or high severity excessive permissions, a significant security gap that poses substantial risk. 
• 23% of cloud identities have critical or high severity excessive permissions: Analysis of Amazon Web Services (AWS), Google Cloud Platform (GCP) and Microsoft Azure reveals that 23% of cloud identities, both human and non-human, have critical or high severity excessive permissions. 
• Critical vulnerabilities persist: Notably, CVE-2024-21626, a severe container escape vulnerability that could lead to the server host compromise, remained unremediated in over 80% of workloads even 40 days after its publishing. 
• 74% of organizations have publicly exposed storage: 74% of organizations have publicly exposed storage assets, including those in which sensitive data resides. This exposure, often due to unnecessary or excessive permissions, has been linked to increased ransomware attacks. 
• 78% of organizations have publicly accessible Kubernetes API servers: Of these, 41% also allow inbound internet access. Additionally, 58% of organizations have cluster-admin role bindings — which means that certain users have unrestricted control over all the Kubernetes environments.

“Our report reveals that an overwhelming number of organizations have access exposures in their cloud workloads of which they may not even be aware,” said Shai Morag, chief product officer, Tenable. “It’s not always about bad actors launching novel attacks. In many instances, misconfigurations and over-privileged access represent the highest risk for cloud data exposures. The good news is, many of these security gaps can be closed easily once they are known and exposed.”

The report reflects findings by the Tenable Cloud Research team based on telemetry from millions of cloud resources across multiple public cloud repositories, analyzed from January 1 through June 30, 2024.

To download the report today, please visit: https://www.tenable.com/cyber-exposure/tenable-cloud-risk-report-2024 

¹ IBM Security Cost of a Data Breach Report 2024

About Tenable

Tenable® is the exposure management company, exposing and closing the cybersecurity gaps that erode business value, reputation and trust. The company’s AI-powered exposure management platform radically unifies security visibility, insight and action across the attack surface, equipping modern organizations to protect against attacks from IT infrastructure to cloud environments to critical infrastructure and everywhere in between. By protecting enterprises from security exposure, Tenable reduces business risk for more than 44,000 customers around the globe. Learn more at tenable.com. 

###

Media Contact:

Tenable

tenablepr@tenable.com

Tenable®, the exposure management company, today announced that it has been ranked first for 2023 worldwide market share for device vulnerability management in the IDC Worldwide Device Vulnerability Management Market Shares (doc #US51417424, July 2024) report. This is the sixth consecutive year Tenable has been ranked first for market share.

According to the IDC market share report, Tenable is ranked first in global 2023 market share and revenue. Tenable credits its success to its strategic approach to risk management, which includes a suite of industry-leading exposure management solutions that expose and close security gaps, safeguarding business value, reputation and trust. The Tenable One Exposure Management Platform, the world’s only AI-powered exposure management platform, radically unifies security visibility, insight and action across the modern attack surface – IT, cloud, OT and IoT, web apps and identity systems.

According to the IDC market share report, “The top 3 device vulnerability management vendors remained the same in 2023 as previous years, with Tenable once again being the top vendor.”

The report highlighted Tenable’s use of generative AI, noting, “ExposureAI, available as part of the Tenable One platform, provides GenAI-based capabilities that include natural language search queries, attack path and asset exposure summaries, mitigation guidance suggestions, and a bot assistant to ask specific questions about attack path results.”

Tenable’s latest innovations in the vulnerability management market – Vulnerability Intelligence and Exposure Response – were also highlighted in the report, stating, “Vulnerability Intelligence provides dynamic vulnerability information collected from multiple data sources and vetted by Tenable researchers, while Exposure Response enables security teams to create campaigns based on risk posture trends so remediation progress can be monitored internally.”

The report also spotlighted the Tenable Assure Partner Program and MDR partnerships, noting, “Tenable has made more of a strategic effort to recruit managed security service providers (SPs) and improve the onboarding experience for them, as well as their customers. Managed detection and response (MDR) providers have been adding proactive exposure management because it helps shrink the customer attack surface, helping them provide better outcomes. Sophos and Coalfire are recently announced partners adding managed exposure management services to their MDR and pen testing services, respectively.”

“At Tenable, we build products for a cloud-first, platform centric world, meeting customers' evolving risk management needs,” said Shai Morag, chief product officer, Tenable. “We leverage cutting edge technology, innovating across our portfolio to help customers know, expose and close priority security gaps that put businesses at risk.” 

"The device vulnerability management market is characterized by a focus on broader exposure management, with a number of acquisitions to round out exposure management portfolios," said Michelle Abraham, senior research director, Security and Trust at IDC. "Vendors are advised to enhance their offerings with additional security signals and automated remediation workflows to stay competitive in this evolving landscape."

To read an excerpt of the IDC market share report, visit https://www.tenable.com/analyst-research/idc-worldwide-device-vulnerability-management-market-share-report-2023 

About Tenable

Tenable® is the exposure management company, exposing and closing the cybersecurity gaps that erode business value, reputation and trust. The company’s AI-powered exposure management platform radically unifies security visibility, insight and action across the attack surface, equipping modern organizations to protect against attacks from IT infrastructure to cloud environments to critical infrastructure and everywhere in between. By protecting enterprises from security exposure, Tenable reduces business risk for more than 44,000 customers around the globe. Learn more at tenable.com. 

###

Media Contact:

Tenable

tenablepr@tenable.com

It is a blustery spring day, and Mouse and Mole are very excited. They are going to go bird watching and plan to make bird books. It turns out, birds are not so easy to watch. Together, they come up with a plan to get closer to the birds.

Cynthia Rylant's 19th Mr. Putter & Tabby book has all the sly, sweet humor that has made the series a huge success. In Mr. Putter & Tabby Clear the Decks, Mr. Putter and his fine cat Tabby are itchy. Not because of fleas, but because it's hot, they're bored, and they're out of orangesicles. So when their neighbor Mrs. Teaberry suggests a sightseeing cruise, they're excited about an adventure. The boat makes them feel free! Plus they get orangesicles! But when it's time to go home, there's a little problem with Mrs. Teaberry's good dog Zeke.