Media room

Steve Vintz, Tenable Co-CEO and CFO, was interviewed on CNBC Worldwide Exchange about Tenable’s most recent earnings results, his outlook for cyber spending in 2025 and how the acquisition of Vulcan Cyber will accelerate Tenable’s dominance in the growing exposure management market. Vintz also comments on how public sector spending may be impacted by DOGE and potential trade wars. 
 

Ninety-one percent of almost 30,000 internet-exposed Microsoft Exchange Server instances impacted by the ProxyLogon flaw leveraged by Chinese state-backed threat operation Salt Typhoon continue to be vulnerable to attacks involving the bug, tracked as CVE-2021-26855, nearly four years after it was patched according to Tenable Research. 

SonicWall released a hotfix for a critical pre-authentication remote code execution vulnerability in Secure Mobile Access 1000 products amidst reports of zero-day exploitation.
 

While information is currently limited, Scott Caveza, staff research engineer at Tenable, told Informa TechTarget that SonicWall's security advisory implies that the vulnerability was potentially exploited in the wild. Tenable cannot confirm the activity, but it is monitoring the situation for further developments, he added.

"Microsoft's Threat Intelligence Center reported the issue to SonicWall, which suggests there have been observations of exploitation," Caveza said in an email. "Despite the uncertainty around exploitation, threat actors have targeted SonicWall devices in the past and several SonicWall vulnerabilities have been featured on the Known Exploited Vulnerabilities (KEV) catalog from the U.S. Cybersecurity & Infrastructure Security Agency (CISA). Patching of impacted SonicWall devices should take priority to ensure this threat is mitigated as soon as possible."

Tenable Once Again Named One of the Top 20 Cloud Security Companies by CRN

"What's unique about Volt Typhoon is the post-exploitation activity," Tenable research engineer Scott Caveza told The Register. It doesn't use custom malware, which can be more easily spotted by antivirus software, but instead uses legitimate software products and credentials to snoop around and avoid detection.

The macOS Sequoia vulnerabilities are the latest to be targeted and exploited by threat actors as cybersecurity vendors report a shift in the landscape.

Satnam Narang, senior staff research engineer at Tenable, told TechTarget Editorial that Apple is known for providing limited technical details in their advisories. However, he highlighted one aspect of Apple's advisory.

"The one interesting aspect about these two zero days is that the advisories called out exploitation specifically for Intel-based Mac systems, which are now considered legacy products for Apple. Apple switched over to their own Apple silicon in late 2020," Narang said. "Typically, zero-day exploitation of vulnerabilities is part of limited, targeted attacks. When you add that these were attributed to researchers at Google's Threat Analysis Group, which are often tasked with investigating targeted attacks, it supports that hypothesis. Until Googles Threat Analysis Group publishes their own research into the attacks, we won’t know more than what's in the advisories."