Zero Day Vulnerabilities in Industrial Control Systems Highlight the Challenges of Securing Critical Infrastructure
The disclosure of zero day vulnerabilities in several Schneider Electric industrial control systems highlights the need to revamp cybersecurity practices in operational technology environments....
Dealing with the Attack Surface Beyond Vulnerabilities
A good understanding of the attack surface is of prime importance in measuring and prioritizing risk. Here's how Tenable's data can allow security professionals to have a more realistic view of their...
CVE-2021-34527: Microsoft Releases Out-of-Band Patch for PrintNightmare Vulnerability in Windows Print Spooler
Microsoft issues an out-of-band patch for critical ‘PrintNightmare’ vulnerability following reports of in-the-wild exploitation and publication of multiple proof-of-concept exploit scripts Update...
CVE-2021-30116: Multiple Zero-Day Vulnerabilities in Kaseya VSA Exploited to Distribute REvil Ransomware
Zero-day vulnerabilities in popular remote monitoring and management software targeted by threat actors to distribute ransomware to reportedly over one million systems. Update July 22, 2021: Kaseya...
From Vulnerability Discovery to Remediation: How Tenable and HCL BigFix Can Help
Reducing the time required to move from vulnerability assessment to remediation is a never ending challenge for most organizations. Here's how the integration between Tenable and HCL BigFix can help...
CVE-2021-1675: Proof-of-Concept Leaked for Critical Windows Print Spooler Vulnerability
Researchers published and deleted proof-of-concept code for a remote code execution vulnerability in Windows Print Spooler, called PrintNightmare, though the PoC is likely still available. Update...
Find Your Fit on Team Tenable
Engineering, human resources, product management and billing: Here's how four employees with a wide range of skills are making their mark in cybersecurity. At Tenable, we're united in a common...
CVE-2020-3580: Proof of Concept Published for Cisco ASA Flaw Patched in October
Researchers at Positive Technologies have published a proof-of-concept exploit for CVE-2020-3580. There are reports of researchers pursuing bug bounties using this exploit. Update June 28: The...
Elon Musk and YouTube Advertising Scams: Fake SpaceX “Coin” Promoted in Ads During Cryptocurrency Videos
Scammers are on pace to steal nearly $1 million USD from unsuspecting users through a popular decentralized finance protocol, Uniswap, by abusing YouTube to promote a fake SpaceX coin as part of ads...
CVE-2021-20019: SonicWall Fixes Incomplete Patch for CVE-2020-5135
SonicWall issues a new advisory and CVE identifier to address an incomplete fix for CVE-2020-5135. Background On June 22, SonicWall published an advisory (SNWLID-2021-0006) to address an incomplete...
Configuring The Ports That Nessus Scans
When only select ports require scanning, use these easy steps to define them When assessing targets with a network scanner like Nessus, a common question is "How do I control the ports that Nessus...
8 Active Directory Best Practices to Minimize Cybersecurity Risk
Follow these best practices to harden your Active Directory security against cyberattacks and stop attack paths. Active Directory (AD) equips businesses using Windows devices to organize IT...
Pages
Stay Informed
By subscribing, Tenable may send you email communications regarding its products and services. You may opt out of receiving these communications at any time by using the unsubscribe link located in the footer of the emails delivered to you. You can also manage your Tenable email preferences by visiting the Subscription Management Page.
Tenable will only process your personal data in accordance with its Privacy Policy.