Follow Tenable on their other social channels!
About Us
Company Size:
501-1000 employees
Company Type:
Columbia, MD
Tenable™, Inc. is the Cyber Exposure company. Over 24,000 organizations of all sizes around the globe rely on Tenable to manage and measure their modern attack surface to accurately understand and reduce cyber risk. As the creator of Nessus®, Tenable built its platform from the ground up to deepl ...
Read more
Promoted Content
Five Steps to Building a Successful Vulnerability Management Program
Multiple Zero-Days in PremiSys IDenticard Access Control System
Tenable Research discovered multiple zero-day vulnerabilities in the PremiSys access control system developed by IDenticard. As of January 9, IDenticard has not released a patch for these vulnerabilities. Background Tenable Research has discovered four vulnerabilities in the PremiSys access control system from IDenticard. The PremiSys system can be used to manage door controls and access cards, collect detailed facility data and integrate with video monitoring systems. According to Tenableâ ...
Tenable Bolsters Government Affairs Team with New Hire
Jamie Brown joins Tenable as Director of Global Government Affairs. In this newly created role, Jamie will work with government officials worldwide to promote effective cybersecurity policies, which enhance security while enabling continued digital transformation and innovation. Just last year, the Council of Economic Advisers reported that “malicious cyber activity cost the U.S. economy between $57 billion and $109 billion in 2016.” With a record number of new faces sworn into ...
Critical Vulnerability Fixes Available For Juniper Devices
Juniper has addressed multiple critical vulnerabilities in Junos, Junos Space, and JATP devices. Administrators are advised to update to the latest OS version on any affected Juniper device. Background Juniper has released a number of security advisories this week which include critical vulnerabilities across many of its devices. The Juniper Advanced Threat Prevention Appliance (JATP) update removes hardcoded admin credentials, while the Junos updates include patches for remote code executi ...
Adobe Releases Out-of-Band Security Bulletin for Adobe Acrobat and Reader (APSB19-02)
<p>Adobe issued an out-of-band security bulletin which addresses two critical vulnerabilities (CVE-2018-16011, CVE-2018-16018) in Adobe Acrobat and Reader.</p> <h2>Background</h2> <p>On January 3, Adobe released <a href="https://helpx.adobe.com/security/products/acrobat/apsb19-02.html">a security bulletin</a> to address two critical vulnerabilities in Adobe Acrobat and Reader for both Windows and macOS. Adobe published a prenotification for this bulletin ...
Top 5 Cybersecurity Priorities for 2019: Ponemon Study
<p>We asked 2,410 IT and cybersecurity decision-makers in six countries to identify their top cybersecurity and governance priorities for the New Year. Here’s what we learned.</p> <p>What are your top cybersecurity concerns for 2019? Tenable commissioned Ponemon Institute to conduct a survey of 2,410 IT and cybersecurity professionals in six countries to find out.</p> <p>The results are included in our December 2018 report, <a href="https://www.tenable.com/ ...
3 Tips for Identifying Your Organization’s Cyber Exposure Gaps
<p>In part two of our six-part blog series on improving your cybersecurity strategy, we discuss the need for a holistic approach and provide three tips to help you answer the question “where are we exposed?”</p> <p>Piecemeal security efforts often result in overlapping alarms and gaping security holes. Taking a holistic approach to a security strategy is a far more successful way of covering the entirety of your company’s attack surface.</p> <p>In ...
Microsoft Releases Out-of-Band Patch for Internet Explorer Remote Code Execution Vulnerability (CVE-
<p>Clement Lecigne of Google’s Threat Analysis Group has reported exploitation of an Internet Explorer vulnerability, CVE-2018-8653, prompting an out-of-band patch from Microsoft.</p> <h2>Background</h2> <p>On December 19, Microsoft released a critical out-of-band (OOB) patch for a remote code execution (RCE) vulnerability in Internet Explorer (IE). This vulnerability affects all versions of IE including Windows 7, Windows 8.1, Windows 10, Windows Server 2008 ...
Privilege Escalation Flaw Discovered in the Cisco Adaptive Security Appliance
Tenable has discovered a privilege escalation flaw in the Cisco Adaptive Security Appliance that allows low-level users to run higher-level commands when certain configuration settings are set. What you need to know: An authenticated remote unprivileged user can change or download the running configuration or replace the appliance firmware where they shouldn’t. What’s the attack vector? HTTP Requests What’s the business impact? Attackers could read or write files on the system, ...
Magellan: Remote Code Execution Vulnerability in SQLite Disclosed
<p>Researchers disclosed a remote code execution vulnerability in SQLite affecting Google Chromium-based browsers as well as the Google Home smart speaker.</p> <h2>Background</h2> <p>On December 14, researchers from Tencent’s Blade Team published <a href="https://blade.tencent.com/magellan/index_en.html">an advisory regarding their discovery of “Magellan,”</a> a remote code execution vulnerability in SQLite. </p> <h2>Vulnera ...
Patched Elasticsearch Vulnerabilities Used to Spread Cryptocurrency Miner (CVE-2014-3120, CVE-2015-1
<p>Attackers are actively scanning for vulnerable Elasticsearch systems in order to implant cryptocurrency mining scripts.</p> <h3>Background</h3> <p>In recent weeks, attackers have been <a href="https://isc.sans.edu/diary/rss/24364">observed scanning for vulnerabilities in Elasticsearch</a>, a distributed, RESTful search and analytics engine. According to <a href="https://blog.trendmicro.com/trendlabs-security-intelligence/cryptocurren... from Trend ...
Don\'t miss our Introduction to Tenable.IO.  Two times tomorrow - 10am GMT for our EMEA audience and 2pm EST for North America.  Copy this to your browser: https://www.tenable.com/webinars/introducing-tenable-io-emea? utm_promoter=tenable&utm_source=cybraryit&utm_medium=referral&utm_campaign=cybraryitchannel

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play

Support Cybrary

Donate Here to Get This Month's Donor Badge

Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?