Tenable Network Security Podcast Episode 186 - "Reducing Your Attack Surface (and your heating bill)"
Note: Passive Vulnerability Scanner (PVS) is now Nessus Network Monitor. To learn more about this application and its latest capabilities, visit the Nessus Network Monitor web page.
Announcements
- We're hiring! - Visit the Tenable website for information about open positions.
- Check out our video channel on YouTube which contains new Nessus, PVS, and SecurityCenter tutorials.
- Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make product and company announcements, provide Nessus plugin statistics, and more!
- Want to ask questions about Nessus, PVS, SecurityCenter, and LCE and get answers from the experts at Tenable? Join the Tenable Discussions Forum for custom scripts, announcements, and more!
- You can subscribe to the Tenable Network Security Podcast on iTunes!
Discussion & Highlighted Plugins
- Detecting Legacy Clients and Application - I was recently using PVS in a lab environment and noticed the wealth of legacy application information it provided me. This is great news for organizations, as you likely have some legacy systems and applications. It may be tough to find these with network scanning, firewalls, and no credentials for the systems. System owners may not be forthcoming either. However, with PVS you can find old versions of Firefox connecting to legacy web applications. The traffic never lies! How can folks leverage this to find their own legacy applications, and what do you do once you sense them?
- Disable "Stuff" Not In use - I'm a firm believer in reducing your attack surface. I like simple things, and this is a simple thing. If you're not using it, turn it off! Whether it's an entire system, a service, or parts of an application, turn it off. With all the technology in use today, you have to work towards reducing the attack surface in every aspect, including even using firewalls! What got me thinking about this? My new thermostat, a Nest, which it turns out has ZigBee installed by default, but not in use. Do I want attackers messing with my HVAC? No...
New & Notable Plugins
Nessus
General
- Google Chrome < 30.0.1599.66 Multiple Vulnerabilities
- RES Workspace Manager Agent Detection
- RES Workspace Manager Relay Server Detection
- WellinTech KingView ActiveX Multiple Arbitrary File Overwrite Vulnerabilities
- MediaWiki < 1.19.8 / 1.20.7 / 1.21.2 Multiple Vulnerabilities
- DotNetNuke < 6.2.9 / 7.1.1 Multiple Vulnerabilities
- FireEye Web MPS GUI Detection
- Mac OS X 10.8 < 10.8.5 Supplemental Update
- Blue Coat ProxySG Remote DoS
- Cisco IOS Software Resource Reservation Protocol Interface Queue Wedge Vulnerability (cisco-sa-20130925-rsvp)
- Cisco IOS Software Resource Reservation Protocol Interface Queue Wedge Vulnerability (cisco-sa-20130925-rsvp)
- Cisco IOS Software Zone-Based Firewall and Content Filtering Vulnerability (cisco-sa-20130925-cce)
- Cisco IOS Software IPv6 Virtual Fragmentation Reassembly Denial of Service Vulnerability (cisco-sa-20130925-ipv6vfr)
- Cisco IOS Software Network Address Translation Vulnerabilities (cisco-sa-20130925-nat)
- Cisco IOS Software Queue Wedge Denial of Service Vulnerability (cisco-sa-20130925-wedge)
- Cisco IOS Software DHCP Denial of Service Vulnerability (cisco-sa-20130925-dhcp)
- Cisco IOS Software Internet Key Exchange Memory Leak Vulnerability (cisco-sa-20130925-ike)
- Cisco IOS Software Multicast Network Time Protocol Denial of Service Vulnerability (cisco-sa-20130925-ntp)
Passive Vulnerability Scanner
Vulnerability Detection
SecurityCenter Apps
Dashboards
Reports
Security News Stories
- Business RadioX's Results Matter Radio Features Atlanta Businesses and Organizations Serving the Local Community
- SAI Global Deploys Tenable Network Security to Combat Security Vulnerabilities and Compliance
- Tenable Network Security Names Attley Ng as Asia-Pacific Vice President
- AD Zone Transfers as a user
- FAA panel: Wi-Fi is safe on planes even during takeoff and landing
- 5 Wi-Fi security myths you must abandon now
- Symantec takes on one of largest botnets in history
- Iran's cyberwarfare czar is allegedly assassinated
Related Articles
Do You Think You Have No AI Exposures? Think Again
August 6, 2024As AI usage becomes more prevalent in organizations globally, security teams must get full visibility into these applications. Building a comprehensive inventory of AI applications in your environment is a first step. Read on to learn what we found about AI application-usage in the real world when we analyzed anonymized telemetry data from scans using Tenable’s products.
Tuning Network Assessments for Performance and Resource Usage
September 13, 2022Using the correct tool for the job and optimizing scanner placement will have a large impact on scan efficiency with Nessus, Tenable.io and Tenable.sc.
OT:ICEFALL Research from Forescout Explores Insecure-by-Design State of Operational Technology
June 23, 2022The latest research from Forescout’s Vedere Labs explores the state of risk management in operational technology through the lens of 56 insecure-by-design vulnerabilities.
CVE-2024-7593: Ivanti Virtual Traffic Manager Authentication Bypass Vulnerability
August 14, 2024Ivanti released a patch for a critical severity authentication bypass vulnerability and a warning that exploit code is publicly available
Microsoft’s August 2024 Patch Tuesday Addresses 88 CVEs
August 13, 2024Microsoft addresses 88 CVEs with seven critical vulnerabilities and 10 zero-day vulnerabilities, six of which were exploited in the wild.
Compromising Microsoft's AI Healthcare Chatbot Service
August 13, 2024Tenable Research discovered multiple privilege-escalation issues in the Azure Health Bot Service via a server-side request forgery (SSRF), which allowed researchers access to cross-tenant resources.
- Nessus Network Monitor
- Passive Network Monitoring
- Personal security
- Podcast
- Vulnerability Scanning