Tenable Archives - Help Net Security

Tenable

Microsoft fixes two actively exploited bugs, one used by BlackLotus bootkit (CVE-2023-29336, CVE-2023-24932)

May 9, 2023

For May 2023 Patch Tuesday, Microsoft has delivered fixes for 38 CVE-numbered vulnerabilities, including a patch for a Windows bug (CVE-2023-29336) and a Secure Boot bypass …

Cybersecurity leaders introduced open-source information sharing to help OT community

April 26, 2023

A group of OT cybersecurity leaders and critical infrastructure defenders introduced their plans for ETHOS (Emerging THreat Open Sharing), an open-source, vendor-agnostic …

Microsoft patches zero-day exploited by attackers (CVE-2023-28252)

April 11, 2023

It’s April 2023 Patch Tuesday, and Microsoft has released fixes for 97 CVE-numbered vulnerabilities, including one actively exploited zero-day (CVE-2023-28252). About …

3CX customers targeted via trojanized desktop app

March 30, 2023

Suspected state-sponsored threat actors have trojanized the official Windows desktop app of the widely used 3CX softphone solution, a number of cybersecurity companies began …

Microsoft patches zero-days used by state-sponsored and ransomware threat actors (CVE-2023-23397, CVE-2023-24880)

March 14, 2023

It’s March 2023 Patch Tuesday, and Microsoft has delivered fixes for 76 CVE-numbered vulnerabilities, including two actively exploited in the wild (CVE-2023-23397, …

Vulnerabilities of years past haunt organizations, aid attackers

March 3, 2023

Known vulnerabilities – those for which patches have already been made available – are the primary vehicle for cyberattacks, according to Tenable. The Tenable report …

Video walkthrough: Cybertech Tel Aviv 2023

February 1, 2023

Help Net Security is in Israel this week for Cybertech Tel Aviv 2023, talking to the key players from the cybersecurity industry and businesses from a wide range of sectors, …

Microsoft plugs actively exploited zero-day hole (CVE-2023-21674)

January 10, 2023

To mark the January 2023 Patch Tuesday, Microsoft has released patches for 98 CVE-numbered vulnerabilities, including one exploited in the wild (CVE-2023-21674) and one …

A year later, Log4Shell still lingers

December 1, 2022

72% of organizations remain vulnerable to the Log4Shell vulnerability as of October 1, 2022, Tenable‘s latest telemetry study has revealed, based on data collected from …

Microsoft fixes many zero-days under attack

November 8, 2022

November 2022 Patch Tuesday is here, with fixes for many vulnerabilities actively exploited in the wild, including CVE-2022-41091, a Windows Mark of the Web bypass flaw, and …

Adaptive Shield and Tenable joint solution helps organizations protect their SaaS stack

September 15, 2022

Adaptive Shield has joined forces with Tenable, to provide a consolidated posture management solution that correlates the risk of SaaS users and their endpoints. While SaaS …

Microsoft fixes exploited zero-day in the Windows CLFS Driver (CVE-2022-37969)

September 13, 2022

September 2022 Patch Tuesday is here, with fixes for 64 CVE-numbered vulnerabilities in various Microsoft products, including one zero-day (CVE-2022-37969) exploited by …

Tenable

Microsoft fixes two actively exploited bugs, one used by BlackLotus bootkit (CVE-2023-29336, CVE-2023-24932)

Cybersecurity leaders introduced open-source information sharing to help OT community

Microsoft patches zero-day exploited by attackers (CVE-2023-28252)

3CX customers targeted via trojanized desktop app

Microsoft patches zero-days used by state-sponsored and ransomware threat actors (CVE-2023-23397, CVE-2023-24880)

Vulnerabilities of years past haunt organizations, aid attackers

Video walkthrough: Cybertech Tel Aviv 2023

Microsoft plugs actively exploited zero-day hole (CVE-2023-21674)

A year later, Log4Shell still lingers

Microsoft fixes many zero-days under attack

Adaptive Shield and Tenable joint solution helps organizations protect their SaaS stack

Microsoft fixes exploited zero-day in the Windows CLFS Driver (CVE-2022-37969)

Don't miss

Google triples reward for Chrome full chain exploits

MOVEit Transfer zero-day attacks: The latest info

Qakbot: The trojan that just won’t go away

How defense contractors can move from cybersecurity to cyber resilience

Introducing the book: Cybersecurity First Principles