News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Tag: Tenable

Heavily exploited vulnerabilities up to five years old!
17 April 2023
| No comments
| Stories
Heavily exploited vulnerabilities up to five years old!

As Tenable's Threat Landscape Report shows, the most frequently attacked vulnerabilities have typically been known for many years. The attackers are counting on the fact that the patches have not been used and that no one is monitoring the gaps. With Microsoft Exchange, Log4Shell or Follina, there were always old vulnerabilities. Tenable's annual Threat Landscape Report is out. The report confirms the continued threat of known vulnerabilities—that is, those for which patches have already been made available—as the prime vector for cyberattacks. The results are based on the analysis of cyber security incidents, vulnerabilities…

Read more

Scam: GPT-4 as bait for phishing
March 29, 2023
| No comments
| Stories
Scam: ChatGPT as bait for phishing

Hoping to capitalize on the massive interest in GPT-4 - ChatGPT's new multimodal model - scammers have launched phishing campaigns via email and Twitter to steal cryptocurrency. A day after the highly anticipated launch of OpenAI's Generative Pre-trained Transformer Version 4 (GPT-4), scammers have jumped on the bandwagon. They have started sending phishing emails and tweeting phishing links to cryptocurrency prospects about a fake OpenAI token. At the time of Tenable's blog post, OpenAI was only offering GPT-4 access to ChatGPT Plus subscribers and developers via its API. The…

Read more

Outlook attack works without a click!
March 25, 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Even the BSI warns of the CVE-2023-23397 vulnerability in Outlook, as it can be exploited without a single click from a user. Tenable experts tested a simple scenario in which the attack succeeds even though the email was only received and not clicked. Recent coverage of the CVE-2023-23397 Outlook vulnerability has prompted Tenable to shed a little more light on the topic. A comment from Satnam Narang, Senior Staff Research Engineer at Tenable. While private users or single-user PCs are usually automatically protected by Windows updates, administrators have to check the patch themselves or...

Read more

Vulnerability Management creates Cyber ​​Insurance Report
March 23, 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Tenable Vulnerability Management account users can now create a Cyber ​​Insurance Report for their cyber insurance provider. This makes it easier to insure and helps reduce premiums. Tenable, specializing in Exposure Management, offers a Cyber ​​Insurance Report in its Tenable Vulnerability Management solution. This summarizes exposure information relevant to cyber insurance providers to streamline the risk assessment process for both insurers and customers. The Tenable Cyber ​​Insurance Report enables insurers, for the first time, to measure preventative security programs by sharing vulnerability data that resides inside the firewall. Wrong review – high premium In…

Read more

Patches for 75 vulnerabilities
25. February 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

The February 2023 Patchday release contains patches for 75 CVEs - nine rated critical and 66 rated important. Also included: Elevation of rights error in Windows, circumvention of security functions in Microsoft Office or security gaps in Microsoft Exchange Server. This month Microsoft fixed three zero-day vulnerabilities exploited by attackers in the wild, including two elevation of privilege bugs and one security feature bypass bug. CVE-2023-23376 Microsoft has patched CVE-2023-23376, an elevation of privilege bug in the Common Log File System (CLFS) driver. Its discovery will bring researchers at the Microsoft Threat Intelligence Center (MSTIC)…

Read more

Romance scams abuse trust
24. February 2023
| No comments
| PR News
Romance scams abuse trust

Romance scams are on the rise and Valentine's Day is just one example of when these scams can increase significantly. The reality is scammers are constantly looking for real connections and abuse the currency of trust. Reports from around the world show a similar trend in the rise of love scams resulting in the loss of millions of dollars. The Federal Trade Commission reports that individuals have lost a staggering $1,3 billion to love scams in the last five years. There is some positive news as the National Police are involved in one of the largest...

Read more

Microsoft patches gaps according to NSA information
16 January 2023
| No comments
| Short news
Tenable news

Microsoft's Patchday release this month includes fixes for 98 CVEs, 11 of which are rated Critical and 87 are Major. In addition, Microsoft closes two zero-day vulnerabilities. A lot of information came from the American National Security Agency - NSA. Microsoft says this bug has already been exploited in practice as a zero day: CVE-2023-21674 is an elevation-of-privilege vulnerability in Windows Advanced Local Procedure Call (ALPC) that simplifies interprocess communication for Windows operating system components. Serious zero-day vulnerability Although no details about the flaw were available at the time Microsoft published the advisory on Patch Tuesday, it seems…

Read more

Forget Cyber ​​Security on the way to the Metaverse 
7 January 2023
| No comments
| PR News
Forget Cyber ​​Security on the way to the Metaverse

Companies are increasingly venturing into the metaverse to grow there, but sometimes ignore important security warning signs. Just under half of the companies surveyed see themselves in a position to contain the threats posed by the Metaverse. The “Measure Twice, Cut Once: Meta-curious Organizations Relay Security Concerns Even as They Plunge Into Virtual Worlds” study surveyed 1.500 IT, cybersecurity, and DevOps professionals. The study examines how organizations are addressing the opportunities and challenges associated with building, securing and participating within the Metaverse, while also providing insights into the risks...

Read more

Log4j: 72 percent of companies at risk
3 January 2023
| No comments
| PR News
Log4j: 72 percent of companies at risk

According to a study gleaned from over 500 million tests, 72 percent of organizations remain at risk from the Log4j vulnerability. The data highlights the problems in fixing security vulnerabilities. When Log4Shell was discovered in December 2021, companies around the world tried to determine their risk. In the weeks after the vulnerability became known, companies reallocated their resources and invested tens of thousands of hours identifying and remediating the problem. One state's federal cabinet reported that its security team spent 33.000 hours just fixing the...

Read more

Cryptocurrencies and tokens stolen from 8.000 wallets
August 14, 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Recently, millions of dollars in cryptocurrencies and tokens were stolen from 8.000 wallets connected to the Solana blockchain. Tenable advises more caution when choosing cryptocurrency applications Millions of dollars worth of cryptocurrencies and other tokens have been stolen from internet-connected wallets on the Solana blockchain, with assets stolen from approximately 8.000 wallets – mostly mobile wallets -Phantom and Slope users. $5M Cryptos Stolen “The Solana hack that led to the theft of over $5M was the result of a leak from…

Read more

© 2024 MedPressIT GbR
Cookie Settings