Tenable Network Security Podcast Episode 141 - "Nessus HTML5 Beta, Default Accounts, Stuxnet Redux"
Announcements
- The Nessus HTML5 beta interface is now available! Try it out and send us your feedback.
- Debate: Flame, Stuxnet and other APTs are hype, but still be wary
- Check out our video channel on YouTube which contains new Nessus and SecurityCenter 4 tutorials. The "#1 Nessus is an Enterprise Tool - Top Ten Things You Didn't Know About Nessus" video is now available.
- We're hiring! - Visit the Tenable website for more information about open positions.
- Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make product and company announcements, provide Nessus plugin statistics, and more!
- Want to ask questions about Nessus, SecurityCenter, LCE, and PVS and get answers from the experts at Tenable? Join Tenable's Discussion Forum for custom scripts, announcements, and more!
- You can subscribe to the Tenable Network Security Podcast on iTunes!
New & Notable Plugins
Nessus
- SumatraPDF < 2.1 Vulnerabilities
- Flexera ActiveX Control Remote Code Execution Vulnerabilities
- IBM WebSphere Application Server 7.0 < Fix Pack 25 Vulnerabilities
- Novell GroupWise WebAccess 8.x < 8.0.3 Cross-Site Scripting Vulnerabilities
- WordPress A Page Flip Book Plugin for WordPress Local File Inclusion
- RSA Authentication Client 3.5 < 3.5.6 Local Authentication Bypass
- Magnum MNS-6K Hardcoded Admin Account
- Symantec Enterprise Vault < 10.0.2 Vulnerabilities in Oracle Outside-In Libraries (SYM12-015)
Passive Vulnerability Scanner
- Foursquare app on an Apple iOS mobile device
- Slacker application music streaming leaking information
- Slacker application music streaming on an Android mobile device
- Slacker application music streaming on an Apple iOS mobile device
Compliance Checks
Nessus ProfessionalFeed and SecurityCenter customers can download compliance checks from the Tenable Support Portal.
Stories
- Network Monitoring As A Security Tool - Dark Reading
- Bing is the most heavily poisoned search engine, study says - The Register
- What is Scaring Businesses the Most? Spear-phishing.
- In a Zero-Day World, It’s Active Attacks that Matter
- Could your phone's camera be secretly taking pictures right now? Hackers can use your lens to steal private data - and build up a 3D model of your home | Mail Online
- How millions of DSL modems were hacked in Brazil, to pay for Rio prostitutes - Naked Security
Related Articles
Tenable Network Security Podcast Episode 198 - "PCI Discussion Featuring Jeffrey Man"
February 13, 2014<p></p>
Cybersecurity Snapshot: Prompt Injection and Data Disclosure Top OWASP’s List of Cyber Risks for GenAI LLM Apps
November 22, 2024Don’t miss OWASP’s update to its “Top 10 Risks for LLMs” list. Plus, the ranking of the most harmful software weaknesses is out. Meanwhile, critical infrastructure orgs have a new framework for using AI securely. And get the latest on the BianLian ransomware gang and on the challenges of protecting water and transportation systems against cyberattacks.
Active Directory Under Attack: Five Eyes Guidance Targets Crucial Security Gaps
November 21, 2024A landmark global report from cybersecurity agencies emphasizes 17 attack techniques against Microsoft Active Directory and cautions organizations to step up protections. In the first of our two-part series, we offer five steps you can take today to shore up your AD defenses.
Five Cyber Agencies Sound Alarm About Active Directory Attacks: Beyond the Basics
November 21, 2024A landmark global report emphasizes 17 attack techniques against Microsoft Active Directory and cautions organizations to step up protections. In the second of our two-part series, we take you beyond the basics to highlight three key areas to focus on.
- Podcast