Tenable Network Security Podcast Episode 133 - "Detecting Mobile Device Vulnerabilities Using Nessus"

Welcome to the Tenable Network Security Podcast Episode 133

Announcements

New & Notable Plugins

Nessus

Passive Vulnerability Scanner

SecurityCenter Dashboards

SecurityCenter Report Templates

Compliance Checks

Nessus ProfessionalFeed and SecurityCenter customers can download compliance checks from the Tenable Support Portal.

Stories

  1. Hacks that work just by changing the URL ยป Secure Solutions - This would be a good document to send to your developers, making sure they understand the threats associated with the source code presented.
  2. Low Hanging Fruit (Nessus Results) - I believe there are also lessons for the enterprise in this tech tip. It's no secret penetration testers seek out the low-hanging fruit. Enterprises can search for the same conditions, and provided you have a remediation process, easily neutralize vulnerabilities that are easy to exploit.
  3. If Hackers Didn't Exist, Governments Would Have to Invent Them - While the government is quick to point out that "hackers" are a problem, I'm not certain they would go to great lengths to make up stories about them, nor do they have to. I agree, we are sometimes fighting battles against the wrong adversary. However, threats come in many different shapes and sizes, including what is defined here as the "hacker."
  4. 140,000 KPN ADSL customers still using default password - An ISP sets the same default passwords on customer's routers, then leaves it up to the customer to change it. This is the wrong approach.
  5. Nvidia probes breach of hashed passwords - I find it ironic that Nvidia, whose hardware is used to crack passwords, suffered a password breach.
  6. Vivotek Cameras Data Configuration Disclosure - I continue to be amazed that embedded device vulnerabilities are so easy to exploit.




More from the Tenable Blog