Blog da Tenable
Inscrever-seCVE-2021-21972: VMware vCenter Server Remote Code Execution Vulnerability
Know Thy Assets: The First Step in Securing Your Industrial Environment
As operational technology systems are exposed to new cyber risks, security leaders can maximize their defense of critical industrial environments through comprehensive and detailed inventory of...
Introducing Tenable.ep: The First Risk-Based VM Platform as Dynamic as Your Attack Surface
Conquering your cyber risk requires a new approach to vulnerability management. With Tenable.ep, security teams gain a single, flexible license that enhances visibility and eliminates friction, so...
Learn the Language of Vulnerability Assessment: Key Security Terms You Should Know
Your introduction to vulnerability assessment doesn't have to be confusing – let's go over the key terms. When you're new to vulnerability assessment (VA) – or any other area of cybersecurity, for...
Accellion Patches Four Vulnerabilities in File Transfer Appliance (CVE-2021-27101, CVE-2021-27102, CVE-2021-27103, CVE-2021-27104)
Accellion recently released patches addressing four vulnerabilities in its File Transfer Appliance, a tool linked to a growing list of data breaches since December. Update February 22, 2021: The...
Cloud Security: Why You Shouldn’t Ignore Ephemeral Assets
Your scheduled vulnerability scans may not catch short-lived cloud assets, creating opportunities for cybercriminals to exploit security gaps. The elastic nature of cloud environments allows cloud...
Asset Detection with Nessus Scanners: The First Step In Assessing Cyber Risk
Building a precise inventory of existing assets across your attack surface is essential for effective vulnerability management. Here's how the asset detection process in Nessus scanners can help....
NUMBER:JACK: Nine Vulnerabilities Across Multiple Open Source TCP/IP Stacks
Nine new vulnerabilities have been identified across several TCP/IP stacks embedded in millions of OT, IoT and IT devices, spurring continued scrutiny of these already vulnerable asset types....
Microsoft’s February 2021 Patch Tuesday Addresses 56 CVEs (CVE-2021-24074, CVE-2021-24094, CVE-2021-24086)
Despite addressing only 56 CVEs, Microsoft’s February 2021 Patch Tuesday release contains fixes for a number of significant security threats, as well as an elevation of privilege vulnerability...
CVE-2020-1472: Microsoft Finalizes Patch for Zerologon to Enable Enforcement Mode by Default
Zerologon has quickly become valuable to nation-state threat actors and ransomware gangs, making it imperative for organizations to apply these patches immediately if they have not yet done so....
When It Comes to Your Drinking Water, How Safe Is Your Operational Technology?
The recent intrusion of a Florida water-treatment plant highlights the need for strong protection of industrial control systems. Here's what you should consider.
Reducing Blind Spots in Cybersecurity: 3 Ways Machine Learning Can Help
Faced with an expanding attack surface and limited resources, security teams can apply machine learning to prioritize business risks and help predict what attackers will do next.
CVE-2021-21148: Google Chrome Heap Buffer Overflow Vulnerability Exploited in the Wild
Following reports of in-the-wild exploitation, Google released a patch for the third browser-based zero-day vulnerability of 2021. Background On February 4, Google published a stable channel update...