Tenable
Follow
1590 Followers
Follow Tenable on their other social channels!
About Us
Founded:
2002
Company Size:
501-1000 employees
Company Type:
Private
Location:
Columbia, MD
Website:
Tenable™, Inc. is the Cyber Exposure company. Over 24,000 organizations of all sizes around the globe rely on Tenable to manage and measure their modern attack surface to accurately understand and reduce cyber risk. As the creator of Nessus®, Tenable built its platform from the ground up to deepl ...
Read more
Promoted Content
Five Steps to Building a Successful Vulnerability Management Program
Follow
Microsoft’s October 2018 Security Update: There’s More to the Story
A week after Microsoft addressed 49 vulnerabilities in its October 2018 Security Update, new developments have emerged that change the threat profile of some of them. Background On Tuesday, October 9, Microsoft released its October 2018 Security Update, also known as Patch Tuesday. This security update contained fixes for 49 vulnerabilities. Since the publication of this security update, new developments have emerged that change the threat profile of some of these vulnerabilities. The most nota ...
Follow
Public Exploit Modules Available for Cisco Prime Infrastructure Vulnerability
Users of Cisco Prime Infrastructure Software are urged to update to the latest version to address one of two vulnerabilities that, when chained, could lead to remote code execution with system-level permissions. Background Cisco released an advisory for CVE-2018-15379, an arbitrary file upload and command execution vulnerability for its Cisco Prime Infrastructure (CPI) software. The CPI management software is designed to allow businesses to manage their network device configurations all in one p ...
Follow
Tenable Research Advisory: Multiple HPE iMC Vulnerabilities Could Lead to Remote Code Execution or D
Tenable Research discovered multiple vulnerabilities in the HPE Intelligent Management Center. HPE is currently working to fix the issues and plans to release patches on Nov. 30. What you need to know: Multiple vulnerabilities were found in HPE iMC, ranging from denial-of-service (DoS) to remote code execution. What’s the attack vector? Multiple listening ports related to HPE iMC. What’s the business impact? Potential DoS, information disclosure, and asset takeover. What’s the ...
Follow
MikroTik RouterOS Vulnerabilities: There’s More to CVE-2018-14847
In the course of preparing his Derbycon 8.0 presentation on RouterOS vulnerabilities, Tenable Researcher Jacob Baines discovered more to CVE-2018-14847 than originally known. Here’s how it could allow an unauthenticated remote attacker to gain access to the underlying operating system of MikroTik routers. While preparing for his Oct. 7 Derbycon 8.0 presentation on RouterOS vulnerabilities, Tenable Researcher Jacob Baines discovered more to CVE-2018-14847 than originally known, and the new ...
Follow
Tenable Research Advisory: Multiple Vulnerabilities Discovered in MikroTik’s RouterOS
Tenable Research has discovered several vulnerabilities in RouterOS, an operating system used in MikroTik routers, the most critical of which would allow attackers to potentially gain full system access. Tenable Research has discovered several vulnerabilities in RouterOS, an operating system used in MikroTik routers. Jacob Baines, the Tenable researcher who made the discovery, presented the talk "Bug Hunting in RouterOS" at Derbycon on October 7. The vulnerabilities include CVE-2018-1156 -- an ...
Follow
Tenable Research Advisory: Popular TP-Link Router is Vulnerable to Remote Exploitation
Tenable Research has discovered multiple vulnerabilities in the TP-Link TL-WRN841N, a popular consumer router, one of which could be used by an attacker to remotely take over the device. What do you need to know? Multiple vulnerabilities in TP-Link's popular TL-WRN841N router were discovered by Tenable Research. What’s the attack vector? Targeting unauthenticated users of the TL-WRN841N router’s web server. What’s the business impact? An attacker can obtain full control over t ...
Follow
Four Cybersecurity Questions Every CISO Should Be Ready to Answer
In part one of our six-part blog series on improving your cybersecurity strategy, we discuss how the industry’s reliance on a hyper-compartmentalized approach is making everyone less secure, and we share the four key questions every CISO should able to answer. IT infrastructure often grows up with a company. New tools, applications, systems, and user profiles are bolted onto the greater whole as the need for them emerges, usually without being given much strategic consideration. Organizati ...
Follow
Tenable Research Advisory: Rockwell Automation RSLinx Classic Lite RCE and DoS Vulnerability Discove
Tenable Research has discovered multiple memory corruption issues in Rockwell Automation RSLinx Classic Lite 4.00.01 that may allow for remote code execution or denial of service. Customers are encouraged to update their software. What do you need to know? Rockwell Automation RSLinx Classic could allow for memory corruption and remote code execution or denial of service. What’s the attack vector? Common industrial protocol messages over port 44818 to the RSLINX.exe service. What’s t ...
Follow
Xbash Malware Targets Windows and Linux with Ransomware and Cryptomining
Newly identified Xbash malware is targeting weak passwords and unpatched vulnerabilities on Linux and Windows systems to launch ransomware or cryptomining attacks. Background Unit 42, Palo Alto Network’s research team, recently blogged about a new malicious software (malware) family it’s calling Xbash. This newly identified malware targets Linux and Windows systems that have weak passwords and unpatched vulnerabilities. On Linux systems, Xbash will identify and delete MySQL, MongoDB ...
Follow
Nessus at 20: Why It’s More Than a Product to Me
In honor of the 20th anniversary of Nessus this year, we've been asking users around the world to answer the question, "I love Nessus because...." Here, Tenable's VP and Deputy CTO Glen Pendley does just that, sharing his experiences working with Nessus over the past two decades – and tells us how it delivered his first rock-star moment. Has your life ever been changed by a piece of software? As we celebrate the 20th anniversary of Nessus this year, I've come to realize how much it means t ...
Follow
Don\'t miss our Introduction to Tenable.IO.  Two times tomorrow - 10am GMT for our EMEA audience and 2pm EST for North America.  Copy this to your browser: https://www.tenable.com/webinars/introducing-tenable-io-emea? utm_promoter=tenable&utm_source=cybraryit&utm_medium=referral&utm_campaign=cybraryitchannel

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel