Clik here to view.
Uncovering the Business Costs of Cyber Risk: Ponemon Study
<p>Study finds organizations are not accurately measuring the business costs of cyber risk, and are unable to quantify the damage cyber attacks could have on their businesses, leaving them...
View ArticleClik here to view.
Securing Medical Records: Exploring US Certification Standards
<p>Tenable Research investigates compliance standards for EHR applications in the US healthcare industry and discusses possible gaps in the coverage of these standards. Real world examples are...
View ArticleClik here to view.
Patched Elasticsearch Vulnerabilities Used to Spread Cryptocurrency Miner...
<p>Attackers are actively scanning for vulnerable Elasticsearch systems in order to implant cryptocurrency mining scripts.</p><h3>Background</h3><p>In recent weeks,...
View ArticleClik here to view.
Magellan: Remote Code Execution Vulnerability in SQLite Disclosed
<p>Researchers disclosed a remote code execution vulnerability in SQLite affecting Google Chromium-based browsers as well as the Google Home smart...
View ArticleClik here to view.
Privilege Escalation Flaw Discovered in the Cisco Adaptive Security Appliance
Tenable has discovered a privilege escalation flaw in the Cisco Adaptive Security Appliance that allows low-level users to run higher-level commands when certain configuration settings are set.What you...
View ArticleClik here to view.
Microsoft Releases Out-of-Band Patch for Internet Explorer Remote Code...
<p>Clement Lecigne of Google’s Threat Analysis Group has reported exploitation of an Internet Explorer vulnerability, CVE-2018-8653, prompting an out-of-band patch from...
View ArticleClik here to view.
3 Tips for Identifying Your Organization’s Cyber Exposure Gaps
<p>In part two of our six-part blog series on improving your cybersecurity strategy, we discuss the need for a holistic approach and provide three tips to help you answer the question “where are...
View ArticleClik here to view.
Top 5 Cybersecurity Priorities for 2019: Ponemon Study
<p>We asked 2,410 IT and cybersecurity decision-makers in six countries to identify their top cybersecurity and governance priorities for the New Year. Here’s what we...
View ArticleClik here to view.
Adobe Releases Out-of-Band Security Bulletin for Adobe Acrobat and Reader...
<p>Adobe issued an out-of-band security bulletin which addresses two critical vulnerabilities (CVE-2018-16011, CVE-2018-16018) in Adobe Acrobat and...
View ArticleClik here to view.
Critical Vulnerability Fixes Available For Juniper Devices
Juniper has addressed multiple critical vulnerabilities in Junos, Junos Space, and JATP devices. Administrators are advised to update to the latest OS version on any affected Juniper...
View ArticleClik here to view.
Tenable Bolsters Government Affairs Team with New Hire
Jamie Brown joins Tenable as Director of Global Government Affairs. In this newly created role, Jamie will work with government officials worldwide to promote effective cybersecurity policies, which...
View ArticleClik here to view.
Multiple Zero-Days in PremiSys IDenticard Access Control System
Tenable Research discovered multiple zero-day vulnerabilities in the PremiSys access control system developed by IDenticard. As of January 9, IDenticard has not released a patch for these...
View ArticleClik here to view.
Election Systems as Critical Infrastructure: Understanding Help America Vote...
In today's edition of Tenable's State and Local Government Video Blog Series, we discuss how to utilize grant funding to address the top cybersecurity concerns of state CISOs.In 2017, the profile of...
View ArticleClik here to view.
Oracle’s January Critical Patch Update Addresses Nearly 300 Fixes
Oracle addresses nearly 300 vulnerabilities in the first Critical Patch Update of 2019.BackgroundOn January 15, Oracle released its Critical Patch Update, a quarterly publication of fixes for...
View ArticleClik here to view.
Cyber Risk Management in Transition: Key Findings from ESG’s Cyber Risk...
A recent ESG report shows the traditional approach to cyber risk management isn’t working anymore, if in fact it ever did. Here, we share four highlights from the report and offer two steps to help...
View ArticleClik here to view.
Data Security is a Global Economic Imperative
It’s time for government and industry to define and follow a cybersecurity-first approach to protecting the precious data driving global commerce.Data makes the world go round. It’s the grease keeping...
View ArticleClik here to view.
WEF Report Offers Global Context for Understanding the Importance of Cyber Risk
The World Economic Forum’s Global Risks Report 2019 ranks data fraud/theft and cyber attack as two of the top five global risks in terms of likelihood. The big question now is how will organizations...
View ArticleClik here to view.
Proof-of-Concept Code gives standard Microsoft Exchange users Domain...
Publicly released and newly named “PrivExchange” proof-of-concept (POC) privilege escalation code exploits protocol flaws and default configurations to give standard Exchange users Domain Administrator...
View ArticleClik here to view.
Apple iOS 12.1.3 Security Updates Address Multiple Vulnerabilities
Apple has released iOS 12.1.3 to fix 31 CVEs including a FaceTime remote code execution vulnerabilityBackgroundOn January 22, Apple released iOS 12.1.3, which includes fixes for 31 different CVEs...
View ArticleClik here to view.
Multiple Vulnerabilities Found in LabKey Server Community Edition
Tenable Research has discovered multiple vulnerabilities including cross site scripting, open redirects and drive mapping in LabKey Server Community Edition 18.2-60106.64. Labkey has released...
View Article