Tenable to Acquire Vulcan Cyber for $150 Million 2025-01-30 at 12:48 By Eduard Kovacs Tenable plans to acquire exposure management company Vulcan Cyber for roughly $150 million in cash and stock. The post Tenable to Acquire Vulcan Cyber for $150 Million appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source […]
React to this headline:
Tenable to Acquire Vulcan Cyber for $150 Million Read More »
Microsoft fixes actively exploited Windows Hyper-V zero-day flaws 2025-01-14 at 23:03 By Zeljka Zorz Microsoft has marked January 2025 Patch Tuesday with a hefty load of patches: 157 CVE-numbered security issues have been fixed in various products, three of which (in Hyper-V) are being actively exploited. The exploited Hyper-V vulnerabilities The exploited zero-days are CVE-2025-21333
React to this headline:
Microsoft fixes actively exploited Windows Hyper-V zero-day flaws Read More »
What 2024 taught us about security vulnerabilties 2025-01-14 at 06:03 By Help Net Security From zero-day exploits to weaknesses in widely used software and hardware, the vulnerabilities uncovered last year underscore threat actors’ tactics and the critical gaps in organizational defenses. This roundup showcases the standout findings from 2024’s cybersecurity reports, highlighting critical risks and
React to this headline:
What 2024 taught us about security vulnerabilties Read More »
Infosec products of the month: December 2024 2024-12-27 at 06:03 By Help Net Security Here’s a look at the most interesting products from the past month, featuring releases from: Appdome, Cato Networks, Datadog, Fortinet, GitGuardian, Horizon3.ai, Netwrix, Radiant Logic, RunSafe Security, SecureAuth, Stairwell, Stamus Networks, Sweet Security, Tenable, Trellix, Versa Networks, and Veza. GitGuardian launches
React to this headline:
Infosec products of the month: December 2024 Read More »
Microsoft fixes exploited zero-day (CVE-2024-49138) 2024-12-10 at 23:04 By Zeljka Zorz On December 2024 Patch Tuesday, Microsoft resolved 71 vulnerabilities in a variety of its products, including a zero-day (CVE-2024-49138) that’s been exploited by attackers in the wild to execute code with higher privileges. CVE-2024-49138 exploited by attackers CVE-2024-49138 stems from a heap-based buffer overflow
React to this headline:
Microsoft fixes exploited zero-day (CVE-2024-49138) Read More »
New infosec products of the week: December 6, 2024 2024-12-06 at 06:01 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from Datadog, Fortinet, Radiant Logic, Sweet Security, Tenable, and Veza. FortiAppSec Cloud simplifies web application security management With FortiAppSec Cloud, customers have deep visibility and
React to this headline:
New infosec products of the week: December 6, 2024 Read More »
Tenable Patch Management prevents problematic updates 2024-12-05 at 10:36 By Industry News Tenable released Tenable Patch Management, an autonomous patch solution built to close vulnerability exposures in a unified solution. A strategic partnership and integration with Adaptiva provides the foundation of the solution. Vulnerability remediation remains a critical challenge as identifying, testing and installing the
React to this headline:
Tenable Patch Management prevents problematic updates Read More »
PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785) 2024-12-04 at 13:38 By Zeljka Zorz Researchers have published a proof-of-concept (PoC) exploit for CVE-2024-8785, a critical remote code execution vulnerability affecting Progress WhatsUp Gold, a popular network monitoring solution for enterprises. CVE-2024-8785 and the PoC exploit CVE-2024-8785 stems from the incorrect use of a
React to this headline:
PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785) Read More »
Oracle patches exploited Agile PLM vulnerability (CVE-2024-21287) 2024-11-19 at 12:48 By Zeljka Zorz Oracle has released a security patch for CVE-2024-21287, a remotely exploitable vulnerability in the Oracle Agile PLM Framework that is, according to Tenable researchers, being actively exploited by attackers. About CVE-2024-21287 Oracle Agile PLM Framework is an enterprise product lifecycle management solution
React to this headline:
Oracle patches exploited Agile PLM vulnerability (CVE-2024-21287) Read More »
Zero-days dominate top frequently exploited vulnerabilities 2024-11-14 at 07:03 By Mirko Zorz A joint report by leading cybersecurity agencies from the U.S., UK, Canada, Australia, and New Zealand has identified the most commonly exploited vulnerabilities of 2023. Zero-day vulnerabilities on the rise The advisory highlights that malicious cyber actors increasingly targeted zero-day vulnerabilities, posing significant
React to this headline:
Zero-days dominate top frequently exploited vulnerabilities Read More »
Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039) 2024-11-12 at 23:03 By Zeljka Zorz November 2024 Patch Tuesday is here, and Microsoft has dropped fixes for 89 new security issues in its various products, two of which – CVE-2024-43451 and CVE-2024-49039 – are actively exploited by attackers. The exploited vulnerabilities (CVE-2024-43451, CVE-2024-49039) CVE-2024-43451 is yet another
React to this headline:
Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039) Read More »
Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572) 2024-10-08 at 22:49 By Zeljka Zorz For October 2024 Patch Tuesday, Microsoft has released fixes for 117 security vulnerabilities, including two under active exploitation: CVE-2024-43573, a spoofing bug affecting the Windows MSHTML Platform, and CVE-2024-43572, a remote code execution flaw in the Microsoft Management Console
React to this headline:
Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572) Read More »
Infosec products of the month: September 2024 2024-10-01 at 06:01 By Help Net Security Here’s a look at the most interesting products from the past month, featuring releases from: Absolute, anecdotes, ArmorCode, Binarly, Bitdefender, Druva, F5 Networks, Gcore, Guardsquare, Huntress, Ketch, LOKKER, Malwarebytes, NETGEAR, Nudge Security, Prompt Security, Rapid7, Revenera, Skyhigh Security, Strivacity, Tenable, Trellix,
React to this headline:
Infosec products of the month: September 2024 Read More »
CUPS vulnerabilities affecting Linux, Unix systems can lead to RCE 2024-09-27 at 13:31 By Zeljka Zorz After much hyping and following prematurely leaked information by a third party, security researcher Simone Margaritelli has released details about four zero-day vulnerabilities in the Common UNIX Printing System (CUPS) that can be abused by remote, unauthenticated attackers to
React to this headline:
CUPS vulnerabilities affecting Linux, Unix systems can lead to RCE Read More »
Tenable Enclave Security enables discovery, assessment and analysis of IT assets 2024-09-19 at 12:01 By Industry News Tenable launched Tenable Enclave Security, a solution that supports the needs of customers operating in highly secure environments, such as those that are classified or otherwise air-gapped. Backed by Tenable Security Center, Tenable Enclave Security protects IT assets
React to this headline:
Tenable Enclave Security enables discovery, assessment and analysis of IT assets Read More »
New infosec products of the week: September 13, 2024 2024-09-13 at 06:01 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from Druva, Huntress, Ketch, LOKKER, Tenable, Trellix, and Wing Security. Tenable AI Aware provides exposure insight into AI applications, libraries and plugins Tenable AI Aware
React to this headline:
New infosec products of the week: September 13, 2024 Read More »
Tenable AI Aware provides exposure insight into AI applications, libraries and plugins 2024-09-11 at 13:31 By Industry News Tenable released AI Aware, advanced detection capabilities designed to surface artificial intelligence solutions, vulnerabilities and weaknesses available in Tenable Vulnerability Management. Tenable AI Aware provides exposure insight into AI applications, libraries and plugins so organizations can confidently
React to this headline:
Tenable AI Aware provides exposure insight into AI applications, libraries and plugins Read More »
Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes 2024-09-10 at 22:46 By Zeljka Zorz September 2024 Patch Tuesday is here and Microsoft has delivered 79 fixes, including those for a handful of zero-days (CVE-2024-38217, CVE-2024-38226, CVE-2024-38014, CVE-2024-43461) exploited by attackers in the wild, and a Windows 10 code defect
React to this headline:
Critical Fortra FileCatalyst Workflow vulnerability patched (CVE-2024-6633) 2024-08-28 at 12:02 By Zeljka Zorz Organizations using Fortra’s FileCatalyst Workflow are urged to upgrade their instances, so that attackers can’t access an internal HSQL database by exploiting known static credentials (CVE-2024-6633). “Once logged in to the HSQLDB, the attacker can perform malicious operations in the database. For
React to this headline:
Critical Fortra FileCatalyst Workflow vulnerability patched (CVE-2024-6633) Read More »
Microsoft fixes 6 zero-days under active attack 2024-08-13 at 23:16 By Zeljka Zorz August 2024 Patch Tuesday is here, and Microsoft has delivered fixes for 90 vulnerabilities, six of which have been exploited in the wild as zero-days, and four are publicly known. The zero-days under attack CVE-2024-38178 is a Scripting Engine Memory Corruption Vulnerability
React to this headline:
Microsoft fixes 6 zero-days under active attack Read More »