Tenable Blog

Is MS14-066 the Windows Shellshock?

The latest Patch Tuesday from Microsoft (November 11, 2014) includes fixes for some major vulnerabilities, including remote code execution bugs affecting core Windows components and Internet Explorer.

Old Malware Threats Re-emerge

This week, the industry press is reporting a resurgence of older malware threats with new capabilities. And as usual, the press is making the threats sound like the end of the Internet as we know it. While both threats are serious, there is no need to panic.

Blaming Victims

At a recent conference, I heard a security practitioner blame a couple of users for being dummies who click on everything. He then said, “At a certain point, it's reasonable to blame the user.

Identifying the Weakest Links in Cyber Kill Chains®

In today’s security environment, with highly motivated cyber attackers employing increasingly sophisticated techniques to break through commonly deployed defenses, just one skillful intruder can infiltrate your systems with one carefully crafted attack path to a relat

Black Hat Europe 2014

Black Hat Europe 2014, a premiere conference on information security, convened in Amsterdam this October. The Tenable EMEA team was there in full force, meeting customers and conversing with other security specialists.

Bashing Big Data

Big data is everywhere. So is Bash, a command line interface found on most Linux and Unix machines. New Bash bugs are still being uncovered, with new patches coming out regularly. But hackers in the wild continue to look for and find ways to exploit Bash weaknesses.