Displaying items by tag: Tenable

The Federal Government's Ransomware Action Plan has received a lukewarm welcome from security professionals, with one calling for an increased focus on prevention and adoption of advanced cyber security measures.

Seventy-one flaws have been patched in Microsoft's products, the company announced on Tuesday, the monthly Patch Tuesday.

Microsoft has released patches for two zero-day vulnerabilities, along with patches for 84 other flaws in its products, including Microsoft Edge.

The most recent data breach report from the Office of the Australian Information Commissioner has something of a silver lining, but not as far as the health sector goes, the ANZ chief of a security firm says.

JBS Foods, the biggest meat-processing operation in the world, has been hit by a cyber-attack that has affected its American and Australian operations.

Cloud, networking and security provider VMware has released details of, and a patch to fix, a vulnerability in its vCenter Server which is used for managing virtualisation in big data centres.

The executive order on cyber security issued by the US on Thursday will be judged by whether it can stop the next attack similar to the Colonial Pipeline attack or the SolarWinds supply chain fiasco, the head of a security firm says.

MEGA UPDATED: More than FIFTY top IT companies in Australia have provided IT industry commentary on Australia’s 2021 Federal Budget, focusing on the digital economy, cyber security, business and more.

Microsoft has been urged to reconsider its position on removing exploits from GitHub, the code repository which it acquired in 2018, after an incident in which it removed an exploit for Microsoft Exchange Server from the site.

Three days after it suffered a Windows ransomware attack, the Colonial Pipeline Company, which is headquartered in Alpharetta, Georgia, appears to be slowly limping back to resuming operations, though many systems still remain shut.

Users of the Google Chrome and Microsoft Edge browsers have been told that they need not hold too many fears over a one-day vulnerability in the V8 JavaScript engine used by the two applications, but should still patch as and when patches were made available.

A threat intelligence report from security provider Onapsis and business software vendor SAP claims that threat actors are actively exploiting unprotected mission-critical SAP applications.

Cloud computing and virtualisation software and services company VMware has released fixes for two vulnerabilities in three of its products, which could be chained together and exploited to execute code remotely, a researcher says.

The University of Queensland has selected security firm Tenable as its cyber exposure solutions provider to help reduce cyber risk across its domestic campuses.

Cloud-native network detection and response provider ExtraHop has appointed Keith Symons to the role of regional sales manager.

Melbourne's Eastern Health is still experiencing what it describes as "significant impacts" due to a network attack that it announced last Wednesday.

Microsoft has released an additional patch to fix the Zerologon vulnerability that surfaced last year, having first issued a patch for the flaw in August 2020 and then updated it the following month.

A serious vulnerability in SAP Solution Manager would allow an attacker can authenticate to vulnerable systems by simply trying to connect, a local researcher has warned, adding that a proof-of-concept exploit is circulating.

Thirty-five percent of security breaches in 2020 were caused by ransomware attacks, resulting in tremendous financial cost, while between January and October last year, 730 "publicly disclosed events" resulted in over 22 billion records being exposed, according to a report from security vendor Tenable.

A seasoned security professional has slammed Microsoft for the company's decision to remove CVE description information from the monthly listing of patches on the second Tuesday of each month, saying that the new method will give malicious attackers the advantage to reverse engineer patches.