Tenable
Podcasts

Get ready for The Hacker Chronicles, a fully narrated podcast series with all the voice actors, sound effects, and musical scores we could assemble. Grab your headphones.

Our story starts with Alice: colleague, neighbor, friend, reluctant hacker. In this first episode, in a cabin nestled in New York’s Catskill Mountains, Alice is about to receive the biggest paycheck of her life. Her corporate target just needs to cough up six figures to unlock its IT systems. But Alice’s attack has spread beyond her control, and Wall Street is taking notice.

You don't need a computer science degree to enjoy or even learn something here. For the pros out there, expect exclusive insights to better protect your own organization in 2022.

Listen now to The Hacker Chronicles wherever you enjoy your podcasts.

The recent Binding Operational Directive from CISA will see a number of U.S. government departments receive better instruction on which vulnerabilities need to be patched, and to do so within a six month time frame.

On this episode of the Tenable Research podcast, we look at what the vulnerabilities are, how they are determined, who is affected and what this could mean for other governments around the world, and other businesses also.

• Listen
• 
• 
• 
• 

Show References

• Binding Operational Directive 22-01 
• CISA Directive 22-01: How Tenable Can Help You Find and Fix Known Exploited Vulnerabilities 
• https://cyber.dhs.gov/bod/22-01/
• How Risk-Based Vulnerability Management Helps You Effectively Address CISA’s Binding Operational Directive 22-01

Follow along for more from Tenable Research:

• Subscribe to the blog
• Follow Tenable’s Zero Day team on Medium

This month we look at patches from Apache and VMware, an example of very rapid response to a researcher’s findings, and another quiet month from Microsoft’s Patch Tuesday, with guests Claire Tills and Satnam Narang from Tenable's Security Response Team.

• Listen:
• 
• 
• 
• 

Show References

• CVE-2021-22005: Critical File Upload Vulnerability in VMware vCenter Server
• CVE-2021-41773: Path Traversal Zero-Day in Apache HTTP Server Exploited
• Microsoft’s October 2021 Patch Tuesday Addresses 74 CVEs (CVE-2021-40449)
• CVE-2021-34527: Microsoft Releases Out-of-Band Patch for PrintNightmare Vulnerability in Windows Print Spooler
• CVE-2021-1675: Proof-of-Concept Leaked for Critical Windows Print Spooler Vulnerability
• The PrintNightmare Continues: Another Zero-Day in Print Spooler Awaits Patch (CVE-2021-36958)
• Finding Proxylogon and Related Microsoft Exchange Vulnerabilities: How Tenable Can Help

Follow along for more from Tenable Research:

• Subscribe to the blog
• Follow Tenable’s Zero Day team on Medium