Tenable Blog

CVE-2020-3566, CVE-2020-3569: Zero-Day Vulnerabilities in Cisco IOS XR Software Targeted in the Wild

by Rody Quinlan on September 1, 2020

Cisco warns of two zero-day denial-of-service vulnerabilities in its IOS XR Software actively exploited in the wild.

Update September 29, 2020: The Solutions section has been updated with details regarding patches that were released by Cisco.

CVE-2020-5776, CVE-2020-5777: Multiple Vulnerabilities in the MAGMI Magento Mass Import Plugin

by Tenable Security Response Team on September 1, 2020

Tenable Research discovers multiple vulnerabilities in the MAGMI Magento plugin that could lead to remote code execution on a vulnerable Magento site.

4 Best Practices for Credentialed Scanning with Nessus

by Team Tenable on August 28, 2020

Observing these best practices for credentialed scanning will help you paint the clearest picture of your network's potential vulnerabilities.

Vulnerability scanning represents one of the most important tools for a modern organization to include in its information security arsenal. But as is true of many cybersecurity practices, it has its variations, chief among them being credentialed and non-credentialed scanning.

The Overlooked Key to CISO Success: Maximizing Effective Security Partnerships

by Kimberly Connor on August 20, 2020

As CISOs seek to consolidate vendors and reduce costs, building effective relationships with key security vendors can be the foundation for security program success.

Why Cybersecurity Leaders Struggle to Answer the Question ‘How Secure Are We?’

by Robert Huber on August 19, 2020

Independent business risk study shows cybersecurity is seldom fully integrated into business strategy – and it needs to be.

How to Achieve 20/20 Visibility in Your OT Security

by Michael Rothschild on August 18, 2020

With IT assets comprising 20-50% of modern industrial environments, OT security leaders need technology that can deliver visibility across the converged IT/OT attack surface.

CVE-2019-0230: Apache Struts Potential Remote Code Execution Vulnerability

by Tenable Security Response Team on August 14, 2020

Apache published two security bulletins to address a potential remote code execution vulnerability and a denial of service vulnerability. Public proof of concept code is available.

Background

On August 13, Apache published security bulletins to address two vulnerabilities in Apache Struts version 2. Apache Struts is an open source model-view-controller (MVC) framework used to create Java web applications.

Microsoft’s August 2020 Patch Tuesday Addresses 120 CVEs (CVE-2020-1337)

by Tenable Security Response Team on August 11, 2020

Microsoft patched 120 CVEs in August, marking the sixth month in a row of addressing over 100 CVEs

CVE-2020-17496: Zero-Day Remote Code Execution Vulnerability in vBulletin Disclosed

by Satnam Narang on August 10, 2020

Researcher identifies a zero-day vulnerability that bypasses a fix for CVE-2019-16759, a previously disclosed remote code execution vulnerability in vBulletin. Attacks have already been observed in the wild.

Update August 17, 2020: The Title, Analysis and Identifying Affected Systems sections were updated to include reference to the assigned CVE identifier, CVE-2020-17496.

Aligning Cybersecurity and Business: Nobody Said It Was Easy

by Robert Huber on August 5, 2020

The bad news? There's a disconnect between business and cybersecurity. The good news? Aligning them can make all the difference.

If you’ve served as a CISO, CSO or other cybersecurity leader for any length of time, you’ve likely had a CEO, board member or other senior executive ask you “how secure are we?” on a fairly frequent basis. And you also know answering that question is not as easy as it might seem.

Tenable One Exposure Management Platform

Platform categories

Platform capabilities

Cloud Exposure

Vulnerability Exposure

OT/IoT Exposure

Identity Exposure

Business needs

Industries

Compliance

Public Sector

The Tenable difference

Compare Tenable to:

Resources

Research

Tenable Assure partners

Other partner opportunities

Support

Services

Tenable Trust

About us

Media

Connect

Join us

Tenable Blog

CVE-2020-3566, CVE-2020-3569: Zero-Day Vulnerabilities in Cisco IOS XR Software Targeted in the Wild

CVE-2020-5776, CVE-2020-5777: Multiple Vulnerabilities in the MAGMI Magento Mass Import Plugin

4 Best Practices for Credentialed Scanning with Nessus

The Overlooked Key to CISO Success: Maximizing Effective Security Partnerships

Why Cybersecurity Leaders Struggle to Answer the Question ‘How Secure Are We?’

How to Achieve 20/20 Visibility in Your OT Security

CVE-2019-0230: Apache Struts Potential Remote Code Execution Vulnerability

Background

Microsoft’s August 2020 Patch Tuesday Addresses 120 CVEs (CVE-2020-1337)

CVE-2020-17496: Zero-Day Remote Code Execution Vulnerability in vBulletin Disclosed

Aligning Cybersecurity and Business: Nobody Said It Was Easy

Tenable Blog

Background

Tenable Vulnerability Management

Tenable Vulnerability Management

Thank You

Tenable Vulnerability Management

Tenable Vulnerability Management

Thank you

Tenable Vulnerability Management

Tenable Vulnerability Management

Thank you

Try Tenable Web App Scanning

Buy Tenable Web App Scanning

Thank you

Request a demo of Tenable Security Center

Request a demo of Tenable OT Security

Request a demo

Request a demo of Tenable Cloud Security

See Tenable One in action

See Tenable Attack Surface Management in action

Get a demo of Tenable Enclave Security

Thank You

Try Tenable Nessus Professional free

NEW - Tenable Nessus Expert now available

Buy Tenable Nessus Professional

Try Tenable Nessus Expert free

Buy Tenable Nessus Expert

Learn How Tenable Helps Achieve SLCGP Cybersecurity Plan Requirements

Get a demo of Tenable Patch Management

See
Tenable One
in action

NEW - Tenable Nessus Expert
now available