Wednesday, August 10, 2022
Tenable

[R1] Tenable.sc 5.22.0 Fixes One Third-Party Vulnerability

Tenable.sc 5.22.0 Fixes One Third-Party Vulnerability Arnie Cabral Wed, 07/27/2022 - 18:26 Tenable.sc leverages third-party software to help provide underlying functionality. One of the third-party components (moment.js) was found...
Tenable

[R1] Stand-alone Security Patch Available for Tenable.sc versions 5.20.0 to 5.21.0: Patch 202206.1

Stand-alone Security Patch Available for Tenable.sc versions 5.20.0 to 5.21.0: Patch 202206.1 Arnie Cabral Thu, 06/30/2022 - 11:05 Tenable.sc leverages third-party software to help provide underlying functionality. One of...
Tenable

[R1] Nessus Agent Version 10.1.4 Fixes Multiple Vulnerabilities

Nessus Agent Version 10.1.4 Fixes Multiple Vulnerabilities Arnie Cabral Wed, 06/15/2022 - 12:36 Custom audit files bring tremendous power and flexibility when assessing the configuration of your assets. Two...
Tenable

[R1] Nessus Version 8.15.5 Fixes Multiple Third-Party Vulnerabilities

Nessus Version 8.15.5 Fixes Multiple Third-Party Vulnerabilities Arnie Cabral Thu, 05/26/2022 - 12:45 Nessus leverages third-party software to help provide underlying functionality. One of the third-party components (expat) was...
Tenable

[R1] Nessus Version 10.2.0 Fixes Multiple Third-Party Vulnerabilities

Nessus Version 10.2.0 Fixes Multiple Third-Party Vulnerabilities Arnie Cabral Thu, 05/26/2022 - 09:30 Nessus leverages third-party software to help provide underlying functionality. Several of the third-party components (zlib, expat,...
Tenable

[R1] Nessus Network Monitor 6.0.1 Fixes Multiple Third-party Vulnerabilities

Nessus Network Monitor 6.0.1 Fixes Multiple Third-party Vulnerabilities Arnie Cabral Mon, 05/09/2022 - 17:04 Nessus Network Monitor leverages third-party software to help provide underlying functionality. Several third-party components (OpenSSL...
Tenable

[R1] Tenable.sc 5.21.0 Fixes Fix Multiple Third-Party Vulnerabilities

Tenable.sc leverages third-party software to help provide underlying functionality. Several of the third-party components were found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution, and in line with best practice, Tenable has...
Tenable

[R1] Stand-alone Security Patch Available for Tenable.sc versions 5.19.0 to 5.20.1: Patch 202204.1

Tenable.sc leverages third-party software to help provide underlying functionality. Two of the third-party components (Apache and OpenSSL) were found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution, and in line with best...
Tenable

[R1] Nessus Agent Versions 8.3.3 and 10.1.3 Fix One Third-Party Vulnerability

Nessus Agent leverages third-party software to help provide underlying functionality. One of the third-party components (OpenSSL) was found to contain vulnerabilities, and an updated version has been made available by the provider. Out of caution and in line with best...
Tenable

[R1] Nessus Versions 8.15.4 and 10.1.2 Fix One Third-Party Vulnerability

Nessus leverages third-party software to help provide underlying functionality. One of the third-party components (OpenSSL) was found to contain vulnerabilities, and an updated version has been made available by the provider. Out of caution and in line with best practice,...
Tenable

[R1] Nessus Versions 8.15.3 and 10.1.1 Fix Multiple Third-Party Vulnerabilities

Nessus leverages third-party software to help provide underlying functionality. One of the third-party components (Expat) was found to contain vulnerabilities, and an updated version has been made available by the provider. Out of caution and in line with best practice,...
Tenable

[R1] Nessus 10.1.0 Fixes One Third-Party Vulnerability

Nessus leverages third-party software to help provide underlying functionality. One of the third-party components (Underscore.js) was found to contain a vulnerability, and an updated version has been made available by the provider. Out of caution and in line with...
Tenable

[R1] Stand-alone Security Patch Available for Tenable.sc versions 5.16.0 to 5.19.1: Patch 202201.1

Tenable.sc leverages third-party software to help provide underlying functionality. One of the third-party components (Apache) was found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution, and in line with best practice, Tenable...
Tenable

[R1] Nessus Network Monitor 6.0.0 Fixes Multiple Third-party Vulnerabilities

Nessus Network Monitor leverages third-party software to help provide underlying functionality. One of the third-party components (OpenSSL) was found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution and in line with best...
Tenable

[R1] Tenable.sc 5.20.0 Fixes Multiple Vulnerabilities

Tenable.sc versions 5.14.0 through 5.19.1 were found to contain a remote code execution vulnerability which could allow a remote, unauthenticated attacker to execute code under special circumstances. An attacker would first have to stage a specific file type in...

Phishers who breached Twilio and fooled Cloudflare could easily get you, too

Enlarge (credit: Getty Images) At least two security-sensitive companies—Twilio and Cloudflare—were targeted in a phishing attack by an advanced threat actor who had possession of home phone numbers of not...
Brian Krebs

Microsoft Patch Tuesday, August 2022 Edition

Microsoft today released updates to fix a record 141 security vulnerabilities in its Windows operating systems and related software. Once again, Microsoft is patching a zero-day vulnerability in the Microsoft Support Diagnostics Tool (MSDT), a service built into Windows....

One of 5G's Biggest Features Is a Security Minefield

New research found troubling vulnerabilities in the 5G platforms carriers offer to wrangle embedded device data.
The Register

Patch Tuesday: Yet another Microsoft RCE bug under active exploit

Oh, and that critical VMware auth bypass vuln? Miscreants found it, too August Patch Tuesday clicks off the week of hacker summer camp in Las Vegas this year, so it's basically a code cracker's holiday too. …