Microsoft Azure Synapse PwnalyticsJune 13, 2022
Since March 10, Tenable Research has attempted to work with Microsoft to address two serious flaws in the underlying infrastructure of Azure Synapse Analytics.
So Many CVEs, So Little Time: Zero In and ‘Zero Click’ into the Current Vulnerability LandscapeJune 8, 2022
Among the thousands of vulnerabilities disclosed so far in 2022, we highlight five and explain why they matter.
Twitter Crypto Scams: Bored Ape Yacht Club, Azuki and Other Projects Impersonated to Steal NFTs, Digital CurrenciesMay 26, 2022
Scammers are using verified and unverified accounts to impersonate notable NFT projects like Bored Ape Yacht Club and others, tagging Twitter users to drive them to phishing websites.
Behind the Scenes: How We Picked 2021’s Top Vulnerabilities – and What We Left OutMarch 11, 2022
The 2021 Threat Landscape Retrospective explored the top five vulnerabilities of the year. Learn about other high-impact vulnerabilities that nearly made our list. When putting together the Threat ...
The 2021 Threat Landscape Retrospective: Targeting the Vulnerabilities that Matter MostJanuary 19, 2022
A review of the year in vulnerabilities and breaches, with insights to help guide cybersecurity strategy in 2022 and beyond.
YouTube Shorts: Stolen TikTok Videos Manipulated in Adult Dating, Dubious Products Scams for Views and SubscribersJanuary 12, 2022
As Google's TikTok competitor YouTube Shorts gains viewers, hordes of scammers are quick to follow.
Fake Bitcoin, Ethereum, Dogecoin, Cardano, Ripple and Shiba Inu Giveaways Proliferate on YouTube LiveNovember 23, 2021
Scammers are leveraging compromised YouTube accounts to promote fake cryptocurrency giveaways for Bitcoin, Ethereum, Dogecoin, Cardano, Ripple, Shiba Inu and other cryptocurrencies.
Identifying Server Side Request Forgery: How Tenable.io Web Application Scanning Can HelpNovember 18, 2021
Learn how SSRF flaws arise, why three common attack paths are so challenging to mitigate and how Tenable.io Web Application Scanning can help.
Examining the Treat LandscapeOctober 29, 2021
Are you leaving treats on the table for attackers? Understand the current treat landscape and how to reduce your exposure.
TikTok LIVE Scams: Stolen Live Footage Used to Earn TikTok Gifts, Promote Scams to Make MoneyOctober 22, 2021
Stolen video footage of celebrities, content creators and others is being used by scammers in TikTok LIVE streams to earn TikTok gifts, peddle questionable products and drive users to adult dating websites.
How to Use Tenable.io WAS to Find and Fix Sensitive Information Exposure in Microsoft Power AppsSeptember 30, 2021
Researchers identified a configuration issue in Microsoft Power Apps portals that exposed millions of records for nearly 50 organizations. Learn how you can use Tenable.io Web App Scanning to identify...
Hold the Door: Why Organizations Need to Prioritize Patching SSL VPNsAugust 25, 2021
Three critical SSL VPN vulnerabilities have become some of the most exploited by advanced persistent threat actors and ransomware groups. To effectively prioritize remediation efforts, defenders must...