Clik here to view.
WP Statistics WordPress Plugin Vulnerable to Unauthenticated Blind SQL Injection
Popular WordPress Plugin with over half a million installations is potentially vulnerable to unauthenticated blind SQL injection attacks.BackgroundOn July 1, maintainers of WP Statistics, a popular...
View ArticleClik here to view.
Security Teams: What You Need to Know About Vulnerability Response
Tenable’s Predictive Prioritization leverages data science and machine learning to make it easier for cybersecurity teams to find, patch and remediate vulnerabilities. Week after week, critical...
View ArticleClik here to view.
How Do Your Cyber Exposure Practices Stack Up to Those of Your Peers?
In part five of our six-part blog series, we explore the challenges facing organizations as they try to accurately answer the question: “How do we compare to our peers?” Here’s what you need to...
View ArticleClik here to view.
Tenable Research Discloses Critical Vulnerability in Siemens STEP 7...
Tenable Research has discovered a critical vulnerability in Siemens TIA Portal (also referenced as STEP 7) that would allow an attacker to perform administrative actions. Siemens has released an update...
View ArticleClik here to view.
Microsoft’s July 2019 Patch Tuesday: What You Need to Know
Microsoft’s July 2019 Security Updates were released on July 9, with nearly 80 vulnerabilities patched in this update, 15 of which are critical.CVE-2019-0865 | SymCrypt Denial of Service VulnerabilityA...
View ArticleClik here to view.
Web Application Security: What You Need to Know to Minimize Threats
Learn how practicing the basics of web application security and keeping up with the threat landscape can help keep your business secure.When it comes to threat actors breaking into corporate networks...
View ArticleClik here to view.
Unauthorized Call and Webcam Access Vulnerability in Zoom Mac Client...
A zero-day vulnerability in Zoom could potentially lead to a remote code execution attack. Here’s what you need to know.BackgroundSecurity researcher Jonathan Leitschuh has disclosed a zero day in the...
View ArticleClik here to view.
Multiple Vulnerabilities Found in Citrix SD-WAN Center and SD-WAN Appliances
Tenable Research has discovered multiple critical vulnerabilities in both Citrix SD-WAN Center and the SD-WAN appliance itself that could allow a remote, unauthenticated attacker to compromise the...
View ArticleClik here to view.
CVE-2019-11581: Critical Template Injection Vulnerability in Atlassian Jira...
Vulnerability introduced nearly eight years ago could lead to remote code execution on vulnerable Jira Server and Data Center systems.BackgroundOn July 10, Atlassian published Security Advisory...
View ArticleClik here to view.
Cyber Exposure: Taking a Holistic Approach to Vulnerability Management
Tenable’s six-part blog series explores the challenges involved in achieving a holistic cybersecurity strategy and provides tips and advice for advancing the discipline of Cyber Exposure in your...
View ArticleClik here to view.
CVE-2019-11580: Proof-of-Concept for Critical Atlassian Crowd Remote Code...
A proof-of-concept for critical Atlassian Crowd vulnerability patched on May 22 is now available.BackgroundOn July 14, security researcher Corben Leo published a blog detailing the analysis of a...
View ArticleClik here to view.
Cybersecurity as a Public Service: 3 Ways Local Governments Can Change the...
Recasting cybersecurity as another essential public service, just like safety or water or electricity, can help local government leaders make the case for cybersecurity funding. Here’s how. There is a...
View ArticleClik here to view.
Oracle Critical Patch Update for July Contains 265 Fixes
Oracle fixes 265 vulnerabilities in July’s Critical Patch Update.BackgroundOn July 16, Oracle released its Critical Patch Update (CPU) for July 2019 as part of its quarterly release of fixes for...
View ArticleClik here to view.
Tenable Helps Sentara Healthcare with Vulnerability Prioritization
Learn why Tenable.sc and Tenable.io, both with Predictive Prioritization, are Sentara Healthcare’s choices for vulnerability management. Sentara Healthcare, the largest health system in the state of...
View ArticleClik here to view.
Vulnerability Management Fundamentals: What You Need to Know
In part one of our five-part series on Vulnerability Management fundamentals, we explore the four stages of the Cyber Exposure lifecycle. Truth is ever to be found in simplicity, and not in the...
View ArticleClik here to view.
CVE-2019-1579: Critical Pre-Authentication Vulnerability in Palo Alto...
Researchers disclose a critical vulnerability in Palo Alto GlobalProtect SSL VPN solution used by many organizations.BackgroundOn July 17, researchers Orange Tsai and Meh Chang published a blog about...
View ArticleClik here to view.
Tenable Supports the IoT Standards Leadership Act
The IoT Standards Leadership Act would require the U.S. Department of Commerce to report on U.S. engagement in international IoT standards-setting bodies and their effectiveness for cybersecurity....
View ArticleClik here to view.
CVE-2019-12815: Improper Access Control Vulnerability in ProFTPD Disclosed
Popular open source FTP daemon affected by an improper access control vulnerability dating back to 2010BackgroundOn July 18, Tobias Mädel published an advisory for an improper access control...
View ArticleClik here to view.
Lockheed Martin Aeronautics: Keeping the F-35 Warfighter Secure with Tenable.sc
Protecting air-gapped networks from insider threat is a priority for the Lockheed Martin Aeronautics information systems security risk team. Here’s how they’re using Tenable.sc to keep the F-35 fighter...
View ArticleClik here to view.
How Public Sector Organizations Can Overcome Today’s Cyber Risks
Dr. Larry Ponemon and Tenable’s Stephen Smith discuss the cybersecurity challenges revealed in a recent study of cybersecurity in the public sector, and provide three tips for closing the Cyber...
View Article