Tenable to acquire Ermetic for $240 million in cash and $25 million in restricted stock and RSUs

Tenable Holdings has signed a definitive agreement to acquire Ermetic. Tenable intends to integrate Ermetic’s capabilities into its Tenable One Exposure Management Platform to deliver contextual risk visibility, prioritization, and remediation ac… Continue reading Tenable to acquire Ermetic for $240 million in cash and $25 million in restricted stock and RSUs

Tenable unveils web application and API scanning capabilities for Nessus Expert

Tenable has unveiled web application and API scanning in Tenable Nessus Expert, new features that provide simple and comprehensive vulnerability scanning for modern web applications and APIs. Web application and API scanning in Nessus Expert are dynami… Continue reading Tenable unveils web application and API scanning capabilities for Nessus Expert

Ivanti Avalanche vulnerable to attack by unauthenticated, remote attackers (CVE-2023-32560)

Two stack-based buffer overflow bugs (collectively designated as CVE-2023-32560) have been discovered in Ivanti Avalanche, an enterprise mobility management solution. A buffer overflow arises when the data in a buffer surpasses its storage capacity. Th… Continue reading Ivanti Avalanche vulnerable to attack by unauthenticated, remote attackers (CVE-2023-32560)

Black Hat USA 2023 video walkthrough

Help Net Security is in Las Vegas this week for Black Hat USA 2023, and this video provides a closer look at the event. The exhibitors featured in this video are: 1Password, Aqua Security, CISA, Cisco, CyberFOX, Darktrace, Dasera, Fortanix, Fortinet, F… Continue reading Black Hat USA 2023 video walkthrough

Microsoft Patch Tuesday, August 2023 Edition

Microsoft Corp. today issued software updates to plug more than 70 security holes in its Windows operating systems and related products, including a patch that addresses multiple zero-day vulnerabilities currently being exploited in the wild. Continue reading Microsoft Patch Tuesday, August 2023 Edition

PaperCut fixes bug that can lead to RCE, patch quickly! (CVE-2023-39143)

Horizon3.ai researchers have published some details (but no PoC for now, thankfully!) about CVE-2023-39143, two vulnerabilities in PaperCut application servers that could be exploited by unauthenticated attackers to execute code remotely. But, they not… Continue reading PaperCut fixes bug that can lead to RCE, patch quickly! (CVE-2023-39143)

Infosec products of the month: July 2023

Here’s a look at the most interesting products from the past month, featuring releases from: BreachRx, Code42, ComplyAdvantage, Darktrace, Dig Security, Diligent, Fidelis Cybersecurity, Hubble, Netscout, Panorays, Privacera, Regula, SeeMetrics, Tenable… Continue reading Infosec products of the month: July 2023

Tenable unveils agentless container scanning to prevent vulnerable containers from reaching runtime

Tenable announced new Tenable Cloud Security features that deliver automated operating system (OS) vulnerability detection across container images, registries and pipelines. Building on existing exposure management capabilities, Tenable Cloud Security … Continue reading Tenable unveils agentless container scanning to prevent vulnerable containers from reaching runtime

Microsoft patches four exploited zero-days, but lags with fixes for a fifth (CVE-2023-36884)

For July 2023 Patch Tuesday, Microsoft has delivered 130 patches; among them are four for vulnerabilites actively exploited by attackers, but no patch for CVE-2023-36884, an Office and Windows HTML RCE vulnerability exploited in targeted attacks aimed … Continue reading Microsoft patches four exploited zero-days, but lags with fixes for a fifth (CVE-2023-36884)