Quantcast
Channel: Tenable Blog

Image may be NSFW.
Clik here to view.

CVE-2025-32433: Erlang/OTP SSH Unauthenticated Remote Code Execution...

Proof-of-concept code has been released after researchers disclosed a maximum severity remote code execution vulnerability in Erlang/OTP SSH. Successful exploitation could allow for complete takeover...

View Article


Image may be NSFW.
Clik here to view.

Turn to Exposure Management to Prioritize Risks Based on Business Impact

Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. In this post, Tenable CSO Robert...

View Article


Image may be NSFW.
Clik here to view.

ConfusedComposer: A Privilege Escalation Vulnerability Impacting GCP Composer

Tenable Research discovered a privilege-escalation vulnerability in Google Cloud Platform (GCP) that is now fixed and which we dubbed ConfusedComposer. The vulnerability could have allowed an identity...

View Article

Image may be NSFW.
Clik here to view.

CISA BOD 25-01 Compliance: What U.S. Government Agencies Need to Know

U.S. government agencies are required to bring their Microsoft 365 cloud services into compliance with a recent Binding Operational Directive. Here’s how Tenable can help.OverviewMalicious threat...

View Article

Image may be NSFW.
Clik here to view.

Verizon 2025 DBIR: Tenable Research Collaboration Shines a Spotlight on CVE...

The 2025 Verizon Data Breach Investigations Report (DBIR) reveals that vulnerability exploitation was present in 20% of breaches — a 34% increase year-over-year. To support the report, Tenable Research...

View Article


Image may be NSFW.
Clik here to view.

Stronger Cloud Security in Five: How To Protect Your Cloud Workloads

In the first installment of Tenable’s “Stronger Cloud Security in Five” blog series, we covered cloud security posture management (CSPM), which focuses on protecting your multi-cloud infrastructure by...

View Article

Image may be NSFW.
Clik here to view.

Despite Recent Security Hardening, Entra ID Synchronization Feature Remains...

Microsoft synchronization capabilities for managing identities in hybrid environments are not without their risks. In this blog, Tenable Research explores how potential weaknesses in these...

View Article

Image may be NSFW.
Clik here to view.

Cybersecurity Snapshot: Verizon DBIR Finds Attackers Feast on Vulnerability...

Check out highlights from this year’s Verizon DBIR, including a surge in zero-day exploits targeting edge devices and VPNs. Plus, find out what’s new in the latest version of MITRE ATT&CK. Also,...

View Article


Image may be NSFW.
Clik here to view.

CVE-2025-31324: Zero-Day Vulnerability in SAP NetWeaver Exploited in the Wild

SAP has released out-of-band patch to address CVE-2025-31324, a critical zero-day vulnerability in SAP NetWeaver that has been exploited by threat actors. Organizations are strongly encouraged to apply...

View Article


Image may be NSFW.
Clik here to view.

Reducing Remediation Time Remains a Challenge: How Tenable Vulnerability...

Timely vulnerability remediation is an ongoing challenge for organizations as they struggle to prioritize the exposures that represent the greatest risk to their operations. Existing scoring systems...

View Article