Tenable 2022 Threat Landscape Report: Reduce Your Exposure by Tackling Known VulnerabilitiesFebruary 28, 2023
Tenable’s annual analysis of the security and threat landscape offers guidance to help security professionals navigate the expanding attack surface.
You Can't Fix Everything: How to Take a Risk-Informed Approach to Vulnerability RemediationJanuary 17, 2023
Frameworks and standards for prioritizing vulnerability remediation continue to evolve, yet far too many organizations rely solely on CVSS as their de facto metric for exposure management. Here, we discuss other important frameworks and provide guidance on how Tenable can help.
Patch Tuesday’s Impact on Cybersecurity Over the YearsDecember 22, 2022
Dive into the history of Patch Tuesday and learn how it continues to influence the ways security teams manage patches.
What Happens When the Metaverse Enters Your Attack Surface?December 12, 2022
Tenable polled 1,500 cybersecurity, IT and DevOps professionals about their top concerns in the nascent virtual reality worlds of the metaverse. Here's what we found out.
NETGEAR Router Misconfiguration Opens The Door For Remote AttacksDecember 5, 2022
Tenable Research has discovered a configuration issue impacting NETGEAR Nighthawk WiFi6 Routers commonly used in small offices and large homes. Organizations need to manually apply firmware updates.
Cloud Security Basics: Protecting Your Web ApplicationsNovember 29, 2022
While cloud computing providers such as Amazon Web Services (AWS), Google Cloud Platform (GCP) and Microsoft Azure offer robust and scalable services, securing your cloud environment brings its own unique challenges. You can reduce risk by addressing these eight common cloud security vulnerabilities and misconfigurations.
Analyzing the Vulnerabilities Associated with the Top Malware Strains of 2021August 4, 2022
International cybersecurity agencies issue a joint alert outlining the top malware strains of 2021. We identified vulnerabilities associated with these strains.
The Ransomware Ecosystem: In Pursuit of Fame and FortuneJuly 28, 2022
The key players within the ransomware ecosystem, including affiliates and initial access brokers, work together cohesively like a band of musicians, playing their respective parts as they strive for fame and fortune.
Brazen, Unsophisticated and Illogical: Understanding the LAPSUS$ Extortion GroupJuly 20, 2022
Having gained the industry’s attention in the first months of 2022, the LAPSUS$ extortion group has largely gone quiet. What can we learn from this extortion group’s story and tactics?
Securing Critical Infrastructure: What We've Learned from Recent IncidentsJuly 14, 2022
Learn about well-known vulnerabilities and attacks and how they affected critical infrastructure —from Phone Phreaking to recent ransomware.
Understanding the Ransomware Ecosystem: From Screen Lockers to Multimillion-Dollar Criminal EnterpriseJune 22, 2022
Ransomware is a constantly evolving cyberthreat, and it is through its evolution that ransomware has managed to not only survive, but thrive.
Identifying XML External Entity: How Tenable.io Web Application Scanning Can HelpJune 20, 2022
XML External Entity (XXE) flaws present unique mitigation challenges and remain a common attack path. Learn how XXE flaws arise, why some common attack paths are so challenging to mitigate and how Tenable.io Web Application Scanning can help.