Tenable
1590 Followers
About Us
Founded:
2002
Company Size:
501-1000 employees
Company Type:
Private
Tenable™, Inc. is the Cyber Exposure company. Over 24,000 organizations of all sizes around the globe rely on Tenable to manage and measure their modern attack surface to accurately understand and reduce cyber risk. As the creator of Nessus®, Tenable built its platform from the ground up to deepl ...
Read more
Promoted Content
Five Steps to Building a Successful Vulnerability Management Program
Upcoming Event
Tenable has no upcoming events
Past Events
Microsoft’s October 2018 Security Update: There’s More to the Story
A week after Microsoft addressed 49 vulnerabilities in its October 2018 Security Update, new developments have emerged that change the threat profile of some of them.
Background
On Tuesday, October 9, Microsoft released its October 2018 Security Update, also known as Patch Tuesday. This security update contained fixes for 49 vulnerabilities. Since the publication of this security update, new developments have emerged that change the threat profile of some of these vulnerabilities. The most nota ...
Save
Share
Like10/16/2018
Public Exploit Modules Available for Cisco Prime Infrastructure Vulnerability
Users of Cisco Prime Infrastructure Software are urged to update to the latest version to address one of two vulnerabilities that, when chained, could lead to remote code execution with system-level permissions.
Background
Cisco released an advisory for CVE-2018-15379, an arbitrary file upload and command execution vulnerability for its Cisco Prime Infrastructure (CPI) software. The CPI management software is designed to allow businesses to manage their network device configurations all in one p ...
SaveShareLike10/13/2018
Tenable Research Advisory: Multiple HPE iMC Vulnerabilities Could Lead to Remote Code Execution or D
Tenable Research discovered multiple vulnerabilities in the HPE Intelligent Management Center. HPE is currently working to fix the issues and plans to release patches on Nov. 30.
What you need to know: Multiple vulnerabilities were found in HPE iMC, ranging from denial-of-service (DoS) to remote code execution.
What’s the attack vector? Multiple listening ports related to HPE iMC.
What’s the business impact? Potential DoS, information disclosure, and asset takeover.
What’s the ...
SaveShareLike10/12/2018
MikroTik RouterOS Vulnerabilities: There’s More to CVE-2018-14847
In the course of preparing his Derbycon 8.0 presentation on RouterOS vulnerabilities, Tenable Researcher Jacob Baines discovered more to CVE-2018-14847 than originally known. Here’s how it could allow an unauthenticated remote attacker to gain access to the underlying operating system of MikroTik routers.
While preparing for his Oct. 7 Derbycon 8.0 presentation on RouterOS vulnerabilities, Tenable Researcher Jacob Baines discovered more to CVE-2018-14847 than originally known, and the new ...
SaveShareLike10/11/2018
Tenable Research Advisory: Multiple Vulnerabilities Discovered in MikroTik’s RouterOS
Tenable Research has discovered several vulnerabilities in RouterOS, an operating system used in MikroTik routers, the most critical of which would allow attackers to potentially gain full system access.
Tenable Research has discovered several vulnerabilities in RouterOS, an operating system used in MikroTik routers. Jacob Baines, the Tenable researcher who made the discovery, presented the talk "Bug Hunting in RouterOS" at Derbycon on October 7. The vulnerabilities include CVE-2018-1156 -- an ...
SaveShareLike10/07/2018
Tenable Research Advisory: Popular TP-Link Router is Vulnerable to Remote Exploitation
Tenable Research has discovered multiple vulnerabilities in the TP-Link TL-WRN841N, a popular consumer router, one of which could be used by an attacker to remotely take over the device.
What do you need to know? Multiple vulnerabilities in TP-Link's popular TL-WRN841N router were discovered by Tenable Research.
What’s the attack vector? Targeting unauthenticated users of the TL-WRN841N router’s web server.
What’s the business impact? An attacker can obtain full control over t ...
SaveShareLike10/02/2018
Four Cybersecurity Questions Every CISO Should Be Ready to Answer
In part one of our six-part blog series on improving your cybersecurity strategy, we discuss how the industry’s reliance on a hyper-compartmentalized approach is making everyone less secure, and we share the four key questions every CISO should able to answer.
IT infrastructure often grows up with a company. New tools, applications, systems, and user profiles are bolted onto the greater whole as the need for them emerges, usually without being given much strategic consideration. Organizati ...
SaveShareLike09/28/2018
Tenable Research Advisory: Rockwell Automation RSLinx Classic Lite RCE and DoS Vulnerability Discove
Tenable Research has discovered multiple memory corruption issues in Rockwell Automation RSLinx Classic Lite 4.00.01 that may allow for remote code execution or denial of service. Customers are encouraged to update their software.
What do you need to know? Rockwell Automation RSLinx Classic could allow for memory corruption and remote code execution or denial of service.
What’s the attack vector? Common industrial protocol messages over port 44818 to the RSLINX.exe service.
What’s t ...
SaveShareLike09/27/2018
Xbash Malware Targets Windows and Linux with Ransomware and Cryptomining
Newly identified Xbash malware is targeting weak passwords and unpatched vulnerabilities on Linux and Windows systems to launch ransomware or cryptomining attacks.
Background
Unit 42, Palo Alto Network’s research team, recently blogged about a new malicious software (malware) family it’s calling Xbash. This newly identified malware targets Linux and Windows systems that have weak passwords and unpatched vulnerabilities.
On Linux systems, Xbash will identify and delete MySQL, MongoDB ...
SaveShareLike09/20/2018
Nessus at 20: Why It’s More Than a Product to Me
In honor of the 20th anniversary of Nessus this year, we've been asking users around the world to answer the question, "I love Nessus because...." Here, Tenable's VP and Deputy CTO Glen Pendley does just that, sharing his experiences working with Nessus over the past two decades – and tells us how it delivered his first rock-star moment.
Has your life ever been changed by a piece of software? As we celebrate the 20th anniversary of Nessus this year, I've come to realize how much it means t ...
SaveShareLike09/19/2018
Don\'t miss our Introduction to Tenable.IO. Two times tomorrow - 10am GMT for our EMEA audience and 2pm EST for North America. Copy this to your browser: https://www.tenable.com/webinars/introducing-tenable-io-emea? utm_promoter=tenable&utm_source=cybraryit&utm_medium=referral&utm_campaign=cybraryitchannel
SaveShareLikeCybrary On The Go
Get the Cybrary app for Android for online and offline viewing of our lessons.
Support Cybrary
Donate Here to Get This Month's Donor Badge
