CVE-2022-42475: Fortinet Patches Zero Day in FortiOS SSL VPNs
December 12, 2022Fortinet has patched a zero day buffer overflow in FortiOS that could lead to remote code execution. There has been a report of active exploitation and organizations should patch urgently.
What Happens When the Metaverse Enters Your Attack Surface?
December 12, 2022Tenable polled 1,500 cybersecurity, IT and DevOps professionals about their top concerns in the nascent virtual reality worlds of the metaverse. Here's what we found out.
Tenable Cyber Watch: Shift Left Challenges, Anti-Ransomware Efforts, Quantum Risks and CISO Anxiety
December 12, 2022Beat the Monday blues with cyber news you can use | Shift-left efforts falling short. The White House’s war on ransomware. Everything you’ve ever wanted to know about CISOs. The quantum computing risk...
Cybersecurity Snapshot: Log4j Anniversary, CI/CD Risks, Infostealers, Email Attacks, OT Security
December 9, 2022Get the latest on the anniversary of the Log4j crisis; OWASP’s top CI/CD risks; a surge of infostealer malware; the fund transfer fraud — business email compromise connection; and more!
Cloud Security: 5 Key Takeaways from the SANS DevSecOps Survey
December 8, 2022A recent SANS Institute report finds that DevSecOps teams are improving their tooling, processes and techniques, but their organizations’ increasingly hybrid and multi-cloud IT environments are getting harder to secure. Check out key highlights from the “SANS 2022 DevSecOps Survey.”
Are You Ready for the Next Log4Shell? Tenable’s CSO and CIO Offer Their Advice
December 6, 2022Tenable CIO Patricia Grant and CSO Robert Huber share insights and best practices to help IT and cybersecurity leaders and their teams weather the next cyber crisis of Log4j proportions.
NETGEAR Router Misconfiguration Opens The Door For Remote Attacks
December 5, 2022Tenable Research has discovered a configuration issue impacting NETGEAR Nighthawk WiFi6 Routers commonly used in small offices and large homes. Organizations need to manually apply firmware updates.
Introducing the Tenable Cyber Watch, Your Weekly Cyber Newscast
December 5, 2022Cybersecurity professionals are inundated with too much information. Separating the signal from the noise is hard. The Tenable Cyber Watch is here to help. Today, Tenable launches Cyber Watch, a we...
Cybersecurity Snapshot: Insights on Log4Shell, the Metaverse, IoT, Pig Butchering, Active Directory
December 2, 2022Get the latest on Log4Shell’s global remediation status; the need for metaverse security rules; a shutdown of “pig butchering” domains; tips for secure IoT products; an informal poll about AD security; and more!
Active Directory Vulnerabilities: How Threat Actors Leverage AD Flaws in Ransomware Attacks
November 30, 2022Adopting a proactive stance will give enterprises the head start to shut down new threats to Active Directory whenever they are uncovered.
GivingTuesday: See How Tenable Employees Are Giving Back in 2022
November 29, 2022Looking for ideas on how to participate in GivingTuesday? We highlight seven nonprofit organizations around the world and share how Tenable employees are giving back.
Cloud Security Basics: Protecting Your Web Applications
November 29, 2022While cloud computing providers such as Amazon Web Services (AWS), Google Cloud Platform (GCP) and Microsoft Azure offer robust and scalable services, securing your cloud environment brings its own unique challenges. You can reduce risk by addressing these eight common cloud security vulnerabilities and misconfigurations.