Objects in Mirror Are Closer Than They Appear: Reflecting on the Cybersecurity Threats from 2019
December 16, 2019Tenable’s Security Response Team reviews the biggest cybersecurity threats of 2019. With 2019 coming to an end, the Tenable Security Response Team reflects on the vulnerabilities and threats that had...
Microsoft's December 2019 Patch Tuesday Includes Fix for Zero Day Exploited in the Wild (CVE-2019-1458)
December 10, 2019Microsoft closes out 2019 by patching 36 CVEs, including one flaw that was exploited in the wild as a zero-day. Microsoft sent administrators around the world an early holiday gift with a lighter-tha...
A Look at the Vulnerability-to-Exploit Supply Chain
December 4, 2019Last week, Tenable Research released the report, How Lucrative Are Vulnerabilities? A Closer Look at the Economics of the Exploit Supply Chain, which takes a close look at the vulnerability-to-exploit...
Microsoft's November 2019 Patch Tuesday: Tenable Roundup
November 12, 2019With over 70 CVEs, Microsoft’s November 2019 Patch Tuesday corrects 13 critical vulnerabilities, including a patch for an Internet Explorer vulnerability exploited in the wild. Microsoft’s November ...
No, You Aren’t Being Invited to Win a New Car. That’s Spam on Your Calendar
September 11, 2019By abusing the automatic event creation feature of integrated email calendars, spammers are finding ways to send you malicious links that are harder to ignore. Background In June, researchers at Kas...
Microsoft's September 2019 Patch Tuesday: Tenable Roundup
September 10, 2019Microsoft’s September 2019 Security Updates address 79 vulnerabilities, 17 of which are rated critical. Microsoft’s September 2019 Patch Tuesday release contains updates for 79 CVEs, 17 of which...
TikTok Scams: How Social Currency Fuels the Economy for Impersonation Accounts and Free-Followers-and-Likes Services
August 14, 2019The economic engine on social media platforms are the followers (or fans) and likes. Scammers take advantage of this economy, while others seek out ways to grow their following inorganically by impers...
TikTok Scams: How Popular Apps and Services Become New Havens for Scammers
August 14, 2019As social media platforms become popular, scammers aren’t far behind. One of the more popular social media scams involving adult-dating has started to emerge on TikTok over the last six months. Sin...
Instagram Porn Bots Evolve Methods for Peddling Adult Dating Spam
July 25, 2019Incentivized by affiliate programs, scammers are evolving how they utilize fake Instagram accounts to target users on the popular social media platform. As social networking services rose to prominen...
Tenable Research Discloses Critical Vulnerability in Siemens STEP 7 (CVE-2019-10915)
July 9, 2019Tenable Research has discovered a critical vulnerability in Siemens TIA Portal (also referenced as STEP 7) that would allow an attacker to perform administrative actions. Siemens has released an updat...
How to Audit Microsoft Exchange 2013 and 2016 with CIS and DISA Guidance
July 1, 2019Tenable Research Release Highlights are posted for significant new releases or updates to existing plugins or audit files that are important for early customer notification. Here, we discuss new audit...
Sudan Meal Project: Social Media Activism is Used to Amass Nearly 900,000 Followers on Instagram
June 24, 2019Instagram accounts claiming to donate meals to Sudanese civilians are a ruse to gain followers in order to pivot to personal accounts or sell them for a profit. In the wake of the Sudan crisis t...