Tenable Network Security Podcast Episode 145 - "Source Code Leaks, Problems with Computer Security"
- We're hiring! - Visit the Tenable website for more information about open positions.
- Check out our video channel on YouTube which contains new Nessus and SecurityCenter 4 tutorials.
- Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make product and company announcements, provide Nessus plugin statistics, and more!
- Want to ask questions about Nessus, SecurityCenter, LCE, and PVS and get answers from the experts at Tenable? Join Tenable's Discussion Forum for custom scripts, announcements, and more!
- You can subscribe to the Tenable Network Security Podcast on iTunes!
New & Notable Plugins
- ZABBIX Web Interface popup_bitem.php itemid Parameter SQL Injection
- Temenos T24 Detection
- ManageEngine OpStor Default Administrator Credentials
- ManageEngine OpStor availability730.do days Parameter XSS
- ManageEngine SupportCenter Plus HomePage.do fromCustomer Parameter XSS
- CoDeSys PLC Runtime Service Detection
- CoDeSys Authentication Bypass Directory Traversal
- CoDeSys Unauthenticated Command-line Access
- Oracle VM VirtualBox 3.x / 4.0.x < 4.0.10 Local Integer Overflows
- Kaspersky Password Manager 5.x < 22.214.171.124 HTML Injection
- Mac OS X : OS X Server < 2.1.1 Multiple Vulnerabilities
- Mac OS X : Safari < 6.0.2 Multiple Vulnerabilities
- Apple iOS < 6.0.1 Multiple Vulnerabilities
- CA ARCserve Backup Multiple Vulnerabilities (CA20121018) (credentialed check)
- Symphony CMS Password Retrieval Script XSS
Passive Vulnerability Scanner
- BigFix Client Patch Update
- Mozilla SeaMonkey 2.13.x < 2.13.2 Multiple Vulnerabilities
- Mozilla Thunderbird 16.x < 16.0.2 Multiple Vulnerabilities
Security News Stories
- Most U.S. Drones Openly Broadcast Secret Video Feeds | Danger Room | Wired.com
- Carnal0wnage & Attack Research Blog: The Biggest Problem in Computer Security
- Microsoft’s security team is killing it: Not one product on Kaspersky’s top 10 vulnerabilities list | The Next Web
- VMWare ESX Source Code Leaked On The Internet
- Sophos products and Tavis Ormandy | Naked Security
- Coca-Cola Was Hacked But Didn’t Tell Shareholders
- 1.7M mobile apps analyzed: Users tracked and put at risk, and it’s unjustified
- Security Headers on the Top 1,000,000 Websites
- Users take their time over Java and Flash updates