Clik here to view.
Tenable Cyber Watch: U.S. Advises on Deepfake Threats, Best Practices for...
This week’s edition of Tenable Cyber Watch unpacks preparing for deepfake threats and addresses CISA’s roadmap for open source security. Also covered: tips and best practices for securing AI...
View ArticleClik here to view.
CVE-2023-29357, CVE-2023-24955: Exploit Chain Released for Microsoft...
CVE-2023-29357, CVE-2023-24955: Exploit Chain Released for Microsoft SharePoint Server VulnerabilitiesA proof-of-concept exploit chain has been released for two vulnerabilities in Microsoft SharePoint...
View ArticleClik here to view.
CVE-2023-41064, CVE-2023-4863, CVE-2023-5129: Frequently Asked Questions for...
Frequently asked questions relating to vulnerabilities in Apple, Google and the open source libwebp library.BackgroundThe Tenable Security Response Team has put together this blog to answer frequently...
View ArticleClik here to view.
Empowering Cybersecurity Excellence: IBM and Tenable Collaborate for IT/OT...
IBM and Tenable put IT/OT security on display at IBM's Watson Center in Munich with the QRadar and Tenable OT Security integration — showcasing industrial security, protection and asset management for...
View ArticleClik here to view.
CISA Adds Vulnerabilities Exploitable Via Bluetooth to KEV
Recently, CISA added four vulnerabilities for Owl Labs Meeting Owl devices to its Known Exploited Vulnerabilities (KEV) catalog. These vulnerabilities are exploitable via Bluetooth Low Energy (BLE)....
View ArticleClik here to view.
Cybersecurity Snapshot: CISOs See Budgets Tighten, as Cyberthreats Intensify
After double-digit growth in the past two years, cybersecurity budgets expanded more modestly in 2023. Plus, a survey offers an inside look at how organizations are grappling with cyber challenges. In...
View ArticleClik here to view.
Tenable Cyber Watch: DHS Tracks New Ransomware Trends as Attacks Drive Up...
Curious about the newest ransomware trends detailed in the U.S. Department of Homeland Security’s “Homeland Threat Assessment 2024” report? What’s with the surge in cyber insurance claims and what does...
View ArticleClik here to view.
CVE-2023-40044, CVE-2023-42657: Progress Software Patches Multiple...
Progress Software patches multiple flaws in its WS_FTP Server product, including a pair of critical flaws, one with a maximum CVSS rating of 10BackgroundOn September 27, Progress Software published an...
View ArticleClik here to view.
New U.S. SLCGP Cybersecurity Plan Requirement: Adopt Cybersecurity Best...
This is the second of a two-part series exploring how Tenable One can help state, local, tribal and territorial (SLTT) agencies meet the goals and objectives of the SLCGP.In part one of this series, we...
View ArticleClik here to view.
How to Meet FY 2023 U.S. State and Local Cybersecurity Grant Program Objectives
This is the first of a two-part series exploring how Tenable One can help state, local, tribal and territorial (SLTT) agencies meet the goals and objectives of the SLCGP.In 2021, the U.S....
View ArticleClik here to view.
CVE-2023-22515: Zero-Day Vulnerability in Atlassian Confluence Data Center...
CVE-2023-22515: Zero-Day Vulnerability in Atlassian Confluence Data Center and Server Exploited in the WildA critical zero-day vulnerability in Atlassian Confluence Data Center and Server has been...
View ArticleClik here to view.
MrBeast Scams: Verified Accounts, DeepFakes Used in Impersonations to Promote...
MrBeast, the most popular YouTube creator as of October 2023, has been impersonated in a variety of scams on YouTube and TikTok, including a recent deepfake promoting a fake free iPhone 15...
View ArticleClik here to view.
CVE-2023-38545, CVE-2023-38546: Frequently Asked Questions for New...
CVE-2023-38545, CVE-2023-38546: Frequently Asked Questions for New Vulnerabilities in curlFrequently asked questions relating to two vulnerabilities patched in curl version 8.4.0BackgroundOn October 3,...
View ArticleClik here to view.
Cybersecurity Snapshot: SANS Offers Tips for Maximizing Smaller OT Security...
A SANS Institute survey found that budgets for ICS/OT security have shrunk, and advises on how to do more with less. Plus, hiring managers boost starting salaries to recruit stellar cyber pros. In...
View ArticleClik here to view.
Microsoft’s October 2023 Patch Tuesday Addresses 103 CVEs (CVE-2023-36563,...
Microsoft addresses 103 CVEs including two vulnerabilities that were exploited in the wild.12Critical91Important0Moderate0LowMicrosoft patched 103 CVEs in its October Patch Tuesday release, with 12...
View ArticleClik here to view.
CVE-2023-20198: Zero-Day Vulnerability in Cisco IOS XE Exploited in the Wild
CVE-2023-20198: Zero-Day Vulnerability in Cisco IOS XE Exploited in the WildA maximum severity CVSS 10 zero-day vulnerability in Cisco IOS XE has been exploited in the wild. Organizations should apply...
View ArticleClik here to view.
Unified IT and Web App Security: On-Prem Web App Scanning Integrated into...
On-prem web app scanning is now available within Tenable Security Center, offering comprehensive exposure management with accurate analysis, OWASP Top 10 coverage and easy setup. Here’s what you need...
View ArticleClik here to view.
Tenable Cyber Watch: SANS Advises on Maximizing OT Security Budgets;...
How can you maximize your shrinking OT security budgets? Why is CISA urging tech vendors to do better as a part of their cybersecurity awareness campaign? Looking for an open source tool that will help...
View ArticleClik here to view.
CVE-2023-4966: Citrix NetScaler ADC and NetScaler Gateway Information...
A critical information disclosure vulnerability in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway has been exploited in the wild as a zero-day vulnerability. Organizations...
View ArticleClik here to view.
Oracle October 2023 Critical Patch Update Addresses 176 CVEs
Oracle October 2023 Critical Patch Update Addresses 176 CVEsOracle addresses 176 CVEs in its fourth quarterly update of 2023 with 387 patches, including 46 critical updates.BackgroundOn October 17,...
View Article