Clik here to view.
Building Resilient IT Systems: Why Federal and Enterprise Leaders Should...
As remote work expands the enterprise attack surface, a federal advisory committee highlights the key challenges in securing critical IT infrastructure and building more resilient organizations.On...
View ArticleClik here to view.
CVE-2020-1472: Advanced Persistent Threat Actors Use Zerologon Vulnerability...
U.S. Government agencies issue joint cybersecurity advisory cautioning that advanced threat groups are chaining vulnerabilities together to gain entry into government networks and elevate...
View ArticleClik here to view.
Deploying Your Industrial Cybersecurity: 4 Tips For Success
Securing industrial environments requires a form factor that is optimal for your business. The latest Tenable.ot product updates provide greater freedom to deploy your security and manage threats the...
View ArticleClik here to view.
Microsoft’s October 2020 Patch Tuesday Addresses 87 CVEs including “Bad...
For the first time in seven months, Microsoft patches less than 100 CVEs, addressing 87 CVEs in its October release.Microsoft patched 87 CVEs in the October 2020 Patch Tuesday release, including 11...
View ArticleClik here to view.
A Day in the Life of a Business-Aligned Cybersecurity Leader
The future belongs to cybersecurity leaders who can align their objectives with an understanding of business risk. Here are eight daily actions you can take to get there.I've been working in...
View ArticleClik here to view.
CVE-2020-5135: Critical SonicWall VPN Portal Stack-based Buffer Overflow...
Researchers disclose a critical pre-authentication vulnerability in the SonicWall VPN Portal that is easily exploitable.BackgroundOn October 12, SonicWall published a security advisory...
View ArticleClik here to view.
Writing Security Advisories: 5 Best Practices For Vendors
To maximize the impact of your security advisories, here are some key steps vendors can take to support automated workflows and timely remediation efforts.Over the years we’ve seen every variation of...
View ArticleClik here to view.
Oracle Critical Patch Update for October 2020 Addresses 402 Security Updates
Oracle’s latest Critical Patch Update surpasses the 400 mark for the second time this year with 402 security patches addressing 230 CVEs, including numerous critical vulnerabilities in Oracle Fusion...
View ArticleClik here to view.
CVE-2020-27615: SQL Injection Vulnerability in WordPress Loginizer Plugin...
In a rare move, the WordPress Security Team forced a plugin update to over one million sites to address a vulnerability in a popular WordPress plugin used for brute force protection.BackgroundOn...
View ArticleClik here to view.
Government Agencies Warn of State-Sponsored Actors Exploiting Publicly Known...
State-sponsored actors from Russia and China are leveraging several of the same publicly known vulnerabilities in their attacks, all of which have patches available.On October 20, the National Security...
View ArticleClik here to view.
How to Leverage Nessus Scan Reports for Better Vulnerability Assessment
Turning your Nessus scan results into actionable reports helps you dynamically visualize the vulnerability assessment process.Vulnerability scanning is typically a multi-step process, one that doesn't...
View ArticleClik here to view.
CVE-2020-14882: Oracle WebLogic Remote Code Execution Vulnerability Exploited...
A remote code execution vulnerability in Oracle WebLogic Server has been actively exploited in the wild just one week after a patch was released and one day after a proof of concept was...
View ArticleClik here to view.
CVE-2020-15999, CVE-2020-17087: Google Chrome FreeType and Microsoft Windows...
A pair of zero-day vulnerabilities in Google Chrome (CVE-2020-15999) and Microsoft Windows (CVE-2020-17087) were chained together and exploited in the wild in targeted attacks. A separate Chrome...
View ArticleClik here to view.
CVE-2020-16846, CVE-2020-25592: Critical Vulnerabilities in Salt Framework...
SaltStack recommends immediate patching after their disclosure of three new vulnerabilities, two of which are rated critical and can be remotely exploited without authentication."BackgroundOn October...
View ArticleClik here to view.
CVE-2020-14871: Critical Buffer Overflow in Oracle Solaris Exploited in the...
Researchers disclose critical zero-day vulnerability in Oracle Solaris that was exploited in the wild by an uncategorized threat actor.BackgroundOn November 2, researchers at FireEye published a blog...
View ArticleClik here to view.
Spotlight on Mexico: It's Time for Cyber and Business Leaders to Align
With cyberattacks on the rise, a new study shows how a disconnect between cyber and business executives is putting organizations in Mexico at risk. The vast majority of organizations in Mexico (95%)...
View ArticleClik here to view.
Spotlight on Australia: Security Leaders Struggle to Communicate Cyber Risk...
As Australian business leaders prepare for incoming cyber regulation as part of the government's Cyber Security Strategy 2020 initiative, an independent study finds security executives are struggling...
View ArticleClik here to view.
Spotlight on France: COVID-19 Response Reveals a Disconnect Between...
A lack of alignment on COVID-19 response plans exemplifies how a chronic disconnect between cybersecurity and business leaders increases organizational risk. As organizations in France grapple with yet...
View ArticleClik here to view.
Spotlight on Germany: A Business-Cyber Disconnect Puts Organizations at Risk
A chronic lack of collaboration between German business and security executives was exacerbated during the global COVID-19 pandemic.The disconnect between business and cybersecurity leaders in Germany...
View ArticleClik here to view.
Tenable Celebrates Veterans Day, Launches New Resource for Careers in...
For over 100 years, Veterans Day has been celebrated by nations across the globe. Tenable supports and honors the international military community, and today announces the launch of a new...
View Article