Clik here to view.
Tenable Research Discovers Remote Code Execution Vulnerabilities in GPON Routers
Tenable Research has discovered six new vulnerabilities in Nokia (Alcatel-Lucent) I-240W-Q GPON routers that can provide attacker with telnet access, DoS the target, or run arbitrary...
View ArticleClik here to view.
Management Interfaces in Three Models of Cisco Networking Devices Are...
<p>New vulnerability (CVE-2019-1663) in Cisco RV110W, RV130W, and RV215W devices allows for RCE attacks from malicious HTTP requests.</p><h3>Background</h3><p>Cisco has...
View ArticleClik here to view.
Tenable at RSA Conference 2019: Unlocking the Power of Prioritization
Customer presentations, product demos, and an entire day devoted to the public sector are just some of the activities Tenable has planned for RSA Conference 2019.You’ve heard all about Predictive...
View ArticleClik here to view.
Adobe Issues Out-of-Band Security Bulletin for Critical ColdFusion...
Adobe Security Bulletin APSB19-14 addresses a file upload restriction bypass vulnerability that has been exploited in the wild.BackgroundOn March 1, Adobe published APSB19-14, an out-of-band security...
View ArticleClik here to view.
RSAC 2019: New Approaches for Reducing Your Cyber Exposure
Vulnerability overload got you down? Attend my talk at the RSA Conference 2019 and learn about a new approach to cyber risk management.It's that time of year again - the RSA Conference (RSAC) 2019...
View ArticleClik here to view.
Here Are the Top Cybersecurity Insights for Public Sector
A new global study conducted by Ponemon Institute explores cyber risk in the public sector: What are the top priorities for public sector cybersecurity leaders in 2019? Why has preventing attacks on OT...
View ArticleClik here to view.
Use-After-Free Vulnerability in Google Chrome Exploited In The Wild...
Google Chrome 72.0.3626.121 released to address in-the-wild exploitation of CVE-2019-5786.BackgroundOn March 1, Google announced the availability of Google Chrome version 72.0.3626.121 for Windows, Mac...
View ArticleClik here to view.
Cisco March Advisory Addresses Multiple Vulnerabilities in FXOS and NX-OS
Cisco released security advisories for multiple vulnerabilities including CVE-2019-1614, an authenticated RCE vulnerability affecting many Cisco switches running NX-OS.BackgroundOn March 6th, Cisco...
View ArticleClik here to view.
Auditing Microsoft Security Compliance Toolkit Baselines
Security baselines are helpful but to be sure of their effectiveness you need to perform regular audits. Here’s how you can use Tenable.io and Nessus Professional to audit the security baselines...
View ArticleClik here to view.
5 Tips for Prioritizing Vulnerabilities Based on Risk
In part three of our six-part blog series on improving your cybersecurity strategy, we discuss the challenges organizations face in pinpointing those vulnerabilities which pose the greatest threat to...
View ArticleClik here to view.
Thank You to Our Customers: Tenable Recognized as a March 2019 Gartner Peer...
Thank you to all the customers who took the time to share your experience working with Tenable, and for trusting us to help you understand and reduce your cybersecurity risk.At Tenable, our customers...
View ArticleClik here to view.
Are Your Web Apps Protected Against Component Vulnerabilities?
Third-party components are used to build most new web applications, and these components are highly vulnerable. Here’s how you can use Tenable.io Web Application Scanning (WAS) to assess common...
View ArticleClik here to view.
Easy WP SMTP WordPress Plugin Exploited In The Wild
Popular WordPress plugin vulnerable to unauthenticated attacks continues to be targeted despite the availability of a patch.BackgroundOn March 17, researchers at Ninja Technologies Network (NinTechNet)...
View ArticleClik here to view.
Multiple Remote Code Execution Vulnerabilities Found in Grandstream Devices
Multiple security vulnerabilities found in Grandstream devices’ web interfaces include remote code execution and user credentials stored in plaintext.BackgroundAccording to Threatpost, a number of...
View ArticleClik here to view.
10 Steps for Building a Web App Assurance Program Using Tenable.io WAS
Creating a cybersecurity program wherein you can assess your web applications and websites doesn’t need to be any more difficult than setting up a vulnerability management program. Easy-to-use tools...
View ArticleClik here to view.
Magento Security Updates Fix Over 30 Bugs Including an Unauthenticated Remote...
Magento Commerce and Open Source advisory provides fixes for RCE, XSS, SQLi, and XSRF vulnerabilities.BackgroundMagento has released a security advisory for 30+ vulnerabilities, including an...
View ArticleClik here to view.
Cisco Fixes Incomplete Patch for RV320 and RV325 Routers, Finds Two New Bugs...
Cisco finalizes patch for RV320 and RV325 after researchers determined a previous patch was incomplete.BackgroundOn April 4, Cisco published updated advisories to address two vulnerabilities in its...
View ArticleClik here to view.
Cybersecurity Pros Face Significant Challenges with OT Security: Ponemon Report
A new report from Ponemon Institute and Tenable reveals that 62% of organizations in industries relying on operational technology experienced two or more business-impacting cyber attacks in the past 24...
View ArticleClik here to view.
Here Are the Answers to Your Predictive Prioritization Questions
16,500 new vulnerabilities were disclosed in 2018 – and CVSS categorized the majority as high or critical. With vulnerabilities on the rise, how can you identify the biggest threats to your business –...
View ArticleClik here to view.
CVE-2019-0211: Proof of Concept for Apache Root Privilege Escalation...
Researcher publishes proof of concept (PoC) for local root privilege escalation bug patched by Apache last week.BackgroundLast week, Apache published a security update to address six vulnerabilities in...
View Article