CVE-2018-13379, CVE-2019-5591, CVE-2020-12812: Fortinet Vulnerabilities Targeted by APT Actors
Busting 5 Common Myths About Vulnerability Assessment
Don't let misconceptions stand in your way – get the facts on five common myths about vulnerability assessment. The simple truth of vulnerability assessment is that it's not always an easy task to...
Improving Municipal Cybersecurity: Tenable Supports Security Partnership with the National League of Cities
Recognizing the “perfect storm” created by COVID-19 disruptions, the NLC partnered with trusted security leaders to develop a turnkey solution for cities and local governments. The National League of...
CVE-2021-21975, CVE-2021-21983: Chained Vulnerabilities in VMware vRealize Operations Could Lead to Unauthenticated Remote Code Execution
VMware has addressed a pair of vulnerabilities in vRealize Operations that, when chained together, could result in unauthenticated remote code execution in vulnerable servers. Background On March 30...
Cyber Hygiene: 5 Advanced Tactics to Maximize Your Risk Reduction
In part two of our series on cyber hygiene, we look at why businesses may need to go beyond the basics of vulnerability scanning and antivirus protection to ensure comprehensive security for their...
How to Identify Compromised Microsoft Exchange Server Assets Using Tenable
As organizations continue to respond to a flurry of attacks by HAFNIUM and other threat actors leveraging Proxylogon (CVE-2021-26855) and related vulnerabilities (CVE-2021-26857, CVE-2021-26858, CVE-...
CVE-2021-22986: F5 Patches Several Critical Vulnerabilities in BIG-IP, BIG-IQ
F5 releases patches for multiple vulnerabilities in BIG-IP and BIG-IQ, including a critical remote command execution flaw that does not require authentication and is likely to attract exploits in the...
The Growth of Vulnerability Assessment: A Look at What Nessus Offers Today
The Nessus team continues to develop advanced assessment capabilities, including visibility into new operating systems, exploitable vulnerabilities and container instances. When Renaud Deraison first...
Healthcare Security: Ransomware Plays a Prominent Role in COVID-19 Era Breaches
Ransomware is the root cause in a majority of the healthcare breaches analyzed. As the ongoing COVID-19 pandemic continues to place unprecedented strain on global healthcare infrastructure, attackers...
Microsoft’s March 2021 Patch Tuesday Addresses 82 CVEs (CVE-2021-26411)
In its March release, Microsoft addressed 82 CVEs, including a zero-day vulnerability in Internet Explorer that has been exploited in the wild and linked to a nation-state campaign targeting security...
Finding Proxylogon and Related Microsoft Exchange Vulnerabilities: How Tenable Can Help
We urge organizations to patch Proxylogon (CVE-2021-26855) and related vulnerabilities (CVE-2021-26857, CVE-2021-26858, CVE-2021-27065) in Microsoft Exchange Server and investigate for potential...
Cyber Hygiene Essentials: What You Need to Know
In part one of our series on cyber hygiene, we explore the fundamentals that can help businesses understand where they're vulnerable and how to protect their networks from cyberattacks and breaches....
CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065: Four Zero-Day Vulnerabilities in Microsoft Exchange Server Exploited in the Wild
Four zero-day vulnerabilities in Microsoft Exchange servers have been used in chained attacks in the wild.Update March 8, 2021: The Identifying Affected Systems section has been updated with...