Tenable Network Security Podcast Episode 167 - "Routers Give Up Passwords, SANS Top 20"
Announcements
- Increase Security Effectiveness with these 20 Critical Security Controls
- We're hiring! - Visit the Tenable website for more information about open positions.
- Check out our video channel on YouTube which contains new Nessus and SecurityCenter tutorials.
- Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make product and company announcements, provide Nessus plugin statistics, and more!
- Want to ask questions about Nessus, SecurityCenter, LCE, and PVS and get answers from the experts at Tenable? Join Tenable's Discussion Forum for custom scripts, announcements, and more!
- You can subscribe to the Tenable Network Security Podcast on iTunes!
New & Notable Plugins
Nessus
General
- MySQL 5.1 < 5.1.69 Multiple Vulnerabilities
- MySQL 5.5 < 5.5.31 Multiple Vulnerabilities
- MySQL 5.6.x < 5.6.11 Multiple Vulnerabilities
- Cisco IOS Generic Input/Output SNMP DoS
- VLC < 2.0.6 ASF Demuxer Buffer Overflow
- Puppet Unsafe YAML Unserialization
- Puppet Multiple Vulnerabilities (2013/03/12)
- D-Link DIR-645 getcfg.php Admin Password Disclosure
- IBM Lotus Domino 8.5.x < 8.5.3 Multiple Vulnerabilities
- IBM Lotus Domino 8.5.x Multiple Vulnerabilities
Application Detection
Web Applications
Passive Vulnerability Scanner
SecurityCenter Dashboards
Security News Stories
- XKCD on Authorization
- Another Hack, Another 50M Passwords – Time for SecureAuth IdP for the Enterprise
- XSS Vulnerability in Cisco sub domain found by 14-year-old security researcher
- Eavesdropping on a wireless keyboard | absorptions
- First BYOD, now BYON poses security challenge
- Man accused of placing GPS device on victim's car before burglarizing her home
- Serial Killer Hack Threat To Gas Pipes, Traffic Lights, Power Plants
Related Articles
Tenable Network Security Podcast Episode 198 - "PCI Discussion Featuring Jeffrey Man"
February 13, 2014<p></p>
CVE-2024-7593: Ivanti Virtual Traffic Manager Authentication Bypass Vulnerability
August 14, 2024Ivanti released a patch for a critical severity authentication bypass vulnerability and a warning that exploit code is publicly available
Microsoft’s August 2024 Patch Tuesday Addresses 88 CVEs
August 13, 2024Microsoft addresses 88 CVEs with seven critical vulnerabilities and 10 zero-day vulnerabilities, six of which were exploited in the wild.
Compromising Microsoft's AI Healthcare Chatbot Service
August 13, 2024Tenable Research discovered multiple privilege-escalation issues in the Azure Health Bot Service via a server-side request forgery (SSRF), which allowed researchers access to cross-tenant resources.
- Podcast