Clik here to view.
Instagram Porn Bots Evolve Methods for Peddling Adult Dating Spam
Incentivized by affiliate programs, scammers are evolving how they utilize fake Instagram accounts to target users on the popular social media platform.As social networking services rose to prominence...
View ArticleClik here to view.
WatchBog Malware Adds BlueKeep Scanner (CVE-2019-0708), New Exploits...
Scanner for “BlueKeep” vulnerability and newly minted exploits for Exim and Jira incorporated into cryptocurrency mining malware.BackgroundOn July 24, researchers at Intezer published a blog about a...
View ArticleClik here to view.
Critical Vulnerabilities Dubbed URGENT/11 Place Devices Running VxWorks at...
Eleven critical vulnerabilities, including RCEs, denials of service, information leaks and logical flaws, were recently disclosed, impacting the RTOS VxWorksBackgroundThe Armis Research Team has...
View ArticleClik here to view.
CVE-2019-0708: BlueKeep Exploits Could Be Around the Corner
Nearly 80 days after the announcement of BlueKeep, threats of exploitation remain. Those who have not patched remain at risk as rumors of exploit scripts surface.BackgroundIn May 2019, Microsoft...
View ArticleClik here to view.
5 Tech Support Factors to Look for When Choosing a VM Solution
In my experience running Technical Support for Tenable, I’ve gained valuable insight into what makes a strong vendor/customer relationship. Here are my five tips for making the most of Technical...
View ArticleClik here to view.
New Capabilities to Automatically Discover and Assess Rogue Assets
Few organizations have sufficient visibility into their attack surface—until now. Tenable announces new asset discovery capabilities across on-premises and cloud environments. Visibility into all...
View ArticleClik here to view.
How Jewelry Television Uses Tenable.sc to Understand and Reduce Cyber Risk
Understanding risk in a complex digital environment is Jewelry Television’s biggest Cyber Exposure challenge. Learn how the company is using Tenable.sc and the Vulnerability Priority Rating to improve...
View ArticleClik here to view.
How To Discover and Protect Your OT Assets
As the disciplines of IT and Operational Technology (OT) continue to converge, organizations find themselves challenged to provide threat protection, risk management and asset monitoring. It all starts...
View ArticleClik here to view.
Vulnerability Management Fundamentals: How to Perform Asset Discovery and...
In part two of our five-part series on Vulnerability Management fundamentals, we explore the essentials of asset discovery and classification, which is the first step in the Cyber Exposure...
View ArticleClik here to view.
Tenable Roundup for Microsoft’s August 2019 Patch Tuesday: DejaBlue
Microsoft’s August 2019 Security Updates, released on August 13, address over 90 vulnerabilities, 29 of which are critical.Microsoft’s August 2019 Patch Tuesday release contains updates for 93 CVEs, 29...
View ArticleClik here to view.
TikTok Scams: How Popular Apps and Services Become New Havens for Scammers
As social media platforms become popular, scammers aren’t far behind. One of the more popular social media scams involving adult-dating has started to emerge on TikTok over the last six months.Since...
View ArticleClik here to view.
TikTok Scams: How Social Currency Fuels the Economy for Impersonation...
The economic engine on social media platforms are the followers (or fans) and likes. Scammers take advantage of this economy, while others seek out ways to grow their following inorganically by...
View ArticleClik here to view.
Multiple Denial of Service (DoS) Vulnerabilities in HTTP/2 Disclosed...
A variety of Denial of Service vulnerabilities were found in third-party implementations of HTTP/2.BackgroundOn August 13, researchers at Netflix published an advisory for their GitHub page detailing...
View ArticleClik here to view.
CVE-2019-15107: Exploit Modules Available for Remote Code Execution...
The popular Linux/UNIX systems management tool has more than 3 million downloads per year and the vulnerability has been present for at least a year, putting many virtual UNIX management systems at...
View ArticleClik here to view.
Apple iPhone and iPad Devices Vulnerable After Reintroduction of SockPuppet...
Previously disclosed and patched flaw was reintroduced in iOS 12.4, which could be used in combination with a separate vulnerability to hack into Apple mobile devicesBackgroundOn August 18, unc0ver, a...
View ArticleClik here to view.
How Emerson Uses Tenable.io to Find and Fix Vulnerabilities
Emerson’s solutions are used in manufacturing, industrial, commercial and residential environments. Learn how Tenable.io became a staple for the application and product security testing team.The...
View ArticleClik here to view.
CVE-2019-11510: Proof of Concept Available for Arbitrary File Disclosure in...
A proof of concept has been made public for CVE-2019-11510, an arbitrary file disclosure vulnerability found in popular virtual private network software, Pulse Connect Secure.BackgroundOn April 24,...
View ArticleClik here to view.
How To: Run Your First Vulnerability Scan with Nessus
Get your Nessus vulnerability assessment tool up and running with these five easy steps.With Nessus, you can gain full visibility into your network by conducting a vulnerability assessment. Read on as...
View ArticleClik here to view.
Critical Cisco Vulnerabilities Across Multiple Products, Exploit Code for...
Cisco published new advisories for Integrated Management Controller (IMC) and Unified Computing System (UCS) Director, and updates for Small Business 220 Series Smart Switches that include the...
View ArticleClik here to view.
CVE-2018-13379, CVE-2019-11510: FortiGate and Pulse Connect Secure...
Attackers are exploiting arbitrary file disclosure vulnerabilities in popular SSL VPNs from Fortinet and PulseSecure.BackgroundOn August 22, two reports emerged of scanning activity targeting...
View Article