Displaying items by tag: Tenable

Security professionals have warned that an authentication bypass flaw in VMware products needs to be patched as soon as possible to prevent its being exploited.

Microsoft has issued patches for 73 CVEs, including two zero-day flaws one of which has been exploited in the wild, as part of its monthly Patch Tuesday release.

Security firm F5 has disclosed a critical vulnerability in its BIG-IP product, a family of hardware and software solutions that are used for application delivery and centralised device management.

Fresh questions have arisedn about one of the remotely exploitable flaws in Microsoft's products which was revealed during the company's monthly Patch Tuesday announcement.

Microsoft has issued patches for 117 CVEs in its April Patch Tuesday release, with nine rated critical and 108 as important, the most it has ever released for a single month since September 2020. Included among these were two zero-day vulnerabilities, one of which was exploited in the wild and reported to Microsoft by the NSA.

Google has issued a patch for a vulnerability in its Chrome browser that is being actively exploited in the wild.

American cloud computing and virtualisation technology company VMware has published an advisory detailing a remotely exploitable vulnerability in Spring Cloud, a framework for implementing business logic via functions.

Security vendor Tenable has appointed Johnny Yap to the role of APAC channel director.

A new ransomware-as-a-service family, which has been christened LokiLocker, has been identified by Blackberry Threat Intelligence. As usual, it only affects Windows systems.

Microsoft has released patches for 71 vulnerabilities in a number of its products as part of its monthly Patch Tuesday exercise, with three of the flaws having already been released.

Microsoft has released 97 CVEs on its first patch Tuesday of 2022, including four zero-days that have been publicly disclosed but not yet exploited in the wild; one of these is wormable.

The Log4j vulnerability appears to have been overhyped by the infosec industry, with nothing like the scale of attacks expected materialising.

Security vendor Tenable has appointed Nigel Ng to the role of vice president for the Asia Pacific region.

Microsoft has rolled out patches for 67 vulnerabilities in its products in its monthly Patch Tuesday, including a fix for a zero-day that is being exploited in the wild.

A senior security professional says the vulnerability in the Log4j Java-based logging library is comparable to both the Heartbleed and Shellshock flaws that have come to light over the last decade, but the new vulnerability is more devastating.

A serious vulnerability in the Log4j Java-based logging library is affecting many enterprise applications and cloud services.

Zero Trust segmentation provider Illumio has announced a new Technology Alliance Partner Program (TAP).

The Federal Government has ignored the pleas of technology industry bodies and passed a bill that will enable it to take control of private infrastructure as a last resort in the event of a cyber attack.

Two actively exploited zero-day vulnerabilities are among 55 flaws fixed by Microsoft in its monthly Patch Tuesday, with four other zero-days also being remedied.

Security firm Tenable has released version 10.0 of Nessus, a vulnerability scanner that is among the better known tools used to search for vulnerabilities on networked systems.