Tenable Blog
SubscribeConfiguring The Ports That Nessus Scans
8 Active Directory Best Practices to Minimize Cybersecurity Risk
Follow these best practices to harden your Active Directory security against cyberattacks and stop attack paths. Active Directory (AD) equips businesses using Windows devices to organize IT management...
How to Discover and Continuously Assess Your Entire Attack Surface
To eliminate network blind spots and fully understand your entire attack surface, it's essential to determine which discovery and assessment tools are required for each asset type. If you've been in s...
Microsoft Teams: Vulnerability in Microsoft Power Apps Service Allows Theft of Emails, Files and More
A flaw in Microsoft Power Apps could allow attackers to steal emails, Teams messages and OneDrive files. Background Microsoft recently patched a vulnerability in Microsoft Teams, a business communicat...
How to Protect Active Directory Against Ransomware Attacks
Ransomware attacks every type of organization from every angle and Active Directory remains the common target. Stop privilege escalation by fixing these key AD and group policy misconfigurations. Rans...
Microsoft’s June 2021 Patch Tuesday Addresses 49 CVEs (CVE-2021-31955, CVE-2021-31956 and CVE-2021-33742)
Microsoft addresses 49 CVEs with six having been observed as exploited in the wild 5Critical 44Important 0Moderate 0Low Microsoft patched 49 CVEs in its June 2021 Patch Tuesday release, including five...
The Implications of DHS-TSA Directive Pipeline 2021-1
The Department of Homeland Security has issued key guidance for oil and gas operations in the wake of recent cyberthreats. Here are three practical ways to disrupt attack paths in your OT infrastructu...
CVE-2021-21985: Critical VMware vCenter Server Remote Code Execution
VMware has issued patches for a critical remote code execution vulnerability in vCenter Server. Organizations are strongly encouraged to apply patches as soon as possible. Update June 2: The Identifyi...
Identifying Prototype Pollution Vulnerabilities: How Tenable.io Web Application Scanning Can Help
Prototype pollution vulnerabilities are complex issues which can put your web applications and users at serious risk. Learn how these flaws arise and how Tenable.io Web Application Scanning can help....
The Top 5 Active Directory Misconfigurations Putting Your Organization at Risk
Tenable's Security Response Team examines some of the most common Active Directory misconfigurations targeted by attackers and offers proactive measures to help cyber defenders disrupt attack paths. ...
Elon Musk and SNL: Scammers Steal Over $10 Million in Fake Bitcoin, Ethereum and Dogecoin Crypto Giveaways
In the run up to Elon Musk hosting NBC’s Saturday Night Live and the potential mention of Dogecoin on the show, scammers quickly capitalized on his appearance by promoting fake giveaways on Twitter an...
These Are the Building Blocks of Effective Vulnerability Management
High-performing cybersecurity teams base their actions and investments on actual risk to the business — not theoretical scores or news headlines. If you're like most cybersecurity professionals I tal...
The Path to Zero Trust: Is it Time to Rethink What We're Calling a Vulnerability?
Reconsidering how we define "vulnerability" is more than a thought exercise. It could represent a sea change in how organizations manage risk. For most of us in cybersecurity, the definition of "vulne...
