Tenable Network Security Podcast - Episode 81
Welcome to the Tenable Network Security Podcast - Episode 81
Hosts: Paul Asadoorian, Product Evangelist, Ron Gula, CEO/CTO
Announcements
- A new blog post has been published this week:
- A new version of the 3D tool will be available this week and a new CIS Oracle 11 audit policy is available for download in the Customer Support Portal
- Check out our video channel on YouTube that contains the latest Nessus and SecurityCenter 4 tutorials.
- We're hiring! - Visit the Tenable web site for more information about open positions.
- You can subscribe to the Tenable Network Security Podcast on iTunes!
- Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make product and company announcements, provide Nessus plugin statistics and more!
Stories
- Hackers are worried that the Sony compromise will lower the Value of stolen cards - Supply and demand applies to stolen credit cards. Additionally, this graphic of a Sony controller provides a humorous take on the whole incident.
- Mom’s Guide to the NSA’s Home Security Guidelines - Are these things that corporate security folks should live by? Does keeping your software up-to-date (not patches but versions) really keep you from getting hacked?
- The best password is a sentence, says expert - Or even the first letter of each work in a sentence. Attackers are after your email accounts, as that seems to be the jumping off point for more serious attacks.
- Serious flaw in OpenID - It's good when there is a common system for authentication, it's bad when that system has a security flaw, like OpenID has.
- Samsung Data Management SQLi - Also, the root password for the device was hard-coded into the firmware. This also means that all devices had the same root password.
- Spear Phishing A Tough Catch - Or an easier catch, stolen subscriber information will provide attackers with more than what they need to perform email social engineering against targets whose data was stolen.
Related Articles
Tenable Network Security Podcast Episode 198 - "PCI Discussion Featuring Jeffrey Man"
February 13, 2014<p></p>
Cybersecurity Snapshot: Prompt Injection and Data Disclosure Top OWASP’s List of Cyber Risks for GenAI LLM Apps
November 22, 2024Don’t miss OWASP’s update to its “Top 10 Risks for LLMs” list. Plus, the ranking of the most harmful software weaknesses is out. Meanwhile, critical infrastructure orgs have a new framework for using AI securely. And get the latest on the BianLian ransomware gang and on the challenges of protecting water and transportation systems against cyberattacks.
Active Directory Under Attack: Five Eyes Guidance Targets Crucial Security Gaps
November 21, 2024A landmark global report from cybersecurity agencies emphasizes 17 attack techniques against Microsoft Active Directory and cautions organizations to step up protections. In the first of our two-part series, we offer five steps you can take today to shore up your AD defenses.
Five Cyber Agencies Sound Alarm About Active Directory Attacks: Beyond the Basics
November 21, 2024A landmark global report emphasizes 17 attack techniques against Microsoft Active Directory and cautions organizations to step up protections. In the second of our two-part series, we take you beyond the basics to highlight three key areas to focus on.
- Podcast