Tenable Blog

As Tenable's chief security officer I'm simultaneously protecting our own systems while addressing the concerns of our customers around the world. Here's what I've learned so far.  

Nation-state threat actors breached the supply chain of a popular IT management software provider in order to infiltrate government agencies and private companies.

Update December 30: The Analysis, Solution and Identifying Affected Systems sections have been updated to reflect the discovery of and availability of patches for a separate threat affecting SolarWinds known as SUPERNOVA, which includes the exploitation of a newly disclosed vulnerability.

The vulnerabilities disclosed affect millions of Operational Technology, IoT and IT devices and include multiple remote code execution flaws.

The National Security Agency warns that Russian state-sponsored threat actors are exploiting an important VMware vulnerability in the wild.

Background

On December 7, the National Security Agency (NSA) published a cybersecurity advisory regarding in-the-wild exploitation, by Russian state-sponsored threat actors, of a vulnerability in several VMware products.

Tenable’s Zero-Day Research team found encouraging trends in how quickly software vendors are responding to our private disclosures, as well as how they’re addressing critical and high-severity vulnerabilities.

If someone told me at the start of the COVID-19 lockdown in March 2020 that software vendors would speed up the time they take to patch potential Zero Day* vulnerabilities, I would have chuckled and said it was wishful thinking. Clearly I was WRONG.