Clik here to view.
Microsoft Defends Windows Defender from Remote Code Execution: CVE-2018-0986
Over the years, Microsoft has developed an anti-virus and anti-malware suite of security tools for the Windows environment. However, recently, a critical flaw has been found, which affects Microsoft...
View ArticleClik here to view.
More Visibility into Metrics: Tenable.io Gets New Dashboards
Tenable.io users have been asking for new dashboards to make implementing Cyber Exposure easier, and the Tenable dashboard and reporting teams have delivered. We’ve added five new dashboards to...
View ArticleClik here to view.
Choosing an OT Security Solution? Here Are the 7 Questions to Ask
Look before you leap is excellent advice for security leaders to heed before they select security solutions to reduce Cyber Exposure in Operational Technology (OT) environments. And, who is better...
View ArticleClik here to view.
Cisco Smart Install - How to Prevent Attacks on Switches
There’s been a flurry of activity around the Cisco Smart Install feature recently. Last week, we posted a tech blog about CVE-2018-0171, a critical vulnerability in Cisco’s Smart Install feature that...
View ArticleClik here to view.
Tenable Research Advisory: AXIS Camera App Malicious Package Distribution...
Tenable Research recently audited an AXIS M3044-V network camera and learned that AXIS has introduced an application platform to their cameras. The camera even came with an app pre-installed: AXIS...
View ArticleClik here to view.
Tenable Research: February and March Vulnerability Disclosure Roundup
*/Tenable Research has a dedicated team that performs vulnerability research on software and hardware from third-party vendors. The goal is to discover zero-day vulnerabilities and work with vendors to...
View ArticleClik here to view.
Putting the S.M.A.R.T. in Smart Cities: How to Address the Expanding Attack...
The concept of a smart city came of age in conjunction with another now ubiquitous term: digital transformation. Cities and counties rely heavily on their taxing authority to provide critical services...
View ArticleClik here to view.
Tenable Pledges to Fight Global Cyberattacks with 33 Leading Companies
In today’s digital economy, it has become paramount for companies to defend customers from malicious attacks by criminal enterprises and nation states.This is why Tenable, along with 33 other companies...
View ArticleClik here to view.
Surge of Attacks Targeting Network Infrastructure Devices – What You Need to...
Based on the recent surge of attacks on network devices by Russian state-sponsored cyber actors, the US-CERT has released Technical Alert (TA18-106A). As of now, targets are primarily government and...
View ArticleClik here to view.
Cyber Exposure Meets Political Practicality
CyberScoop’s Opportunities for Improving Cybersecurity Visibility at State & Local Government Agencies is an outstanding summary of the current state of cyber preparedness in state and local...
View ArticleClik here to view.
How to Secure and Audit an Amazon Web Services Three-tier Web Architecture
In 2016, Tenable was the first Center for Internet Security (CIS) member to receive certification for the Amazon AWS Foundations benchmark. We’re pleased to announce that we’ve continued our leadership...
View ArticleClik here to view.
April Vulnerability of the Month: Password Free-for-All Via Samba Active...
Every month, we ask our researchers to nominate a vulnerability of the month. Novelty, sophistication or just plain weirdness are some of the potential criteria for selecting a vulnerability of the...
View ArticleClik here to view.
Why Are You Still Using IE? Double Kill Is Just the Latest Issue
Microsoft's legacy browser Internet Explorer (IE) has been used for almost three decades, but not without issues. IE has been so plagued with security problems that Microsoft built a new, more secure...
View ArticleClik here to view.
Critical Oracle WebLogic Server Flaw Still Not Patched
One of the many issues that should have been addressed by Oracle’s Critical Patch Update for April 2018 was a fix for a flaw affecting versions 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3 of the Oracle...
View ArticleClik here to view.
Tenable Research Advisory: Critical Schneider Electric InduSoft Web Studio...
Tenable Research recently discovered a new remote code execution vulnerability in Schneider Electric’s InduSoft Web Studio and InTouch Machine Edition. The applications contain an overflow condition...
View ArticleClik here to view.
Microsoft May Madness
Patch Tuesday was anything but typical in the month of May. On May 8, Microsoft released security patches for a total of 67 vulnerabilities, addressing 21 critical vulnerabilities, 42 important and...
View ArticleClik here to view.
Advance Your Security Program with the Latest SecurityCenter Innovations
Since its introduction in 2003, SecurityCenter® has continually driven innovation in the vulnerability management market, enabling organizations to manage and measure Cyber Exposure across IT assets....
View ArticleClik here to view.
Tenable Research: April Vulnerability Disclosure Roundup
*/Tenable Research has a dedicated team that performs vulnerability research on software and hardware from third-party vendors. The goal is to discover zero-day vulnerabilities and work with vendors to...
View ArticleClik here to view.
ADVISORY: Intel...Simply Misunderstood?
To close numerous security gaps, Microsoft, Adobe, Apple, Red Hat, Xen, VMware and other vendors have released a number of patches in the first 10 days of May. We discussed some of these in our recent...
View ArticleClik here to view.
ADVISORY: Efail...PGP Has an Email Problem?
Email continues to be one of the most popular ways to communicate in the world today. And given the rapidly evolving threat landscape, email encryption has never been more critical. Pretty Good Privacy...
View Article