Tenable Blog

Drupal is popular, free and open-source content management software. On March 28, the Drupal security team released patches for CVE-2018-7600, an unauthenticated remote code execution vulnerability in Drupal core. The vulnerability affects Drupal versions 6, 7 and 8. Patches have been released for versions 7.x, 8.3.x, 8.4.x and 8.5.x. No patches are expected for version 6 or 8.2.x and below.

Cryptography is like finding and patching system vulnerabilities. Both are a race. In the former, the race is between mathematicians finding efficient, hard-to-reverse computations and opposing mathematicians solving hard numerical problems to defeat them. In the latter, the race is between IT and malicious actors who may find the vulnerabilities first to exploit them. The race in encryption is fueled by the exponential increase in computing power outlined by Moore’s law, constantly driving the algorithms we use toward obsolescence.

A new APT malware attack has been discovered by Kaspersky Lab. The malware named Slingshot, due to a string in one of the hijacked system DLLs, is a sophisticated attack that leads to a nasty rootkit. The final rootkit named Cahnadr takes control of system processes, allowing for monitoring of keystrokes, clipboard, network traffic and more.

On February 10, the Unix-based email server Exim released an update to address a heap buffer overflow vulnerability that can be used by an unauthenticated attacker to remotely execute arbitrary code. The flaw, assigned CVE-2018-6789, is noted to exist in all versions of Exim, prior to their latest release, 4.90.1, which means the attack surface potential is very wide.

The Tenable Python SDK was built to provide Tenable.io™ users with the ability to leverage the Tenable.io API by building their own scripts, programs and modules that can seamlessly interact with their data in the Tenable.io platform.