Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Blog

Subscribe

Tenable Network Security Podcast - Episode 73

Welcome to the Tenable Network Security Podcast - Episode 73

Hosts: Paul Asadoorian, Product Evangelist, Carlos Perez, Lead Vulnerability Researcher and Ron Gula, Tenable CEO/CTO

Announcements

Stories

  • Outbound SSH Traffic from HP Blade Servers - In this case it appears to be a bug, but what if it wasn't? I believe we need to keep close tabs on network connections in our environment. I'm a huge fan of Netflow analysis, largely because if you are attacking anything on the network, you need to make a connection. It's a difficult thing to get around (provided you do not have physical access to a medium that is not being monitored, such as 3G or some other wireless protocol). Also, it raises a scary situation where devices are pre-owned, meaning that during the manufacturing process attackers placed backdoors on the systems. Network monitoring can help identify these channels. For example, you should be able to spot your networking gear's management interfaces attempting to make connections out to the Internet.

  • Microsoft Internet Explorer Lets Remote Users Spoof the Address Bar - Quite a few years ago I was researching this type of vulnerability. It largely goes unnoticed, as we tend to pay attention to remote exploits, XSS and SQL injection. However, tricking the end-user can be very profitable (in more ways than one) by attackers. Presenting a web site that appears to go to a site that would be trusted by the user, such as Google, is a very powerful feature. The research I was doing pointed out several different flaws in popular browsers that allowed attackers to spoof the address and status bars. The vulnerability referenced here, according to the article, does not have a patch.

  • pwn2own Competition Will Be Harder Due to Patch Release for WebKit - The "pwn2own" competition always brings out some fun vulnerabilities and exploits. On one hand though, it does influence some people to find vulnerabilities, hold on to them (i.e. not tell the vendor), and then release them at CanSecWest. However, that is a showcasing of skills to find and maintain a vulnerability for a long period of time, and shows that vendors aren't doing the best job they can in finding flaws in their own software. Apple's WebKit, the browser engine that powers Safari and iTunes, typically falls victim during the contest, and likely will again even though they've patched.

  • Every Windows Security Event Log Documented - It's one thing to collect logs, but it's another to know what they actually mean. This post will help you better understand your Windows event logs using old-fashioned documentation. Let's get back to basics and start reading, and understand what our systems are doing rather than relying on magic or spiritual rituals.

  • Facebook Scam! BTW, follow us on Facebook - The whole Facebook thing is really funny. Facebook just keeps growing, and as it grows it breeds all new scams. This scam tries to lure you in by promising a video of a man who took a picture of his face every day for 8 years. Sounds interesting, but really just delivers you some malicious JavaScript. Oh, you can follow us on Facebook too, if you dare! Despite the dangers, people will still use Facebook! It happens at least a few times a month: one of my friends or family members sends out the message "please don't click any links from me, I got a virus". You can tell people, "don't use it", but chances are no one will listen, including your employees. I encourage all of us to use Facebook, and help come up with usable and creative ways of using it safely.

Related Articles

Cybersecurity News You Can Use

Enter your email and never miss timely alerts and security guidance from the experts at Tenable.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Try Tenable Web App Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web App Scanning trial also includes Tenable Vulnerability Management and Tenable Lumin.

Buy Tenable Web App Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try Tenable Lumin

Visualize and explore your exposure management, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable Vulnerability Management and Tenable Web App Scanning.

Buy Tenable Lumin

Contact a Sales Representative to see how Tenable Lumin can help you gain insight across your entire organization and manage cyber risk.

Try Tenable Nessus Professional Free

FREE FOR 7 DAYS

Tenable Nessus is the most comprehensive vulnerability scanner on the market today.

NEW - Tenable Nessus Expert
Now Available

Nessus Expert adds even more features, including external attack surface scanning, and the ability to add domains and scan cloud infrastructure. Click here to Try Nessus Expert.

Fill out the form below to continue with a Nessus Pro Trial.

Buy Tenable Nessus Professional

Tenable Nessus is the most comprehensive vulnerability scanner on the market today. Tenable Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select Your License

Buy a multi-year license and save.

Add Support and Training

Try Tenable Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Tenable Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Tenable Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select Your License

Buy a multi-year license and save more.

Add Support and Training