Clik here to view.
Hold the Door: Why Organizations Need to Prioritize Patching SSL VPNs
Three critical SSL VPN vulnerabilities have become some of the most exploited by advanced persistent threat actors and ransomware groups.To effectively prioritize remediation efforts, defenders must...
View ArticleClik here to view.
CVE-2021-26084: Atlassian Confluence OGNL Injection Vulnerability Exploited...
Recently disclosed critical flaw in Atlassian Confluence Server is being exploited in the wild by attackers. Organizations should apply patches immediately.BackgroundOn August 25, Atlassian published a...
View ArticleClik here to view.
How to Talk to the Board About Zero Trust
Framing zero trust as a cybersecurity strategy for reducing business risk is a surefire way to get your executive leadership to take notice.It's no secret that CISOs and other cybersecurity leaders...
View ArticleClik here to view.
Security Defined As Code - Why Tenable has entered into an agreement to...
I never cease to be amazed at how infrastructure management continues to evolve over time, to become such a precise engineering discipline. Twenty years ago when I first published Nessus, the computers...
View ArticleClik here to view.
Microsoft’s September 2021 Patch Tuesday Addresses 60 CVEs (CVE-2021-40444)
Microsoft addresses 60 CVEs in its September 2021 Patch Tuesday release, along with patches for a critical vulnerability in its MSHTML (Trident) engine that was first disclosed in an out-of-band...
View ArticleClik here to view.
CVE-2021-38647 (OMIGOD): Critical Flaw Leaves Azure Linux VMs Vulnerable to...
Agents installed by default on Azure Linux virtual machines are vulnerable to a remote code execution flaw that can be exploited with a single request.BackgroundOn September 14, researchers at Wiz...
View ArticleClik here to view.
How to Talk to Your Boss About Zero Trust
A recent Executive Order from the Biden Administration put zero trust architecture in the spotlight. When your top execs come asking about it, here's what you need to know.President Joseph R. Biden's...
View ArticleClik here to view.
Spotlight on Australia: Remote Work is Here to Stay and So are Cyberattacks
Snap lockdowns are making remote work models a permanent feature — and leaving organisations more exposed to risk. Find out how the floodgates for cyberattacks have opened in Australia. As many...
View ArticleClik here to view.
Spotlight on India: A Perimeter-less Workplace Introduces More Risk
India's plans for hybrid work models in the next 12-24 months are outpacing the speed of security in India. Find out where organizations need to place their focus to secure the new world of work.The...
View ArticleClik here to view.
Spotlight on U.K.: Hybrid Work is Here to Stay and Attackers are Taking...
As U.K. organisations plan their long-term hybrid and remote work models, embracing this new world of work opens the door to new and unmanaged cyber risk. Here's what you need to know.Over a year after...
View ArticleClik here to view.
Spotlight on Germany: Hybrid Work Brings New Cyber Risks
As German organizations plan their long-term hybrid and remote work models, embracing this new world of work opens the door to new and unmanaged cyber risk. And attackers are taking advantage. To...
View ArticleClik here to view.
Spotlight on France: The New World of Work Increases Cyber Risk, and...
Where there was reluctance, the pandemic has forced French organizations to embrace hybrid and remote work models and they're not reversing this trend any time soon. Here's what it means for cyber...
View ArticleClik here to view.
Spotlight on the Kingdom of Saudi Arabia: The New World Of Work Introduces...
A new world of work has been adopted by Saudi Arabian organizations, with many planning to make hybrid and remote work models permanent. Here’s how these changes are increasing risk.The transition to...
View ArticleClik here to view.
Spotlight on Mexico: The New World of Work Requires a New Cybersecurity Mindset
Embracing the new world of hybrid and remote work in Mexico has opened the door to new and unmanaged cyber risk. Here's what you need to know.The pandemic completely transformed the way most...
View ArticleClik here to view.
Protecting the Atomized Attack Surface: Cybersecurity in the New World of Work
A new study reveals how moving to a remote workforce model and migrating business-critical functions to the cloud are exposing the vast majority of organizations to increased risk.The next 18 months...
View ArticleClik here to view.
CVE-2021-22005: Critical File Upload Vulnerability in VMware vCenter Server
VMware published an advisory addressing 19 vulnerabilities, including one critical flaw in vCenter Server that is reportedly simple to exploit.BackgroundOn September 21, VMware published a security...
View ArticleClik here to view.
Taking IBM QRadar SIEM One Step Further Using Tenable.ad
If you can't continuously monitor Active Directory, it's impossible to achieve full visibility into your evolving attack surface. Here's how combining Tenable.ad with IBM QRadar can help.It's no secret...
View ArticleClik here to view.
How to Use Tenable.io WAS to Find and Fix Sensitive Information Exposure in...
Researchers identified a configuration issue in Microsoft Power Apps portals that exposed millions of records for nearly 50 organizations. Learn how you can use Tenable.io Web App Scanning to identify...
View ArticleClik here to view.
Web Application Security: 3 Lessons We Learned From Formula 1™ Racing
Web application security is more than a best practice — it's a critical part of your security program. Find out how discovering and testing your web applications can help you gain an edge over...
View ArticleClik here to view.
CVE-2021-41773: Path Traversal Zero-Day in Apache HTTP Server Exploited
The Apache HTTP Server Project patched a path traversal vulnerability introduced less than a month ago that has been exploited in the wild.BackgroundOn October 5, the Apache HTTP Server Project patched...
View Article