Tenable
1612 Followers
About Us
Founded:
2002
Company Size:
501-1000 employees
Company Type:
Private
Tenable™, Inc. is the Cyber Exposure company. Over 24,000 organizations of all sizes around the globe rely on Tenable to manage and measure their modern attack surface to accurately understand and reduce cyber risk. As the creator of Nessus®, Tenable built its platform from the ground up to deepl ...
Read more
Promoted Content
Five Steps to Building a Successful Vulnerability Management Program
Upcoming Event
Tenable has no upcoming events
Past Events
Multiple Zero-Days in PremiSys IDenticard Access Control System
Tenable Research discovered multiple zero-day vulnerabilities in the PremiSys access control system developed by IDenticard. As of January 9, IDenticard has not released a patch for these vulnerabilities.
Background
Tenable Research has discovered four vulnerabilities in the PremiSys access control system from IDenticard. The PremiSys system can be used to manage door controls and access cards, collect detailed facility data and integrate with video monitoring systems.
According to Tenableâ ...
Save
Share
Like01/14/2019
Tenable Bolsters Government Affairs Team with New Hire
Jamie Brown joins Tenable as Director of Global Government Affairs. In this newly created role, Jamie will work with government officials worldwide to promote effective cybersecurity policies, which enhance security while enabling continued digital transformation and innovation.
Just last year, the Council of Economic Advisers reported that “malicious cyber activity cost the U.S. economy between $57 billion and $109 billion in 2016.” With a record number of new faces sworn into ...
SaveShareLike01/11/2019
Critical Vulnerability Fixes Available For Juniper Devices
Juniper has addressed multiple critical vulnerabilities in Junos, Junos Space, and JATP devices. Administrators are advised to update to the latest OS version on any affected Juniper device.
Background
Juniper has released a number of security advisories this week which include critical vulnerabilities across many of its devices. The Juniper Advanced Threat Prevention Appliance (JATP) update removes hardcoded admin credentials, while the Junos updates include patches for remote code executi ...
SaveShareLike01/11/2019
Adobe Releases Out-of-Band Security Bulletin for Adobe Acrobat and Reader (APSB19-02)
<p>Adobe issued an out-of-band security bulletin which addresses two critical vulnerabilities (CVE-2018-16011, CVE-2018-16018) in Adobe Acrobat and Reader.</p>
<h2>Background</h2>
<p>On January 3, Adobe released <a href="https://helpx.adobe.com/security/products/acrobat/apsb19-02.html">a security bulletin</a> to address two critical vulnerabilities in Adobe Acrobat and Reader for both Windows and macOS. Adobe published a prenotification for this bulletin ...
SaveShareLike01/04/2019
Top 5 Cybersecurity Priorities for 2019: Ponemon Study
<p>We asked 2,410 IT and cybersecurity decision-makers in six countries to identify their top cybersecurity and governance priorities for the New Year. Here’s what we learned.</p>
<p>What are your top cybersecurity concerns for 2019? Tenable commissioned Ponemon Institute to conduct a survey of 2,410 IT and cybersecurity professionals in six countries to find out.</p>
<p>The results are included in our December 2018 report, <a href="https://www.tenable.com/ ...
SaveShareLike12/28/2018
3 Tips for Identifying Your Organization’s Cyber Exposure Gaps
<p>In part two of our six-part blog series on improving your cybersecurity strategy, we discuss the need for a holistic approach and provide three tips to help you answer the question “where are we exposed?”</p>
<p>Piecemeal security efforts often result in overlapping alarms and gaping security holes. Taking a holistic approach to a security strategy is a far more successful way of covering the entirety of your company’s attack surface.</p>
<p>In ...
SaveShareLike12/20/2018
Microsoft Releases Out-of-Band Patch for Internet Explorer Remote Code Execution Vulnerability (CVE-
<p>Clement Lecigne of Google’s Threat Analysis Group has reported exploitation of an Internet Explorer vulnerability, CVE-2018-8653, prompting an out-of-band patch from Microsoft.</p>
<h2>Background</h2>
<p>On December 19, Microsoft released a critical out-of-band (OOB) patch for a remote code execution (RCE) vulnerability in Internet Explorer (IE). This vulnerability affects all versions of IE including Windows 7, Windows 8.1, Windows 10, Windows Server 2008 ...
SaveShareLike12/20/2018
Privilege Escalation Flaw Discovered in the Cisco Adaptive Security Appliance
Tenable has discovered a privilege escalation flaw in the Cisco Adaptive Security Appliance that allows low-level users to run higher-level commands when certain configuration settings are set.
What you need to know: An authenticated remote unprivileged user can change or download the running configuration or replace the appliance firmware where they shouldn’t.
What’s the attack vector? HTTP Requests
What’s the business impact? Attackers could read or write files on the system, ...
SaveShareLike12/19/2018
Magellan: Remote Code Execution Vulnerability in SQLite Disclosed
<p>Researchers disclosed a remote code execution vulnerability in SQLite affecting Google Chromium-based browsers as well as the Google Home smart speaker.</p>
<h2>Background</h2>
<p>On December 14, researchers from Tencent’s Blade Team published <a href="https://blade.tencent.com/magellan/index_en.html">an advisory regarding their discovery of “Magellan,”</a> a remote code execution vulnerability in SQLite. </p>
<h2>Vulnera ...
SaveShareLike12/15/2018
Patched Elasticsearch Vulnerabilities Used to Spread Cryptocurrency Miner (CVE-2014-3120, CVE-2015-1
<p>Attackers are actively scanning for vulnerable Elasticsearch systems in order to implant cryptocurrency mining scripts.</p>
<h3>Background</h3>
<p>In recent weeks, attackers have been <a href="https://isc.sans.edu/diary/rss/24364">observed scanning for vulnerabilities in Elasticsearch</a>, a distributed, RESTful search and analytics engine. According to <a href="https://blog.trendmicro.com/trendlabs-security-intelligence/cryptocurren... from Trend ...
SaveShareLike12/13/2018
Don\'t miss our Introduction to Tenable.IO. Two times tomorrow - 10am GMT for our EMEA audience and 2pm EST for North America. Copy this to your browser: https://www.tenable.com/webinars/introducing-tenable-io-emea? utm_promoter=tenable&utm_source=cybraryit&utm_medium=referral&utm_campaign=cybraryitchannel
SaveShareLike
