Category Archives: Tenable

Geopolitical tensions combined with technology will drive new security risks

Posted on by

Misinformation and disinformation are biggest short-term risks, while extreme weather and critical change to Earth systems are greatest long-term concern, according to the Global Risks 2024 Report from the World Economic Forum. Against a backdrop of sy… Continue reading Geopolitical tensions combined with technology will drive new security risks

Microsoft fixes critical flaws in Windows Kerberos, Hyper-V (CVE-2024-20674, CVE-2024-20700)

Posted on by

For January 2024 Patch Tuesday, Microsoft has released fixes for 49 CVE-numbered vulnerabilities, two of which are critical: CVE-2024-20674 and CVE-2024-20700. None of the vulnerabilities fixed this time aroundare under active exploitation or have been… Continue reading Microsoft fixes critical flaws in Windows Kerberos, Hyper-V (CVE-2024-20674, CVE-2024-20700)

Microsoft Patch Tuesday, December 2023 Edition

Posted on by

The final Patch Tuesday of 2023 is upon us, with Microsoft Corp. today releasing fixes for a relatively small number of security holes in its Windows operating systems and other software. Even more unusual, there are no known “zero-day” threats targeting any of the vulnerabilities in December’s patch batch. Still, four of the updates pushed out today address “critical” vulnerabilities that Microsoft says can be exploited by malware or malcontents to seize complete control over a vulnerable Windows device with little or no help from users. Continue reading Microsoft Patch Tuesday, December 2023 Edition

December 2023 Patch Tuesday: 33 fixes to wind the year down

Posted on by

Microsoft’s December 2023 Patch Tuesday is a light one: 33 patches, only four of which are deemed critical. “This month, Microsoft did not patch any zero-day vulnerabilities, marking only the second time in 2023 that no zero-days were fixed… Continue reading December 2023 Patch Tuesday: 33 fixes to wind the year down

PoCs for critical Arcserve UDP vulnerabilities released

Posted on by

Arcserve has fixed critical security vulnerabilities (CVE-2023-41998, CVE-2023-41999, CVE-2023-42000) in its Unified Data Protection (UDP) solution, PoCs for which have been published by Tenable researchers on Monday. The vulnerabilities Arcserve UDP i… Continue reading PoCs for critical Arcserve UDP vulnerabilities released

The roadblocks to preventive cybersecurity success

Posted on by

In the last two years, the average organization’s cybersecurity program was prepared to defend preventively, or block, just 57% of the cyberattacks it encountered, according to Tenable. This means 43% of attacks launched against them are successful and… Continue reading The roadblocks to preventive cybersecurity success

Could Australia’s Cybersecurity Strategy Benefit From More Data Science Rigour?

Posted on by

The success of Australia’s six-shield cybersecurity strategy could depend on how well the nation manages the vast pools of data that will underpin the identification and mitigation of cyberthreats. Continue reading Could Australia’s Cybersecurity Strategy Benefit From More Data Science Rigour?

From Windows 9x to 11: Tracing Microsoft’s security evolution

Posted on by

Over its journey from Windows 9x to Windows 11, Microsoft has implemented multiple security overhauls, each addressing the challenges of its time and setting the stage for future developments. In this Help Net Security interview, we feature security re… Continue reading From Windows 9x to 11: Tracing Microsoft’s security evolution

Microsoft, Adobe fix zero-days exploited by attackers (CVE-2023-26369, CVE-2023-36761, CVE-2023-36802)

Posted on by

September 2023 Patch Tuesday is here, with fixes for actively exploited vulnerabilities in Adobe Acrobat and Reader (CVE-2023-26369), Microsoft Word (CVE-2023-36761), and Microsoft Streaming Service Proxy (CVE-2023-36802). Microsoft vulnerabilities of … Continue reading Microsoft, Adobe fix zero-days exploited by attackers (CVE-2023-26369, CVE-2023-36761, CVE-2023-36802)