Tenable
1594 Followers
About Us
Founded:
2002
Company Size:
501-1000 employees
Company Type:
Private
Tenable™, Inc. is the Cyber Exposure company. Over 24,000 organizations of all sizes around the globe rely on Tenable to manage and measure their modern attack surface to accurately understand and reduce cyber risk. As the creator of Nessus®, Tenable built its platform from the ground up to deepl ...
Read more
Promoted Content
Five Steps to Building a Successful Vulnerability Management Program
Upcoming Event
Tenable has no upcoming events
Past Events
Magellan: Remote Code Execution Vulnerability in SQLite Disclosed
<p>Researchers disclosed a remote code execution vulnerability in SQLite affecting Google Chromium-based browsers as well as the Google Home smart speaker.</p>
<h2>Background</h2>
<p>On December 14, researchers from Tencent’s Blade Team published <a href="https://blade.tencent.com/magellan/index_en.html">an advisory regarding their discovery of “Magellan,”</a> a remote code execution vulnerability in SQLite. </p>
<h2>Vulnera ...
Save
Share
Like12/15/2018
Patched Elasticsearch Vulnerabilities Used to Spread Cryptocurrency Miner (CVE-2014-3120, CVE-2015-1
<p>Attackers are actively scanning for vulnerable Elasticsearch systems in order to implant cryptocurrency mining scripts.</p>
<h3>Background</h3>
<p>In recent weeks, attackers have been <a href="https://isc.sans.edu/diary/rss/24364">observed scanning for vulnerabilities in Elasticsearch</a>, a distributed, RESTful search and analytics engine. According to <a href="https://blog.trendmicro.com/trendlabs-security-intelligence/cryptocurren... from Trend ...
SaveShareLike12/13/2018
Securing Medical Records: Exploring US Certification Standards
<p>Tenable Research investigates compliance standards for EHR applications in the US healthcare industry and discusses possible gaps in the coverage of these standards. Real world examples are provided to demonstrate potential security impact.</p>
<p>Politics and legislation aside, it’s no secret that the US healthcare industry is a mess. Hospital networks and small-time medical practices alike are known <a href="https://www.healthcare-informatics.com/news-item/cyb ...
SaveShareLike12/13/2018
Uncovering the Business Costs of Cyber Risk: Ponemon Study
<p>Study finds organizations are not accurately measuring the business costs of cyber risk, and are unable to quantify the damage cyber attacks could have on their businesses, leaving them without the critical information needed to make decisions about resource allocation, technology investments and threat prioritization.</p>
<p>Unlike other business disciplines (CRM, ERP, HR), cybersecurity lacks the kind of clear business metrics which can help executives frame decision-makin ...
SaveShareLike12/12/2018
Adobe Flash Vulnerability Can Lead to Code Execution and Asset Takeover (CVE-2018-15982)
Adobe has issued an out-of-band advisory for CVE-2018-15982. Through the use of a maliciously crafted RAR file, an attacker exploiting this vulnerability can take over the machine of users that run it.
Background
Adobe has released an out-of-band security bulletin. that includes patches for CVE-2018-15982, a critical arbitrary code execution vulnerability in Adobe Flash which has been used to allegedly attack Polyclinic No. 2, which is affiliated with the Presidential Administration of Russia. U ...
SaveShareLike12/06/2018
Kubernetes Privilege Escalation Vulnerability Publicly Disclosed (CVE-2018-1002105)
<p>Patches are available for a critical privilege escalation flaw (CVE-2018-1002105) in the open-source container orchestration system, Kubernetes.</p>
<h2>Background</h2>
<p>On December 3, details about a privilege escalation vulnerability in Kubernetes, the popular open source container orchestration system, <a href="https://github.com/kubernetes/kubernetes/issues/71411">were publicly disclosed by the Kubernetes team</a>. Kubernetes is used to automate ...
SaveShareLike12/04/2018
Kubernetes Privilege Escalation Vulnerability Publicly Disclosed (CVE-2018-1002105)
<p>Patches are available for a critical privilege escalation flaw (CVE-2018-1002105) in the open-source container orchestration system, Kubernetes.</p>
<h2>Background</h2>
<p>On December 3, details about a privilege escalation vulnerability in Kubernetes, the popular open source container orchestration system, <a href="https://github.com/kubernetes/kubernetes/issues/71411">were publicly disclosed by the Kubernetes team</a>. Kubernetes is used to automate ...
SaveShareLike12/04/2018
Tenable Research Advisory: Zoom Unauthorized Command Execution (CVE-2018-15715)
Tenable Researcher David Wells discovered a vulnerability in Zoom’s Desktop Conferencing Application that allows an attacker to hijack screen controls, spoof chat messages or kick and lock attendees out of meetings. Zoom has released updates for macOS and Windows.
What you need to know: Tenable Research has discovered a vulnerability in Zoom’s Desktop Conferencing Application.
What’s the attack vector? Unauthorized command execution via Zoom’s Event messaging pump.
What&r ...
SaveShareLike11/29/2018
What’s in a Name? SecurityCenter Is Now Tenable.sc
<p>On November 7, 2018, Tenable SecurityCenter was renamed Tenable.sc. Read on to learn more about why we did it - and catch up on the latest innovations coming to our Cyber Exposure platform.</p>
<p>Earlier this month, when we announced new <a href="https://www.tenable.com/press-releases/tenable-announces-industry-s-firs... Prioritization capabilities</a> coming to the Tenable Cyber Exposure platform, we decided it was also time to give one of our key products a fresh ...
SaveShareLike11/28/2018
CDM DEFEND: Going Mobile
<p>How the CDM DEFEND plan for adding and securing mobile devices will help government agencies improve visibility and security.</p>
<p>“<a href="https://www.youtube.com/watch?v=ToxymSLzJeM">Going Mobile</a>” was a hit song for the British rock band “The Who” in the early 1970s. Celebrating a transient lifestyle, the song captured the public’s imagination because, at the time, society was generally immobile; people were tied to single t ...
SaveShareLike11/27/2018
Don\'t miss our Introduction to Tenable.IO. Two times tomorrow - 10am GMT for our EMEA audience and 2pm EST for North America. Copy this to your browser: https://www.tenable.com/webinars/introducing-tenable-io-emea? utm_promoter=tenable&utm_source=cybraryit&utm_medium=referral&utm_campaign=cybraryitchannel
SaveShareLikeCybrary On The Go
Get the Cybrary app for Android for online and offline viewing of our lessons.
Support Cybrary
Donate Here to Get This Month's Donor Badge
Cybrary|0P3N
Networking Part 3: Routing Metrics, Tables, Broadcast Domains, SPAN Ports
Views: 10398 / December 5, 2018
Views: 10398 / December 5, 2018
