Tenable Research Podcast

Follow Tenable Research Podcast
Share on
Copy link to clipboard

Join members of Tenable Research for a discussion about the latest vulnerabilities, exploits and cyber threats. Analysis, insights and guidance for information security and IT professionals who want to stay in the know.

Tenable Research


    • Nov 8, 2022 LATEST EPISODE
    • monthly NEW EPISODES
    • 35m AVG DURATION
    • 37 EPISODES


    Search for episodes from Tenable Research Podcast with a specific topic:

    Latest episodes from Tenable Research Podcast

    Research Alliance Program - Shared Intelligence and Insight

    Play Episode Listen Later Nov 8, 2022 30:16


    This month we talked to Tenable's director of research product management Ray Carney and Eric Hoffman, director of partnerships and alliances at Greynoise, about the formation of a new research alliance program.Announced in mid October, this is intended to facilitate collaboration and information sharing between industry partners, and support best-practice coordinated vulnerability disclosure in order to promote increased cooperation in order to reduce an attacker's free time.Follow along for more from Tenable Research:Subscribe to the blogFollow Tenable's Zero Day team on Medium

    What is Exposed Externally That You're Unaware Of, What Can Attackers See - and How to Manage Your Exposure

    Play Episode Listen Later Oct 3, 2022 40:04


    After we discussed the concept of Exposure Management on our last podcast, this time we welcome back Tenable's senior principal security advocate Nathan Wenzler to discuss the concept of how you can determine your level of exposure, what has led to this level of vulnerability, and what options are available to you to better manage this.Follow along for more from Tenable Research:Subscribe to the blogFollow Tenable's Zero Day team on Medium

    Understanding and Achieving Exposure Management

    Play Episode Listen Later Sep 13, 2022 35:21


    The concept of Exposure Management has become more and more prominent in recent months, as users understand how much they are exposed to attack, how they can protect their assets and what it takes to achieve a level of compliance.In this podcast, we talk with Tenable's senior principal security advocate Nathan Wenzler about the concept of Exposure Management, what it is, and what businesses need to do to adopt it. Follow along for more from Tenable Research:Subscribe to the blogFollow Tenable's Zero Day team on Medium

    Reviewing 90 Day Responsible Disclosure Policies in 2022

    Play Episode Listen Later Aug 24, 2022 33:00


    In the field of responsible disclosure, a policy of 90 days to publicly disclose vulnerabilities has been created by industry. This time period should allow the researcher to disclose the vulnerability to the recipient company, giving them time to push a fix out before the original flaw can be announced.However are we in a time where this time period still works? Some vulnerabilities can be fixed fairly rapidly as we work in cloud environments, while others can be more challenging to fix - such as in OT. We talked to Tenable's Ivan Belyna and Nick Miles about the evolution of the 90 day policy, and its present and future, and what use advanced disclosure is to security leaders and to the wider industry.  Show ReferencesTales of Zero-Day Disclosure white paper 2020 Podcast with Tenable's Zero-Day Team Follow along for more from Tenable Research:Subscribe to the blogFollow Tenable's Zero Day team on Medium

    Unsophisticated Extortion - Reflecting on the LAPSUS$ Group

    Play Episode Listen Later Jul 29, 2022 22:17


    In the first few months of 2022, the LAPSUS$ Group made a major splash in the cybersecurity headlines as it conducted a series of attacks on the likes of Nvidia, Microsoft and Okta. However a few months later, they had disappeared and arrests were reported soon afterwards.In a new blog, Tenable's senior research engineer Claire Tills looked at the efforts of LAPSUS$ and what its motivations were, and how it is viewed now, and joins us on this podcast to discuss the extortion group further.Show ReferencesBrazen, Unsophisticated and Illogical: Understanding the LAPSUS$ Extortion Group Ransomware Ecosystem White Paper Download PageBlog on Understanding the Ransomware EcosystemWebinar on the Ransomware Ecosystem reportBBC News - Oxford teen accused of being multi-millionaire cyber-criminal Bleeping Computer news report on Okta attack Follow along for more from Tenable Research:Subscribe to the blogFollow Tenable's Zero Day team on Medium

    Understanding the Ransomware Ecosystem

    Play Episode Listen Later Jul 8, 2022 28:40


    Beyond the success of its impact, a lucrative criminal ecosystem has been developed for ransomware. This has seen ransomware-as-a-service (RaaS) creating an ecosystem utilizing multiple players, while the concept of double extortion has emerged, which involves exfiltrating data from victim organizations and publishing teasers about these breaches on the dark web.In this new edition of the Tenable Research podcast, we talk with senior staff research engineer Satnam Narang about a new white paper which explores the working of this ecosystem, how it works and what the economics of the model are.Show ReferencesRansomware Ecosystem White Paper Download PageBlog on Understanding the Ransomware Ecosystem Webinar on the Ransomware Ecosystem report ContiLeaks: Chats Reveal Over 30 Vulnerabilities Used by Conti Ransomware Follow along for more from Tenable Research:Subscribe to the blogFollow Tenable's Zero Day team on Medium

    BIG-IP and Microsoft Fixes and AWS Hot Patches

    Play Episode Listen Later May 23, 2022 23:47


    This month we talk to Tenable research manager Scott Caveza about three recent patching stories, where F5 and Microsoft offered fixes in a regular cycle, and how Amazon Web Services released hot patches to repair earlier vulnerabilities in fixes for Log4J.F5 BIG-IP Patch Hot Patches for Log4J May Patch TuesdayCVE-2021-36942Follow along for more from Tenable ResearchSubscribe to the blogFollow Tenable's Zero Day team on Medium

    The State of OT Security, a Year Since Colonial Pipeline

    Play Episode Listen Later May 13, 2022 35:23


    On this edition of the podcast, we look at the conversation around operational technology (OT) and attacks on critical infrastructure, as we mark a year since the Colonial Pipeline incident. We're joined by Tenable's VP of operational technology Marty Edwards to talk about lessons learned, what work there is still to be done by practitioners, industry and researchers, and where the problems remain.Tenable blog - Securing Critical Infrastructure its Complicated Amit Yoran TestimonyVideo of the Homeland Security CommitteeJoint Cybersecurity AdvisoryCBS News 60 Minutes Report NCSC blog on Cyber Assessment Framework Follow along for more from Tenable Research:Subscribe to the blogFollow Tenable's Zero Day team on Medium

    Spring4Shell and Patches for VMware and Microsoft

    Play Episode Listen Later Apr 20, 2022 31:34


    This month we take a deep dive into the most recent Java related vulnerability, and ask what the situation was with this, how it got confused with another vulnerability, and how significant it is to the wider threat landscape - or was it just riding on the memory of Log4J?We also look at the April patches from Microsoft, and two lots of fixes from VMware.Spring4Shell FAQ: Spring Framework Remote Code Execution Vulnerability Microsoft's April 2022 Patch Tuesday Addresses 117 CVEsVMware vCenter Server Sensitive Information Disclosure Vulnerability VMware Patches Multiple Vulnerabilities in Workspace ONE, Identity and Lifecycle Manager and vRealize Threat Landscape Retrospective 2021 Download Follow along for more from Tenable Research:Subscribe to the blogFollow Tenable's Zero Day team on Medium

    Security Research: How to Get the Job, and What to Expect

    Play Episode Listen Later Mar 28, 2022 51:28


    Have you ever sat in the audience at a conference, watched a video of a presentation, or listened to an interview on a podcast or TV, and seen a researcher and thought ‘how do I get to do that?'Tenable now has a wide selection of researchers, covering security response, zero day research, audit and compliance and writing software plugins.With more companies employing full time researchers now, we talked to two from Tenable about what the job entails, what you need to know to get hired, and what a typical day or week looks like. Joining this month are research senior managers Ivan Belyna and Jesus Garcia Galan.Research JobsTenable Careers Tenable Research 

    The Remaining Top Vulnerabilities, and Important Patches

    Play Episode Listen Later Mar 18, 2022 23:41


    This month we look at newly-released, important-rated patches from Microsoft, and a new blog from Tenable's Security Response Team where more vulnerabilities from 2021 were discussed, and why they did not make the final top five in our Threat Landscape Retrospective. March Patch Tuesday Behind the Scenes: How We Picked 2021's Top Vulnerabilities – and What We Left Out 2021 Threat Landscape Retrospective 

    Renaud Deraison - Nessus, Tenable and His Future

    Play Episode Listen Later Mar 7, 2022 29:19


    This month we talk to Renaud Deraison, outgoing CTO and a co-founder of Tenable, who talks about his time developing Nessus from an open source scanner in 1998 to the development of Tenable over the past 20 years, and what the future looks like for him.Nessus ProfessionalTenable ResearchTenable Blog

    Important Patches and Critical Vulnerabilities - SAP, Cisco and Microsoft

    Play Episode Listen Later Feb 25, 2022 20:41


    This month we look at new patches released by Cisco, Microsoft and SAP, and while there were some very critical vulnerabilities patched, we also saw Microsoft change tact with a significantly reduced patch bundle and with no critical patches released.Patch Tuesday Blog SAP Patches Internet Communication Manager Advanced Desync (ICMAD) Vulnerabilities  Threat Landscape Retrospective Download Page Critical Flaws in Cisco Small Business Routers Tenable Research Podcast on CISA

    Black History Month: Pioneers, Hidden Figures and Diversity

    Play Episode Listen Later Feb 23, 2022 25:16


    As it is Black History Month in North America in February, we talked to the co-chairs of Black@Tenable, the diversity and inclusion group for African-American employees of Tenable, about the recognition of black leaders in technology, efforts to increase the hiring of people of color in cybersecurity, and how the industry is responding to that.Tenable HomepageTenable CareersBlack History Month

    The Threats, Vulnerabilities, Attacks and Incidents That Made 2021

    Play Episode Listen Later Jan 31, 2022 43:52


    In our first look at the research highlights of 2022, we take a deep dive into Tenable's 2021 Threat Landscape Retrospective, and look at the incidents, attacks and notable vulnerabilities that made up the past year.We also look at new advisories from January 2022, with new patches from Microsoft and ZoHo, and the new CVEs in Apache Log4j 1.x.Threat Landscape Retrospective Download Page TLR Webinar Registration Page TLR Blog Post PrintNightmare CVE 2021-36958Tenable Log4J Website ZoHo Patches Microsoft January Patches Follow along for more from Tenable Research:Subscribe to the blogFollow Tenable's Zero Day team on Medium

    Log4J, Fixes For ZoHo and SonicWall and December Microsoft Patches

    Play Episode Listen Later Dec 22, 2021 40:57


    This month we take a look back at the impact of Log4J and how both the industry and Tenable were able to respond to this major incident that affected so many users globally. There are also fresh fixes from SonicWall and ZoHo for ManageEngine, and the final batch of patches from Microsoft as it rounds off a quieter year.Proof-of-Concept for Critical Apache Log4j Remote Code Execution Vulnerability Available (Log4Shell)Log4j Resource PageLog4J Tenable Webinar SonicWall Urges Users to Patch Several Vulnerabilities in Secure Mobile Access Products ZoHo Patches ManageEngine Zero-Day Exploited in the WildMicrosoft's December 2021 Patch Tuesday Addresses 67 CVEs Follow along for more from Tenable Research:Subscribe to the blogFollow Tenable's Zero Day team on Medium

    Will the CISA Directive Create a More Secure Government?

    Play Episode Listen Later Nov 30, 2021 35:56


    The recent Binding Operational Directive from CISA will see a number of U.S. government departments receive better instruction on which vulnerabilities need to be patched, and to do so within a six month time frame. On this episode of the Tenable Research podcast, we talk to Nathan Wenzler and Seth Matheson about what the vulnerabilities are, how they are determined, who is affected and what this could mean for other governments around the world, and other businesses also.Show references:Binding Operational Directive 22-01 CISA Directive 22-01: How Tenable Can Help You Find and Fix Known Exploited Vulnerabilities https://cyber.dhs.gov/bod/22-01/How Risk-Based Vulnerability Management Helps You Effectively Address CISA's Binding Operational Directive 22-01

    Common Attacks on Active Directory

    Play Episode Listen Later Nov 18, 2021 32:25


    This time we're joined by Tenable's security strategist Sylvain Cortes, as we look at the types of attacks being targeted at Active Directory, how attackers look to get a foothold into enterprise networks by exploiting AD, and what steps you can take to better secure yourself and your AD environment Active Directory is Now in the Ransomware Crosshairs How to Protect Active Directory Against Ransomware AttacksHow to Strengthen Active Directory and Prevent Ransomware Attacks 

    Patches for Apache and VMware, and October Patch Tuesday

    Play Episode Listen Later Oct 20, 2021 22:51


    This month we look at patches from Apache and VMware, an example of very rapid response to a researcher's findings, and another quiet month from Microsoft's Patch Tuesday, with guests Claire Tills and Satnam Narang from Tenable's Security Response Team.CVE-2021-22005: Critical File Upload Vulnerability in VMware vCenter ServerCVE-2021-41773: Path Traversal Zero-Day in Apache HTTP Server ExploitedMicrosoft's October 2021 Patch Tuesday Addresses 74 CVEs (CVE-2021-40449)CVE-2021-34527: Microsoft Releases Out-of-Band Patch for PrintNightmare Vulnerability in Windows Print SpoolerCVE-2021-1675: Proof-of-Concept Leaked for Critical Windows Print Spooler VulnerabilityThe PrintNightmare Continues: Another Zero-Day in Print Spooler Awaits Patch (CVE-2021-36958)Finding Proxylogon and Related Microsoft Exchange Vulnerabilities: How Tenable Can HelpFollow along for more from Tenable Research:Subscribe to the blogFollow Tenable's Zero Day team on Medium

    OMIGOD: Critical Vulnerabilities in Atlassian, OMI and Microsoft, and Remote Working Trends

    Play Episode Listen Later Sep 30, 2021 66:40


    This month we review new blogs from Tenable's Security Response Team on a vulnerability in Atlassian's Confluence Server, review what made cybersecurity say “OMIGOD” and look at another light load of patches from Microsoft. We also look at new research - commissioned by Tenable and conducted by Forrester - on remote working statistics, and look at technology investment and attack trends which were discovered.Show References:Atlassian Confluence OGNL Injection Vulnerability Exploited in the Wild Critical Flaw Leaves Azure Linux VMs Vulnerable to Remote Code Execution Microsoft's September 2021 Patch Tuesday Addresses 60 CVEs Tenable and Forrester cyber risk reportFollow along for more from Tenable Research:Subscribe to the blogFollow Tenable's Zero Day team on Medium

    Hold the Door - VPN Vulnerabilities Unlock Entry to Your Network

    Play Episode Listen Later Sep 8, 2021 19:19


    On this edition of the Research podcast, we talk to Satnam Narang and Claire Tills about the Security Response Team's recent research blog around SSL VPN vulnerabilities. That blog looked back at how three particular flaws in major VPNs are frequently exploited, so we look at when these vulnerabilities were disclosed, what the impact of them are, who has been attempting to exploit them and who the targets have been.Show references:Hold the Door: Why Organizations Need to Prioritize Patching SSL VPNs Zero-Day Vulnerability in SonicWall Secure Mobile Access (SMA) Exploited in the Wild Follow along for more from Tenable Research:Subscribe to the blogFollow Tenable's Zero Day team on Medium

    Light Patches, Router Issues and a Year of Zerologon

    Play Episode Listen Later Aug 24, 2021 45:36


    This month we look at new blogs from Tenable's security response team, including on a year of Zerologon, vulnerabilities in Microsoft Exchange Servers and Pulse Secure, and a widely spread flaw in wifi routers which could affect thousands of users globally.Show ReferencesOne Year Later: What Can We Learn from Zerologon? Microsoft's August 2021 Patch Tuesday Addresses 44 CVEs Remote Code Execution Patch Bypass in Pulse Connect Secure ProxyShell: Attackers Actively Scanning for Vulnerable Microsoft Exchange Servers Bypassing Authentication on Arcadyan Routers with CVE-2021–20090 and rooting some Buffalo Follow along for more from Tenable Research:Subscribe to the blogFollow Tenable's Zero Day team on Medium

    Black Hat 2021 and the Return to Conferences

    Play Episode Listen Later Aug 2, 2021 30:02


    As the first major security conference prepares to take place, Tenable's chief security strategist Nathan Wenzler talks to Dan Raywood about what the conference scene could look like going forward, what people can expect from the experience and what virtual and in person delegates will be looking to gain from attending.Follow along for more from Tenable Research:Subscribe to the blogFollow Tenable's Zero Day team on Medium

    Nightmare, Ransomware, Patches Everywhere

    Play Episode Listen Later Jul 21, 2021 43:54


    In this episode we talk to security researchers Claire Tills and Satnam Narang on a busy month in cybersecurity headlines, from an MSP facing a major ransomware situation, to Microsoft's attempts to keep up with the PrintNightmare issue, and evaluating July's bumper Patch Tuesday offering. Multiple Zero-Day Vulnerabilities in Kaseya VSA Exploited to Distribute REvil RansomwareProof-of-Concept Leaked for Critical Windows Print Spooler VulnerabilityMicrosoft Releases Out-of-Band Patch for PrintNightmare Vulnerability in Windows Print SpoolerMicrosoft's July 2021 Patch Tuesday Includes 116 CVEsFollow along for more from Tenable Research:Subscribe to the blogFollow Tenable's Zero Day team on Medium

    Back to Reality, Ransomware and Patch Tuesday

    Play Episode Listen Later Jun 28, 2021 45:16


    Welcome back to the Tenable Research Podcast. In this new episode we look back at June's Microsoft patches, and ask Tenable staff research engineer Satnam Narang what he feels the reasons are for the number of patches generally decreasing both monthly and annually. We are also joined by director of product management Ray Carney, as we look into the increase of ransomware in 2021, what have been the causes of this increase, and what the threat landscape looks like currently. Show References:https://www.tenable.com/blog/microsoft-june-2021-patch-tuesday-49-cves-cve-2021-31955-cve-2021-31956-and-cve-2021-33742 https://www.tenable.com/blog/cve-2021-21985-critical-vmware-vcenter-server-remote-code-execution Follow along for more from Tenable Research:Subscribe to the blogFollow Tenable's Zero Day team on Medium

    Learning from a No Good, Very Bad Year

    Play Episode Listen Later Jan 14, 2021 61:12


    As always, we discuss the latest vulnerability news and the first Patch Tuesday of the year. Then, the Security Response Team walks us through their 2020 Threat Landscape Retrospective report. The team did the tough work of looking back at everything that happened in 2020 and deriving some key lessons we can all take into 2021.Read the full reportShow References:Microsoft’s January 2021 Patch Tuesday Addresses 83 CVEsSolorigate: SolarWinds Orion Platform Contained a Backdoor Since March 2020 (SUNBURST)Webinar Recording on SolarWinds IncidentAMNESIA:33: Researchers Disclose 33 Vulnerabilities Across Four Open Source TCP/IP LibrariesFollow along for more from Tenable Research:Subscribe to the blogFollow Tenable’s Zero Day team on MediumTenable Research Podcast Musical References

    Security Research in 2020

    Play Episode Listen Later Dec 10, 2020 52:12


    We’re joined by four members of the Zero Day Research team - Nick Miles, Jimi Sebree, Chris Lyne, and Evan Grant - to talk about what it’s like being a security researcher in 2020. Conferences mostly cancelled, vendor responses fluctuating, concerns about selecting targets and promoting work - it’s complicated out there for researchers. As always, Satnam Narang breaks down the latest vulnerability news for us.Show References:Microsoft’s December 2020 Patch Tuesday Addresses 58 CVEs including CVE-2020-25705 (SAD DNS)Cloudflare’s Blog Post on SAD DNSCVE-2020-4006: VMware Command Injection Flaw Exploited by Russian State-Sponsored Threat ActorsCVE-2020-27125, CVE-2020-27130, CVE-2020-27131: Pre-Authentication Vulnerabilities in Cisco Security Manager DisclosedSpam warning on Cash AshZero Day ResearchCOVID-19 Pandemic Data: As Attack Surface Expands, Software Vendors Improve Vulnerability Response TimesPsExec Local Privilege EscalationHacking in Among UsTP-Link Takeover with a Flash DriveInside Amazon’s Ring Alarm SystemFollow along for more from Tenable Research:Subscribe to the blogFollow Tenable’s Zero Day team on MediumTenable Research Podcast Musical References

    Benchmarks and You: Making the Right Match

    Play Episode Listen Later Nov 13, 2020 50:19


    On this episode, we talk about November Patch Tuesday - Satnam highlights some of the vulnerabilities and we discuss the new, limited format for the advisories from Microsoft. Our guest this month is Grant Dobbe who gives us a crash course on compliance benchmarks and how to pick the right one for you. The key lesson: don’t try to put a jet engine on a Cessna.Show References: Government Agencies Warn of State-Sponsored Actors Exploiting Publicly Known VulnerabilitiesWebinar: Ramp-Up Your Response to Latest State Sponsored AttacksMicrosoft’s November 2020 Patch Tuesday Addresses 112 CVEs including CVE-2020-17087CVE-2020-15999, CVE-2020-17087: Google Chrome FreeType and Microsoft Windows Kernel Zero Days Exploited in the WildGoogle patches two more Chrome zero-daysApple patches iOS against 3 actively exploited 0-days found by GoogleOracle Critical Patch Update for October 2020 Addresses 402 Security UpdatesCVE-2020-14882: Oracle WebLogic Remote Code Execution Vulnerability Exploited in the WildOracle Security Alert Advisory - CVE-2020-14750 (Out-of-Band)CVE-2020-14871: Critical Buffer Overflow in Oracle Solaris Exploited in the Wild as Zero-DayCVE-2020-27615: SQL Injection Vulnerability in WordPress Loginizer Plugin Affected Over One Million SitesCVE-2020-16846, CVE-2020-25592: Critical Vulnerabilities in Salt Framework DisclosedWebinar: How to Unlock the Security Benefits of the CIS BenchmarksCIS BenchmarksDISA STIGsSTIG ViewerSingle Check Audits on GithubGithub: Audit file for CVE-2020-14871Tenable Research Podcast Musical References

    Security Advisories: the Good, the Bad, and the Weird

    Play Episode Listen Later Oct 16, 2020 35:06


    This month, Luke Tamagna-Darr is back and he and Satnam have a lot to say about security advisories. As always, we walk through the latest vulnerability news - specifically diving into “Zerologon” and “Bad Neighbor” as well as multiple alerts from CISA. Many advisories recently were focused on chaining vulnerabilities, providing insight into how attackers are leveraging bugs together in attacks.Show References:Writing Security Advisories: 5 Best Practices For VendorsMicrosoft’s October 2020 Patch Tuesday Addresses 87 CVEs including “Bad Neighbor” Windows TCP/IP Vulnerability (CVE-2020-16898)CVE-2020-1472: 'Zerologon' Vulnerability in Netlogon Could Allow Attackers to Hijack Windows Domain ControllerCVE-2020-1472: Advanced Persistent Threat Actors Use Zerologon Vulnerability In Exploit Chain with Unpatched VulnerabilitiesUS Cybersecurity Agency CISA Alert: Foreign Threat Actors Continue to Target Unpatched VulnerabilitiesCVE-2020-2040: Critical Buffer Overflow Vulnerability in PAN-OS Devices DisclosedMultiple Vulnerabilities in CodeMeter Leave Managed Industrial Control Systems Open to AttackCVE-2020-6925, CVE-2020-6926, CVE-2020-6927: Multiple Vulnerabilities in HP Device ManagerTenable Research Spotify Playlist

    The Joys of Compliance (No Kidding)

    Play Episode Listen Later Sep 10, 2020 58:05


    We kick things off with this month’s vulnerability news as well as some primary research Satnam has done into questionable advertisements on TikTok. Then, we speak with Justin Brown about the joys of audit and compliance. Specifically, he talks about how his team works to develop and improve over 100,000 configuration checks.Microsoft’s September 2020 Patch Tuesday Addresses 129 CVEsCritical Vulnerability in File Manager WordPress Plugin Exploited in the WildCVE-2020-3566, CVE-2020-3569: Zero-Day Vulnerabilities in Cisco IOS XR Software Targeted in the WildCVE-2020-5776, CVE-2020-5777: Multiple Vulnerabilities in the MAGMI Magento Mass Import PluginCVE-2019-0230: Apache Struts Potential Remote Code Execution VulnerabilityTikTok Ad Scams: Insufficient Moderation Leaves 'For You' Page Filled with Dubious Apps, Products and ServicesEdge Week Agenda

    Automate all the things

    Play Episode Listen Later Aug 13, 2020 27:26


    Our guest this month is Luke Tamagna-Darr and he tells us about some of the automation projects his team is working on, including predicting CVSS vectors when they are missing from vulnerability descriptions. As always, Satnam walks us through the latest vulnerability news as well as the work Tenable Research has done to identify devices impacted by Ripple20.Show ReferencesMicrosoft’s August 2020 Patch Tuesday Addresses 120 CVEs (CVE-2020-1337)Zero-Day Remote Code Execution Vulnerability in vBulletin DisclosedRipple20: More Vulnerable Devices Discovered, Including New VendorsCVE-2020-10713: “BootHole” GRUB2 Bootloader Arbitrary Code Execution VulnerabilityCVE-2020-3452: Cisco Adaptive Security Appliance and Firepower Threat Defense Path Traversal Vulnerability

    10/10 Would Patch Again

    Play Episode Listen Later Jul 16, 2020 34:33


    Satnam starts us off with a veritable parade of vulnerabilities maxing out CVSS severity. Ripple20, PAN OS, BIG-IP, SIGRed, RECON - lots to cover and Satnam breaks it all down for us. As a bit of a palate cleanser, we talk to Tony Huffman and Tyler Coumbes about how Threat Automation works in products.Show ReferencesCVE-2020-11896, CVE-2020-11897, CVE-2020-11901: Ripple20 Zero-Day Vulnerabilities in Treck TCP/IP Libraries DisclosedCVE-2020-2021: Palo Alto Networks PAN-OS Vulnerable to Critical Authentication Bypass Vulnerabilityhttps://twitter.com/RyanLNewington/status/1278074919092289537?s=20 CVE-2017-7391: Vulnerability in Magento Mass Import (MAGMI) Plugin Exploited in the WildCVE-2020-5902: Critical Vulnerability in F5 BIG-IP Traffic Management User Interface (TMUI) Actively ExploitedCVE-2020-6287: Critical Vulnerability in SAP NetWeaver Application Server JAVA Disclosed (RECON)Microsoft’s July 2020 Patch Tuesday Addresses 123 CVEs Including Wormable Windows DNS Server RCE (CVE-2020-1350) (SIGRed)CVE-2020-1350: Wormable Remote Code Execution Vulnerability in Windows DNS Server Disclosed (SIGRed)Tenable Research Discloses Multiple Vulnerabilities in Plex Media Server

    Ghosts of SMB Past

    Play Episode Listen Later Jun 11, 2020 31:52


    We kick things off this episode talking to David Wells about his work with the Zero Day Research Team. He tells about recent bugs he’s found in Signal and an interesting bypass method for User Account Control in Windows. Then we hear from Satnam Narang about the latest vulnerabilities and patches (spoiler: there’s a lot of ghosts and SMB).Show References:https://www.tenable.com/blog/microsoft-s-june-2020-patch-tuesday-addresses-129-cves-including-newly-disclosed-smbv3https://www.tenable.com/blog/smbleed-cve-2020-1206-and-smblost-cve-2020-1301-vulnerabilities-affect-microsoft-smbv3-andhttps://www.tenable.com/blog/cve-2020-12695-callstranger-vulnerability-in-universal-plug-and-play-upnp-puts-billions-ofhttps://medium.com/tenable-techblog/multiple-vulnerabilities-in-tcexam-f6ae38c6fb8ahttps://medium.com/tenable-techblog/turning-signal-app-into-a-coarse-tracking-device-643eb4298447https://medium.com/tenable-techblog/bypass-windows-10-user-group-policy-and-more-with-this-one-weird-trick-552d4bc5cc1bhttps://medium.com/tenable-techblog/uac-bypass-by-mocking-trusted-directories-24a96675f6eTenable Research on Medium - https://medium.com/tenable-techblog

    What's the deal with Web App Scanning?

    Play Episode Listen Later May 14, 2020 37:52


    Satnam walks us through May’s Patch Tuesday which, even at 111 vulnerabilities, was a bit calmer than prior months’ releases. We also talk about vulnerabilities in vBulletin, Cisco, Salt Framework and Sophos XG Firewall - and more. Satnam highlights primary research including flaws Tenable Research found in Instacart’s website and social media scams. To round it out, Eric Detoisien, Director of Research for WAS Content, joins us to talk about web application scanning and how his small-but-brilliant team develops WAS plugins.Show References:SophosLabs on “Asnarök” Trojan - https://news.sophos.com/en-us/2020/04/26/asnarok/Second Grader Hacks System, Shows Kids How to Access Any Student Account - https://bocanewsnow.com/2020/05/12/coronavirus-massive-palm-beach-county-school-district-student-password-breach/WAS SSL/TLS plugins - https://staging.tenable.com/plugins/was/families/SSL%2FTLSRecently from Research:https://www.tenable.com/blog/scams-exploit-covid-19-giveaways-via-venmo-paypal-and-cash-app https://www.tenable.com/blog/microsoft-s-may-2020-patch-tuesday-addresses-111-cveshttps://www.tenable.com/blog/instacart-patches-sms-spoofing-vulnerability-discovered-by-tenable-researchhttps://www.tenable.com/blog/cve-2020-12720-vbulletin-urges-users-to-patch-undisclosed-security-vulnerabilityhttps://www.tenable.com/blog/cisco-patches-multiple-flaws-in-adaptive-security-appliance-firepower-threat-cve-2020-3187https://www.tenable.com/blog/cve-2020-11651-cve-2020-11652-critical-salt-framework-vulnerabilities-exploited-in-the-wildhttps://www.tenable.com/blog/wordpress-e-learning-plugin-vulnerabilities-range-from-cheating-to-remote-code-executionhttps://www.tenable.com/blog/cve-2020-12271-zero-day-sql-injection-vulnerability-in-sophos-xg-firewall-exploited-in-the-wildhttps://www.tenable.com/blog/multiple-zero-day-vulnerabilities-in-ios-mail-app-exploited-in-the-wildhttps://www.tenable.com/blog/adv200004-microsoft-releases-out-of-band-advisory-to-address-flaws-in-autodesk-filmbox-fbxhttps://medium.com/tenable-techblog/remapping-python-opcodes-67d79586bfd5https://medium.com/tenable-techblog/getting-root-on-macos-via-3rd-party-backup-software-b804085f0c9Follow the Security Response Team on the Tenable Community https://community.tenable.com/s/group/0F9f2000000fyxyCAA/cyber-exposure-alerts

    Analyzing Digital Loops and Whorls: OS Fingerprinting

    Play Episode Listen Later Apr 16, 2020 26:59


    Once again, we’re talking about Microsoft Patch Tuesday, this time with the added bonus of a record-breaking Oracle Critical Patch Update. All told, the releases covered 563 CVEs! Satnam Narang discusses vulnerabilities in VMware vCenter and Zoom, as well as some primary research the SRT has done about protecting the remote workforce. Our guests this episode are Jesus Galan, Research Manager of Vulnerability Detection and Greg Betz, Research Manager for Asset Competitiveness. They joined us to talk about OS fingerprinting.Recent SRT Blogshttps://www.tenable.com/blog/oracle-april-2020-critical-patch-update-includes-record-breaking-397-security-updates https://www.tenable.com/blog/microsoft-april-2020-patch-tuesday-addresses-113-cves-including-adobe-type-manager-library https://www.tenable.com/blog/cve-2020-3952-sensitive-information-disclosure-in-vmware-vcenter-server-vmsa-2020-0006https://www.tenable.com/blog/cve-2020-6819-cve-2020-6820-critical-mozilla-firefox-zero-day-vulnerabilities-exploited-in-wildhttps://www.tenable.com/blog/zoom-patches-multiple-flaws-and-responds-to-security-and-privacy-concernshttps://www.tenable.com/blog/cve-2020-8467-cve-2020-8468-vulnerabilities-in-trend-micro-apex-one-and-officescan-exploited-inTenable Research Blogshttps://medium.com/tenable-techblog/pi-sniffers-travels-a0db63c1434a https://medium.com/tenable-techblog/targeting-a-macos-application-update-your-path-traversal-lists-a1055959a75ahttps://medium.com/tenable-techblog/more-medical-record-security-flaws-81759f673a0 Follow the Security Response Team on the Tenable Community https://community.tenable.com/s/group/0F9f2000000fyxyCAA/cyber-exposure-alerts

    Hello EternalDarkness, My New Friend

    Play Episode Listen Later Mar 11, 2020 26:48


    On this episode, we talk about Microsoft’s Patch Tuesday for March which covered a whopping 115 vulnerabilities! However, CVE-2020-0796 stole the show. Satnam walks us through the vulnerability, how it compares to EternalBlue and what practitioners need to know. Giuliana Carullo from the Tenable Vulnerability Database team also joined us to continue the conversation about automation and how her team models the vulnerability landscape.Recent SRT Blogshttps://www.tenable.com/blog/cve-2020-0796-wormable-remote-code-execution-vulnerability-in-microsoft-server-message-blockhttps://www.tenable.com/blog/microsoft-s-march-2020-patch-tuesday-addresses-115-cves-including-58-elevation-of-privilegehttps://www.tenable.com/blog/cve-2020-10189-deserialization-vulnerability-in-zoho-manageengine-desktop-central-10-patchedhttps://www.tenable.com/blog/cve-2020-8597-buffer-overflow-vulnerability-in-point-to-point-protocol-daemon-pppdhttps://www.tenable.com/blog/cve-2020-0688-microsoft-exchange-server-static-key-flaw-could-lead-to-remote-code-executionhttps://www.tenable.com/blog/cve-2020-6418-google-chrome-type-confusion-vulnerability-exploited-in-the-wildhttps://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487https://www.tenable.com/blog/duplicator-wordpress-plugin-vulnerability-exploited-in-the-wildApply to work on the Tenable Vulnerability Database teamhttps://careers.tenable.com/jobs/software-engineer-automation-python-columbia-maryland-united-states-32b2ddc4-5a2c-4317-b349-afd4db64210dFollow the Security Response Team on the Tenable Community https://community.tenable.com/s/group/0F9f2000000fyxyCAA/cyber-exposure-alerts

    February 2020: Automating Vulnerability Intelligence Feeds the Right Way

    Play Episode Listen Later Feb 21, 2020 18:35


    On this episode, we talk about February’s Patch Tuesday, the release of a PoC for CVE-2020-0618, and exploitation of a vulnerability in the ThemeGrill Demo Importer plugin for WordPress. We also speak with Ryan Hoy about the Vulnerability Intelligence Feeds and the work his team does developing and improved the plugin automation framework.Catch Tenable Researchers presenting at BSides Tampa on February 29.Recent SRT blog posts:https://www.tenable.com/blog/cve-2020-0618-proof-of-concept-for-microsoft-sql-server-reporting-services-vulnerability-0https://www.tenable.com/blog/themegrill-demo-importer-vulnerability-actively-exploited-in-the-wildhttps://www.tenable.com/blog/microsoft-s-february-2020-patch-tuesday-addresses-99-cves-including-internet-explorer-zero-dayhttps://www.tenable.com/blog/cdpwn-cisco-discovery-protocol-vulnerabilities-disclosed-by-researchers Primary Researchhttps://www.tenable.com/blog/cryptocurrency-scams-fake-giveaways-impersonate-followers-of-political-and-other-notableThe Tenable Tech Blog on Mediumhttps://medium.com/tenable-techblog/bypass-windows-10-user-group-policy-and-more-with-this-one-weird-trick-552d4bc5cc1b?source=collection_home---4------0-----------------------https://medium.com/tenable-techblog/exploiting-jira-for-host-discovery-43be3cddf023Follow the Security Response Team on the Tenable Community https://community.tenable.com/s/group/0F9f2000000fyxyCAA/cyber-exposure-alerts

    Claim Tenable Research Podcast

    In order to claim this podcast we'll send an email to with a verification link. Simply click the link and you will be able to edit tags, request a refresh, and other features to take control of your podcast page!

    Claim Cancel