News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Tag: Tenable

Log4j: Mittelstand continues high risk
August 10, 2022
| No comments
| PR News
Log4j Log4shell

The majority of medium-sized companies have not yet got to the bottom of the Log4j or Log4Shell problem. Only 40 percent have addressed the problem. Tenable warns that medium-sized companies still have an immensely large attack surface. As reported by the General Association of the German Insurance Industry (GDV), only 40 percent of medium-sized companies have checked their software to see whether it is affected by the Log4j vulnerability. Even fewer companies (28 percent) stated that they had checked their systems for intruded malware as a result of the vulnerability becoming known in December 2021. "As Log4Shell (CVE-2021-44228) over six...

Read more

Zero Day vulnerability in Google Chrome Browser
July 31, 2022
| No comments
| PR News
Zero Day vulnerability in Google Chrome Browser

As Tenable reports, a zero-day vulnerability has been found in Google's Chrome browser. Targeted attacks are expected, albeit more on people, such as journalists, in the Middle East. However, the weak points are by no means harmless. A comment by James Sebree, Senior Staff Research Engineer at Tenable. As early as 22.07.2022/XNUMX/XNUMX, several reports were published about a zero-day vulnerability in Google Chrome (and possibly Edge and Safari) that was exploited to attack journalists in the Middle East. Security company Avast linked the vulnerability to Candiru. Candiru has previously exploited previously unknown vulnerabilities,…

Read more

LAPSUS$ teenage extortion group exposes security flaws 
July 25, 2022
| No comments
| Stories
LAPSUS$ teenage extortion group exposes security flaws

The LAPSUS$ group, reportedly made up of teenagers, suddenly appeared on the cyber scene late last year. It became one of the most well-known and notorious online ransomware groups after successfully infiltrating major corporations such as Microsoft, Samsung, Ubisoft, and Okta. Claire Tills, Tenable's Senior Research Engineer, gained deep insight into the operations of the LAPSUS$ group. He has found that while the group's tactics are bold, illogical and poorly thought out, they have been successful in disrupting major international technology companies. This is a sobering reminder...

Read more

KRITIS still in sight one year after Colinial Pipeline & Co.
July 1, 2022
| No comments
| Short news
Tenable news

Tenable sees KRITIS operators exposed to increasing threat potential. Also one year after the severe attack on Colinial Pipeline & Co. with devastating effects. A comment from Tenable. “In the XNUMX months since ransomware attacks struck JBS Foods and Colonial Pipeline, the sad reality is that the threat to critical infrastructure operators has increased rather than decreased. Attackers only care about money - not impact Attackers recognize the impact they can have by influencing these environments and rely on it to launch their attacks with increasing accuracy and frequency...

Read more

Exchange Server: many vulnerable via ProxyShell vulnerability
13 May 2022
| No comments
| Short news
Tenable news

Although there are already patches for the ProxyShell vulnerability on Microsoft Exchange, these are not being used. This makes it easy for cybercriminals to further exploit the vulnerabilities and attack the systems. A comment from Tenable. Recent reports show that a Hive ransomware strain is targeting many Microsoft Exchange Servers through the ProxyShell vulnerabilities. Claire Tills, Senior Research Engineer, Tenable, comments on why this is still possible. Patches could close vulnerability “Attackers continue to exploit the ProxyShell vulnerabilities, which were first disclosed more than eight months ago. They have proven to be a reliable source for attackers since their disclosure,…

Read more

Malware targets industrial control systems
5 May 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Tenable experts warn of credential hijacking: Warning of attacks on industrial control systems with modern malware. In response to an alert issued by CISA, Tenable is issuing a comment. “The Joint Advisory issued by the US government on advanced tools used to attack industrial control systems and OT environments is worrying. If attackers are successful, the consequences of such an intrusion can be far-reaching and potentially devastating. If the attacker uses advanced tools to disrupt their system, organizations must have the people, processes, and technology in place up front to…

Read more

Vulnerabilities Spring Cloud, Spring Core, Spring4Shell
12 April 2022
| No comments
| Short news
Tenable news

Tenable explains the new vulnerabilities Spring Cloud, Spring Core - also known as Spring4Shell - which have nothing to do with Log4j or Log4Shell, even if the name suggests it. However, Spring4Shell remains unpatched as of now, making it a zero-day vulnerability. Satnam Narang, Staff Research Engineer, Tenable, discusses the differences between two vulnerabilities that are making the news right now - Spring Cloud and Spring Core (aka Spring4Shell). He also provides a blog with FAQ about Spring4Shell. Spring4Shell has nothing to do with Log4Shell “On 29….

Read more

Cloud Native Application Security Platform - Tenable.cs 
26. February 2022
| No comments
| Short news
Tenable news

Tenable, the Cyber ​​Exposure company, today announced new capabilities for Tenable.cs, its cloud-native application security platform. Tenable.cs provides full lifecycle cloud-native security to address cyber risks from development to runtime. With the new functions, companies can secure cloud resources, container images and cloud assets and thus ensure end-to-end security - from code to the cloud to individual workloads. Find Cloud Infrastructure Misconfigurations Tenable.cs enables organizations to programmatically detect cloud infrastructure misconfigurations in the design, build, and runtime phases of the Software Development Lifecycle (SDLC)…

Read more

Cyber ​​attacks on European energy companies
10. February 2022
| No comments
| Stories
Cyber ​​attacks on European energy companies

The series of sensational cyber attacks - primarily with ransomware - does not stop. Just a few days after the BlackCat attack on the gas station supplier Oiltanking, there were cyber attacks on Belgian energy companies and a British food manufacturer. Two comments from cybersecurity experts. Security firm Absolute Software says, "Over the past year, there has been a sharp rise in cyberattacks, particularly using ransomware to target critical infrastructure such as utility and energy companies, government agencies, and organizations that provide services and products to which we leave each other strong. For those,…

Read more

Clubhouse app in the crosshairs
10 April 2021
| No comments
| Short news
Tenable news

The French data protection authority has launched an investigation into alleged data breaches by the Clubhouse app. There was also a message that the creators of the app had launched an accelerator program. Apparently, Silicon Valley can't get enough of the app. It all comes after the news a few weeks ago that chats were cracked. In view of the hype surrounding the app, Satnam Narang, Staff Research Engineer at Tenable, comments on Clubhouse's status in terms of IT and data security. Clubhouse app with 8 million iOS downloads "In February 2021, Clubhouse exceeded the mark of eight million global ...

Read more

© 2024 MedPressIT GbR
Cookie Settings