Tenable Network Security Podcast - Episode 19
Welcome to the Tenable Network Security Podcast - Episode 19
Announcements
- A new blog post has been released titled "Microsoft Patch Tuesday - January 2010 - "Aged Cheese" Edition" and covers the latest patches released from Microsoft, in addition to some useful plugins to detect deprecated operating systems. Marcus Ranum also published an article titled, "Afterbytes with Marcus Ranum - Using A Dedicated PC For Online Banking".
- You can provide feedback to this podcast and all of our social media outlets by visiting our discussions forum and adding messages to the "Tenable Social Media" thread. I would love to hear your feedback, questions, comments, and suggestions!
- We're hiring! - Visit the web site for more information about open positions, there are currently 12 open positions listed!
- You can subscribe to the Tenable Network Security Podcast on iTunes!
- Tenable Tweets - You find us on Twitter at http://twitter.com/tenablesecurity where we make various announcements, Nessus plugin statistics, and more!
Interview: Jake Kouns
Jake Kouns is the co-founder and President of the Open Security Foundation which oversees the operations of the Open Source Vulnerability Database (OSVDB) and the Dataloss DB project.. Kouns' primary focus is to provide management oversight and define the strategic direction the project.
Stories
- AT&T Network Flaw With Scary Results - The Mixed Up Sessions - Imagine logging into your favorite social networking site, such as Facebook, and being presented with someone else's page. This happened recently to select AT&T customers who appear to have been victims to the problem cause by some serious networking issues at the provider. This is scary, at least for me, because no matter how careful you are with your data, it could end up in someone else's hands. When you put potentially sensitive information on Facebook, its unlike email which can be PGP encrypted.
- Multiple Media Player Quicktime Memory Corruption - A new unpatched flaw has been revealed in several applications, such as iTunes, that occurs when a specially crafted quicktime file is processed. Details and a proof of concept are available from the exploit database entry.
- New 0-Day Vulnerability in Internet Explorer 6, 7, and 8 - Reports are being made that the exploit for this vulnerability only works reliably on Internet Explorer 6. It has also been reported that this could have been the exploit used by Chinese attackers to compromise Google employees. This exploit will not work on IE version 8 as it enabled DEP by default, which for now, is thwarting successful exploitation.
Related Articles
Tenable Network Security Podcast Episode 198 - "PCI Discussion Featuring Jeffrey Man"
February 13, 2014<p></p>
Cybersecurity Snapshot: Apply Zero Trust to Critical Infrastructure’s OT/ICS, CSA Advises, as Five Eyes Spotlight Tech Startups’ Security
November 1, 2024Should critical infrastructure orgs boost OT/ICS systems’ security with zero trust? Absolutely, the CSA says. Meanwhile, the Five Eyes countries offer cyber advice to tech startups. Plus, a survey finds “shadow AI” weakening data governance. And get the latest on MFA methods, CISO trends and Uncle Sam’s AI strategy.
FY 2024 State and Local Cybersecurity Grant Program Adds CISA KEV as a Performance Measure
October 31, 2024The CISA Known Exploited Vulnerabilities (KEV) catalog and enhanced logging guidelines are among the new measurement tools added for the 2024 State and Local Cybersecurity Grant Program.
Cybersecurity Snapshot: New Guides Offer Best Practices for Preventing Shadow AI and for Deploying Secure Software Updates
October 25, 2024Looking for help with shadow AI? Want to boost your software updates’ safety? New publications offer valuable tips. Plus, learn why GenAI and data security have become top drivers of cyber strategies. And get the latest on the top “no-nos” for software security; the EU’s new cyber law; and CISOs’ communications with boards.
- Podcast