Clik here to view.
How to Know If Your Smart Home Is Vulnerable
Do you ever wonder if your smart home is vulnerable to cyber threats? As we place more and more connected devices in our homes to automate simple tasks that used to be done manually, we also place more...
View ArticleClik here to view.
Am I Smart or Just Lucky? Understanding Your Process Integrity Risk with...
Business system risk and process integrity risk are two essential metrics for a mature risk-based vulnerability management practice. With new assessment maturity scoring, Tenable Lumin now gives you...
View ArticleClik here to view.
CDPwn: Cisco Discovery Protocol Vulnerabilities Disclosed by Researchers
Researchers find several flaws in a proprietary protocol used by many Cisco devices.BackgroundOn February 5, researchers at Armis Security announced their discovery of five vulnerabilities in the Cisco...
View ArticleClik here to view.
Microsoft’s February 2020 Patch Tuesday Addresses 99 CVEs Including Internet...
Microsoft smashes the CVE count with security patches for 99 CVEs, 12 of which are rated as critical.Microsoft addresses a staggering 99 CVEs in the February 2020 Patch Tuesday release. This update...
View ArticleClik here to view.
ThemeGrill Demo Importer Vulnerability Actively Exploited in the Wild
Severe vulnerability in ThemeGrill Demo Importer WordPress plugin is being actively exploited in the wild. Users should upgrade to version 1.6.3 ASAP.BackgroundThe ThemeGrill Demo Importer WordPress...
View ArticleClik here to view.
CVE-2020-0618: Proof of Concept for Microsoft SQL Server Reporting Services...
Availability of proof-of-concept (PoC) code for recently disclosed remote code execution flaw in Microsoft SQL Server Reporting Services leaves sites vulnerable to attack.BackgroundOn February 11,...
View ArticleClik here to view.
Cryptocurrency Scams: Fake Giveaways Impersonate Followers of Political and...
“Thank you Elon,” “God Bless You Elon” and “God Bless You Donald” – scammers have been lurking in the Twitter replies of the U.S. President, Tesla CEO and other notable figures, impersonating followers...
View ArticleClik here to view.
How to Use Vulnerability Testing for Risk Assessment
Understanding when and how to use vulnerability scans effectively can help you take a proactive approach to risk assessment. In this post, we’ll explore the role vulnerability testing plays within a...
View ArticleClik here to view.
Duplicator WordPress Plugin Vulnerability Exploited in the Wild
Attackers are targeting a recently patched flaw in a popular WordPress plugin with over 1 million active installations.BackgroundOn February 12, Snap Creek, makers of the popular WordPress plugin...
View ArticleClik here to view.
CVE-2020-1938: Ghostcat - Apache Tomcat AJP File Read/Inclusion Vulnerability...
Several proof-of-concept exploit scripts for recently patched flaw in Apache Tomcat are now available.BackgroundOn February 20, China National Vulnerability Database (CNVD) published a security...
View ArticleClik here to view.
CVE-2020-6418: Google Chrome Type Confusion Vulnerability Exploited in the Wild
Google is aware of reports that a type confusion flaw in Google Chrome has been exploited in the wild.BackgroundOn February 24, Google released a new stable channel update for Google Chrome for Desktop...
View ArticleClik here to view.
CVE-2020-0688: Microsoft Exchange Server Static Key Flaw Could Lead to Remote...
Attackers are probing for vulnerable Microsoft Exchange Servers, as details surrounding a severe flaw were recently made public.BackgroundOn February 11, Microsoft released a patch for a severe...
View ArticleClik here to view.
CDM 2020: “Operationalizing CDM” Through Risk-Based Vulnerability Management
The year 2020 is shaping up to be a pivotal one for the U.S. Department of Homeland Security's Continuous Diagnostics and Mitigation (CDM) program as it takes significant steps toward realizing the...
View ArticleClik here to view.
What You Need to Know About Vulnerability Assessments
Vulnerability assessments are one of the best methods to take the pulse of your organization’s network security.Consider for a moment the lifecycle of a vulnerability – of any size – in the security of...
View ArticleClik here to view.
Improving and Adapting Cybersecurity – A Black@Tenable Conversation with...
At Tenable, we like to say, “What we do matters.” This commitment doesn’t only apply to our cybersecurity solutions, but also our culture. We care about what we do, each other and the communities we...
View ArticleClik here to view.
Public Sector Day at RSAC 2020: More Threats, Limited Resources
Last week, thousands of security-minded professionals descended on downtown San Francisco for the annual RSA Conference. Monday, February 24, featured a Public Sector Day event, which kicked off the...
View ArticleClik here to view.
CVE-2020-8597: Buffer Overflow Vulnerability in Point-to-Point Protocol...
Multiple widely used Linux distributions are impacted by a critical flaw that has existed in pppd for 17 years.BackgroundOn March 4, researchers at the CERT Coordination Center (CERT/CC) published...
View ArticleClik here to view.
CVE-2020-10189: Deserialization Vulnerability in Zoho ManageEngine Desktop...
Zoho releases a patch for a critical remote code execution flaw in ManageEngine one day after the vulnerability was publicly disclosed.BackgroundOn March 5, Steven Seeley, an information security...
View ArticleClik here to view.
Operational Technology Threats in Automotive: What You Need to Know
When it comes to automotive manufacturing, industrial control systems (ICS) may be the weak link inviting new types of attacks. Here’s what you need to know.Auto manufacturing has become an...
View ArticleClik here to view.
Microsoft’s March 2020 Patch Tuesday Addresses 115 CVEs, Including 58...
Microsoft's March 2020 Patch Tuesday addresses an extraordinary 115 CVEs, including 58 elevation of privilege flaws.Microsoft addresses 115 CVEs in the March 2020 Patch Tuesday release, following...
View Article