Clik here to view.
Slack Patches Download Hijack Vulnerability in Windows Desktop App
Tenable Researcher David Wells discovered a vulnerability in Slack Desktop for Windows that could have allowed an attacker to alter where files downloaded within Slack are stored. Tenable worked with...
View ArticleClik here to view.
Stop the Presses: Media Coverage as a Prioritization Metric for Vulnerability...
We wondered whether mainstream media coverage of vulnerabilities changed how companies perform vulnerability management. So we asked them. Here’s what we learned.In technical circles, vulnerabilities...
View ArticleClik here to view.
SandboxEscaper: Local Privilege Escalation Bugs Including Four Zero-Day...
Five vulnerabilities, including four zero-day vulnerabilities, have been disclosed in Windows Task Scheduler, Windows Error Reporting, Internet Explorer 11, Microsoft Edge and Windows Installer, which...
View ArticleClik here to view.
GovEdge 2019: Five Things You Need to Know About Tenable’s Public Sector User...
At Tenable’s GovEdge 2019 public sector user conference, June 4-5 in Washington, D.C., you’ll learn how to make the most of your Tenable deployment and gain valuable Cyber Exposure best practices — all...
View ArticleClik here to view.
CVE-2019-10149: Critical Remote Command Execution Vulnerability Discovered In...
Researchers discover critical remote command execution vulnerability in older versions of Exim. Over 4.1 million systems are potentially vulnerable to local exploitation and remote exploitation is...
View ArticleClik here to view.
Leading Cybersecurity Officials Keynote GovEdge 2019
Vulnerability management was the centerpiece of Tenable’s public sector user conference, where cybersecurity and government leaders came together to explore ways to close their Cyber Exposure gap.Last...
View ArticleClik here to view.
Why Diversity in Cybersecurity is the Key to Our Collective Success
Tenable’s first-ever Diversity and Inclusion Council brings together company leaders who are committed to creating an environment of inclusiveness and empowerment. The House Homeland Security...
View ArticleClik here to view.
Tenable Roundup for Microsoft's June 2019 Patch Tuesday
The SandboxEscaper privilege escalation bugs are among the nearly 90 vulnerabilities patched in Microsoft’s June 2019 Security Updates. Here’s what you need to know.Microsoft’s June 2019 Security...
View ArticleClik here to view.
IoT Cybersecurity Improvement Act: An Important Step Forward
At Tenable, we look forward to working with our partners on Capitol Hill to move the IoT Cybersecurity Improvement Act forward and strengthen the security of federal networks. Billions of devices...
View ArticleClik here to view.
Hope Is Not a Strategy: Four Lessons ‘Survivor’ Taught Me About Cybersecurity
The Fijian island landscape may look very different from the Cyber Exposure landscape, but surviving them has more in common than you would think. And I have the personal experience to prove it.In...
View ArticleClik here to view.
SACK Panic: Linux and FreeBSD Kernels Vulnerable to Remote Denial of Service...
Researchers at Netflix have disclosed new remote denial of service and resource consumption vulnerabilities in most Linux and FreeBSD versions.BackgroundOn June 17, Netflix published an advisory to its...
View ArticleClik here to view.
CVE-2019-11707: Critical Type Confusion Zero-Day in Mozilla Firefox Exploited...
Security researchers discover a zero-day vulnerability in Mozilla Firefox used in targeted attacks.BackgroundOn June 18, the Mozilla Foundation published a security advisory to address a zero-day...
View ArticleClik here to view.
Threat Modeling: What You Need to Know About Prioritizing Attacks and...
Threat modeling gives vulnerability management teams a good understanding of how attacks work, enabling them to focus prioritization efforts around the bugs most likely to affect their environment.The...
View ArticleClik here to view.
What You Need to Know About Vulnerability Management Best Practices
How can CISOs and their cybersecurity teams incorporate Tenable’s Predictive Prioritization capability and the Vulnerability Priority Rating into their vulnerability management strategy? The Tenable...
View ArticleClik here to view.
CVE-2019-2729: Oracle Releases Out-of-Band Patch for WebLogic Server...
Out-of-band security advisory addresses second Oracle WebLogic Server vulnerability in two months.BackgroundOn June 18, Oracle published an out-of-band security advisory to address a critical...
View ArticleClik here to view.
Pride at Tenable
Hi, my name is Mark Lloyd and I run the University Recruiting Program here at Tenable. I’m also gay.Being able to make this statement in a public forum, much less at my place of employment, is...
View ArticleClik here to view.
Sudan Meal Project: Social Media Activism is Used to Amass Nearly 900,000...
Instagram accounts claiming to donate meals to Sudanese civilians are a ruse to gain followers in order to pivot to personal accounts or sell them for a profit.In the wake of the Sudan crisis that has...
View ArticleClik here to view.
What is Critical Infrastructure and How Should We Protect It?
We hear a lot these days about critical infrastructure, and the importance of protecting it. But what exactly is “critical infrastructure,” what are the greatest threats to it, and what are the best...
View ArticleClik here to view.
Keeping Up With the Patches: A Tour Through Spring 2019 Threat Alerts
This spring brought a number of security updates from major tech players such as Oracle, Microsoft and Cisco. Which ones affect your enterprise? The Tenable Research team breaks it all down.Spring 2019...
View ArticleClik here to view.
How to Audit Microsoft Exchange 2013 and 2016 with CIS and DISA Guidance
Tenable Research Release Highlights are posted for significant new releases or updates to existing plugins or audit files that are important for early customer notification. Here, we discuss new audit...
View Article