Tenable Blog
SubscribeOracle July 2021 Critical Patch Update Addresses 231 CVEs
Focus on the Fundamentals: 6 Steps to Defend Against Ransomware
Ransomware is the monetization of poor cyber hygiene. Here are 6 steps you can take to improve your security defenses. Ransomware attacks have become a boardroom issue for nearly every organization. I...
How to Measure the Efficacy of Your Cybersecurity Program: 5 Questions to Ask
When it comes to measuring the efficacy of your security efforts, understanding how your program stacks up against peers can reveal where key improvements or investments are needed. Proving success i...
You Can't Modernize Critical Infrastructure Without Cybersecurity
Will bipartisan legislation in the U.S. make securing IT and operational technology a priority? U.S. lawmakers have an unprecedented opportunity to vastly improve the cybersecurity posture of the nati...
CVE-2021-35211: SolarWinds Serv-U Managed File Transfer Zero-Day Vulnerability Exploited in Targeted Attacks
Following a patch for a zero-day vulnerability in SolarWinds’ Serv-U Managed File Transfer, researchers share new details about the attacks, as over 8,000 systems remain publicly accessible and potent...
Cut Through the Marketing Hype: Determine Which Vulnerability Assessment Tool Is Right for Your Organization
Not all scanning solutions are created equal… The vulnerability assessment market has changed dramatically over the past several years. A growing number of vendors who once provided scan tools that me...
Microsoft’s July 2021 Patch Tuesday Includes 116 CVEs (CVE-2021-31979, CVE-2021-33771)
Microsoft highlights 116 CVEs including two which were addressed by April patches. 12Critical 103Important 1Moderate 0Low Microsoft patched 116 CVEs in the July 2021 Patch Tuesday release,...
Zero Day Vulnerabilities in Industrial Control Systems Highlight the Challenges of Securing Critical Infrastructure
The disclosure of zero day vulnerabilities in several Schneider Electric industrial control systems highlights the need to revamp cybersecurity practices in operational technology environments. A zer...
Dealing with the Attack Surface Beyond Vulnerabilities
A good understanding of the attack surface is of prime importance in measuring and prioritizing risk. Here's how Tenable's data can allow security professionals to have a more realistic view of their...
CVE-2021-34527: Microsoft Releases Out-of-Band Patch for PrintNightmare Vulnerability in Windows Print Spooler
Microsoft issues an out-of-band patch for critical ‘PrintNightmare’ vulnerability following reports of in-the-wild exploitation and publication of multiple proof-of-concept exploit scripts Update July...
CVE-2021-30116: Multiple Zero-Day Vulnerabilities in Kaseya VSA Exploited to Distribute REvil Ransomware
Zero-day vulnerabilities in popular remote monitoring and management software targeted by threat actors to distribute ransomware to reportedly over one million systems. Update July 22, 2021: Kaseya sa...
From Vulnerability Discovery to Remediation: How Tenable and HCL BigFix Can Help
Reducing the time required to move from vulnerability assessment to remediation is a never ending challenge for most organizations. Here's how the integration between Tenable and HCL BigFix can help y...
CVE-2021-1675: Proof-of-Concept Leaked for Critical Windows Print Spooler Vulnerability
Researchers published and deleted proof-of-concept code for a remote code execution vulnerability in Windows Print Spooler, called PrintNightmare, though the PoC is likely still available. Update July...
