Clik here to view.
Accellion Patches Four Vulnerabilities in File Transfer Appliance...
Accellion recently released patches addressing four vulnerabilities in its File Transfer Appliance, a tool linked to a growing list of data breaches since December.BackgroundOn January 12, Accellion, a...
View ArticleClik here to view.
Learn the Language of Vulnerability Assessment: Key Security Terms You Should...
Your introduction to vulnerability assessment doesn't have to be confusing – let's go over the key terms.When you're new to vulnerability assessment (VA) – or any other area of cybersecurity, for that...
View ArticleClik here to view.
Introducing Tenable.ep: The First Risk-Based VM Platform as Dynamic as Your...
Conquering your cyber risk requires a new approach to vulnerability management. With Tenable.ep, security teams gain a single, flexible license that enhances visibility and eliminates friction, so you...
View ArticleClik here to view.
Know Thy Assets: The First Step in Securing Your Industrial Environment
As operational technology systems are exposed to new cyber risks, security leaders can maximize their defense of critical industrial environments through comprehensive and detailed inventory of...
View ArticleClik here to view.
CVE-2021-21972: VMware vCenter Server Remote Code Execution Vulnerability
Proof-of-concept exploit scripts for a critical remote code execution flaw, along with mass scanning activity, indicate that organizations should apply vCenter Server patches immediately.BackgroundOn...
View ArticleClik here to view.
Tenable Capture the Flag 2021: The Results Are In!
More than 1,500 teams from nearly 140 countries competed in Tenable's first-ever Capture the Flag competition. And the winners are...That’s a wrap on the first Tenable Capture the Flag event! We’d like...
View ArticleClik here to view.
CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065: Four Zero-Day...
Four zero-day vulnerabilities in Microsoft Exchange servers have been used in chained attacks in the wild.BackgroundOn March 2, Microsoft published out-of-band advisories to address four zero-day...
View ArticleClik here to view.
Cyber Hygiene Essentials: What You Need to Know
In part one of our series on cyber hygiene, we explore the fundamentals that can help businesses understand where they're vulnerable and how to protect their networks from cyberattacks and breaches.No...
View ArticleClik here to view.
Finding Proxylogon and Related Microsoft Exchange Vulnerabilities: How...
We urge organizations to patch Proxylogon (CVE-2021-26855) and related vulnerabilities (CVE-2021-26857, CVE-2021-26858, CVE-2021-27065) in Microsoft Exchange Server and investigate for potential...
View ArticleClik here to view.
Microsoft’s March 2021 Patch Tuesday Addresses 82 CVEs (CVE-2021-26411)
In its March release, Microsoft addressed 82 CVEs, including a zero-day vulnerability in Internet Explorer that has been exploited in the wild and linked to a nation-state campaign targeting security...
View ArticleClik here to view.
Healthcare Security: Ransomware Plays a Prominent Role in COVID-19 Era Breaches
Ransomware is the root cause in a majority of the healthcare breaches analyzed.As the ongoing COVID-19 pandemic continues to place unprecedented strain on global healthcare infrastructure, attackers...
View ArticleClik here to view.
The Growth of Vulnerability Assessment: A Look at What Nessus Offers Today
The Nessus team continues to develop advanced assessment capabilities, including visibility into new operating systems, exploitable vulnerabilities and container instances.When Renaud Deraison first...
View ArticleClik here to view.
CVE-2021-22986: F5 Patches Several Critical Vulnerabilities in BIG-IP, BIG-IQ
F5 releases patches for multiple vulnerabilities in BIG-IP and BIG-IQ, including a critical remote command execution flaw that does not require authentication and is likely to attract exploits in the...
View ArticleClik here to view.
How to Identify Compromised Microsoft Exchange Server Assets Using Tenable
As organizations continue to respond to a flurry of attacks by HAFNIUM and other threat actors leveraging Proxylogon (CVE-2021-26855) and related vulnerabilities (CVE-2021-26857, CVE-2021-26858,...
View ArticleClik here to view.
Cyber Hygiene: 5 Advanced Tactics to Maximize Your Risk Reduction
In part two of our series on cyber hygiene, we look at why businesses may need to go beyond the basics of vulnerability scanning and antivirus protection to ensure comprehensive security for their...
View ArticleClik here to view.
CVE-2021-21975, CVE-2021-21983: Chained Vulnerabilities in VMware vRealize...
VMware has addressed a pair of vulnerabilities in vRealize Operations that, when chained together, could result in unauthenticated remote code execution in vulnerable servers.BackgroundOn March 30,...
View ArticleClik here to view.
Improving Municipal Cybersecurity: Tenable Supports Security Partnership with...
Recognizing the “perfect storm” created by COVID-19 disruptions, the NLC partnered with trusted security leaders to develop a turnkey solution for cities and local governments.The National League of...
View ArticleClik here to view.
Busting 5 Common Myths About Vulnerability Assessment
Don't let misconceptions stand in your way – get the facts on five common myths about vulnerability assessment.The simple truth of vulnerability assessment is that it's not always an easy task to...
View ArticleClik here to view.
CVE-2018-13379, CVE-2019-5591, CVE-2020-12812: Fortinet Vulnerabilities...
Threat actors and ransomware groups are actively targeting three legacy Fortinet vulnerabilities.BackgroundOn April 2, the Federal Bureau of Investigation (FBI) along with the Cybersecurity and...
View ArticleClik here to view.
Microsoft’s April 2021 Patch Tuesday Addresses 108 CVEs (CVE-2021-28310)
Microsoft addresses 108 CVEs, including CVE-2021-28310 — which has reportedly been exploited in the wild — as well as four new remote code execution vulnerabilities in Microsoft...
View Article