Tenable blog
CVE-2025-23006: SonicWall Secure Mobile Access (SMA) 1000 Zero-Day Reportedly Exploited
Cybersecurity Snapshot: Get the Latest on Deepfake Threats, Open Source Risks, AI System Security and Ransomware Gangs
Tasked with securing your org’s new AI systems? Check out a new Google paper with tips and best practices. Plus, open source security experts huddled at a conference this week – find out what they talked about. Also, Uncle Sam says it’s time to prep for deepfake attacks. And much more!...
Microsoft’s September 2023 Patch Tuesday Addresses 61 CVEs (CVE-2023-36761)
Microsoft addresses 61 CVEs including two vulnerabilities that were exploited in the wild...
Tenable and Cyversity Partner on CISSP Exam Prep Program
Tenable is now accepting applicants for its training scholarship dedicated to supporting cybersecurity professionals from diverse backgrounds in their preparation for the CISSP exam Diversity, equity and inclusion (DEI) is a priority at Tenable. We strive to be a career destination in which individ...
Tenable Cyber Watch: Cyber Leaders Prioritize Detection and Prevention, Top 3 Malware in Q2, and more
This week’s edition of Tenable Cyber Watch unpacks security leaders' top cybersecurity priorities and addresses why software products must be secure by design. Also covered: The top 3 malware in Q2. ...
How to Perform Efficient Vulnerability Assessments with Tenable
Policy configuration choices in vulnerability assessment tools like Tenable Nessus, Tenable Security Center and Tenable Vulnerability Management enable security professionals to effectively gather data that can be analyzed to aid in prioritizing remediation....
CVE-2023-20269: Zero-Day Vulnerability in Cisco Adaptive Security Appliance and Firepower Threat Defense Reportedly Exploited by Ransomware Groups
Ransomware groups including LockBit and Akira are reportedly exploiting a zero-day vulnerability in Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) appliances with VPN functionality enabled....
The Azure Metadata Protection You Didn’t Know Was There
Some Azure services have an additional, not widely known, protection mechanism against session token exfiltration....
Cybersecurity Snapshot: Cyber Pros Taxed by Overwork, Understaffing and Lack of Support, as Stress Takes a Toll
Life is getting harder for cybersecurity pros, but there are ways to improve working conditions. Check out what a study found. Meanwhile, there’s a new, free attack-emulation tool for OT security teams. Plus, the U.S. government is alerting about exploits to CVE-2022-47966 and CVE-2022-42475. We als...
AA23-250A: Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475
A joint Cybersecurity Advisory examines the exploitation of two critical vulnerabilities by nation-state threat actors....
