Clik here to view.
Verizon Fios Quantum Gateway Routers Patched for Multiple Vulnerabilities
<p>Tenable Research discovered multiple vulnerabilities in Verizon’s Fios Quantum Gateway routers.</p><h2>Background</h2><p>Tenable Research has discovered multiple...
View ArticleClik here to view.
Critical Vulnerability in Siemens Spectrum Power (CVE-2019-6579) Patched in...
<p>Siemens Security Advisory Day (SAD) for April 2019 addresses a variety of vulnerabilities, including a critical vulnerability in Siemens Spectrum...
View ArticleClik here to view.
Why Global Collaboration Is Key to Effective Cyber Defense
The proliferation of connected devices is driving exponential growth in the digital attack surface, making it increasingly important for businesses, organizations and governments to collaborate on...
View ArticleClik here to view.
Critical OS Command Injection Vulnerability in Citrix SD-WAN Center Discovered
Tenable Research has discovered a critical vulnerability in Citrix SD-WAN Center that could lead to remote code execution.BackgroundOn April 10, Citrix released a security bulletin for CVE-2019-10883,...
View ArticleClik here to view.
Predictive Prioritization Is Now Available in Tenable.io!
Predictive Prioritization is a game-changer for risk-based vulnerability management. And now it’s a core capability of Tenable.io, helping you focus first on the 3% of vulnerabilities that matter...
View ArticleClik here to view.
IT/OT Cybersecurity Convergence: Start Strong with These Six Controls
As IT and OT teams converge, industrial businesses need to create better cybersecurity plans and strategies to confront modern threats. Where's the best place to start? Try these six cybersecurity...
View ArticleClik here to view.
Oracle Critical Patch Update For April Contains 297 Fixes
Oracle fixes nearly 300 vulnerabilities in second Critical Patch Update for 2019, including bugs in WebLogic, Java SE and several product components.BackgroundOn April 16, Oracle released its Critical...
View ArticleClik here to view.
Sea Turtle DNS Hijacking Campaign Utilizes At Least Seven Patched...
The Sea Turtle campaign exploits seven patchable vulnerabilities dating from 2009 to 2018 to breach organizations and hijack their DNS name records.BackgroundOn April 17, researchers at Cisco’s Talos...
View ArticleClik here to view.
Metrics and Maturity: Benchmarking Your Cyber Exposure Over Time
In part four of our six-part blog series, we explore the challenges facing organizations as they try to accurately answer the question “How are we reducing our exposure over time.” Here’s what you need...
View ArticleClik here to view.
Edge 2019: Six Things You Need to Know About Tenable’s Upcoming User Conference
At Tenable’s Edge 2019 user conference, May 21-23 in Atlanta, you’ll learn how to make the most of your product investments and gain valuable Cyber Exposure best practices all while networking with...
View ArticleClik here to view.
Tenable Expands Partnership with Siemens to Secure New Power Plant Controls...
Tenable Industrial Security can now be sold, installed and managed by Siemens professional services staff, alongside the company’s SPPA-T3000 distributed control system.As attacks on critical...
View ArticleClik here to view.
Oracle WebLogic Affected by Unauthenticated Remote Code Execution...
Oracle WebLogic is vulnerable to a new deserialization vulnerability that could allow an attacker to execute remote commands on vulnerable hosts.BackgroundOn April 17, China National Vulnerability...
View ArticleClik here to view.
Ditch the Spreadsheet and Step Up Your Vulnerability Management Game
Moving from Nessus Pro to Tenable.sc or Tenable.io can easily help you mature your vulnerability management program. Here's what you need to know.Does your vulnerability management workflow involve a...
View ArticleClik here to view.
Multiple Vulnerabilities Found in Presentation Products
Tenable Research has discovered multiple vulnerabilities impacting Crestron’s AM-100 presentation device platform. Two of these also impact several other platforms, including: Barco wePresent,...
View ArticleClik here to view.
CVE-2019-3396: Vulnerability in Atlassian Confluence Widget Connector...
Attackers are targeting vulnerable Confluence instances after company published a fix for the vulnerability back in March 2019.BackgroundOn March 20, Atlassian published a Confluence Security Advisory...
View ArticleClik here to view.
CVE-2019-5021: Hard-Coded NULL root Password Found in Alpine Linux Docker Images
A Hard-Coded NULL root user password vulnerability was found in Alpine Linux Docker Images from December 2015’s 3.3 version onward. Users are encouraged to disable the root user, or any services that...
View ArticleClik here to view.
Thrangrycat: Vulnerabilities in Cisco Secure Boot and Cisco IOS XE...
Researchers identify vulnerabilities in Cisco Secure Boot process and Cisco IOS XE devices that could reportedly be chained together for significant impact.BackgroundOn May 13, Cisco published two...
View ArticleClik here to view.
Critical Remote Code Execution Vulnerability CVE-2019-0708 Addressed in Patch...
Microsoft has released its May 2019 Security Updates, which includes a fix for CVE-2019-0708, a critical remote code execution vulnerability affecting the Remote Desktop Service.BackgroundMicrosoft has...
View ArticleClik here to view.
Nessus Home Is Now Nessus Essentials
We’ve given Nessus Home a refresh, and we’re excited to share with you the new and updated free vulnerability assessment solution, Nessus Essentials. As part of the Nessus family, Nessus Essentials is...
View ArticleClik here to view.
Microarchitectural Data Sampling: Speculative Execution Side-Channel...
Researchers disclose speculative execution side-channel attacks named ZombieLoad, RIDL and Fallout in Intel Central Processing Units (CPUs).BackgroundOn May 14, public disclosures from multiple...
View Article