Saturday, March 25, 2023
Tenable

[R1] Tenable.sc Version 6.1.0 Fixes Multiple Vulnerabilities

Tenable.sc Version 6.1.0 Fixes Multiple Vulnerabilities Arnie Cabral Wed, 03/22/2023 - 11:21 Tenable.sc leverages third-party software to help provide underlying functionality. Several of the third-party components in use (Apache,...
Tenable

[R1] Sensor Proxy Version 1.0.7 Fixes Multiple Vulnerabilities

Sensor Proxy Version 1.0.7 Fixes Multiple Vulnerabilities Arnie Cabral Thu, 03/16/2023 - 11:55 Sensor Proxy leverages third-party software to help provide underlying functionality. One of the third-party components (OpenSSL)...
Tenable

[R1] Tenable Plugin Feed ID #202212081952 Fixes Arbitrary Code Execution Vulnerability

Tenable Plugin Feed ID #202212081952 Fixes Arbitrary Code Execution Vulnerability Arnie Cabral Fri, 03/10/2023 - 16:28 Audit files that are built into the Tenable products provide capability to adjust...
Tenable

[R1] Nessus Agent Version 8.3.5 Fixes Multiple Vulnerabilities

Nessus Agent Version 8.3.5 Fixes Multiple Vulnerabilities Arnie Cabral Thu, 03/09/2023 - 15:30 Nessus Agent leverages third-party software to help provide underlying functionality. One of the third-party components (OpenSSL)...
Tenable

[R1] Nessus Agent Version 10.3.2 Fixes Multiple Vulnerabilities

Nessus Agent Version 10.3.2 Fixes Multiple Vulnerabilities Arnie Cabral Thu, 03/09/2023 - 14:18 Nessus Agent leverages third-party software to help provide underlying functionality. One of the third-party components (OpenSSL)...
Tenable

[R1] Nessus Version 10.4.3 Fixes Multiple Vulnerabilities

Nessus Version 10.4.3 Fixes Multiple Vulnerabilities Arnie Cabral Tue, 03/07/2023 - 11:30 Nessus leverages third-party software to help provide underlying functionality. One of the third-party components (OpenSSL) was found...
Tenable

[R1] Nessus Version 8.15.9 Fixes Multiple Vulnerabilities

Nessus Version 8.15.9 Fixes Multiple Vulnerabilities Arnie Cabral Mon, 03/06/2023 - 18:07 Nessus leverages third-party software to help provide underlying functionality. One of the third-party components (OpenSSL) was found...
Tenable

[R1] Nessus Version 10.5.0 Fixes Multiple Vulnerabilities

Nessus Version 10.5.0 Fixes Multiple Vulnerabilities Arnie Cabral Thu, 03/02/2023 - 12:42 Nessus leverages third-party software to help provide underlying functionality. Several of the third-party components (OpenSSL, spin.js, datatables.net)...
Tenable

[R1] Stand-alone Security Patch Available for Tenable.sc version 5.23.1: SC-202303.1-5

Stand-alone Security Patch Available for Tenable.sc version 5.23.1: SC-202303.1-5 Arnie Cabral Wed, 03/01/2023 - 09:56 Tenable.sc leverages third-party software to help provide underlying functionality. One of the third-party components...
Tenable

[R1] Stand-alone Security Patch Available for Tenable.sc version 6.0.0: SC-202303.1-6

Stand-alone Security Patch Available for Tenable.sc version 6.0.0: SC-202303.1-6 Arnie Cabral Wed, 03/01/2023 - 08:50 Tenable.sc leverages third-party software to help provide underlying functionality. One of the third-party components...
Tenable

[R1] Stand-alone Security Patch Available for Tenable.sc versions 5.22.0 to 6.0.0: SC-202302.2

Stand-alone Security Patch Available for Tenable.sc versions 5.22.0 to 6.0.0: SC-202302.2 Arnie Cabral Tue, 02/21/2023 - 11:42 Tenable.sc leverages third-party software to help provide underlying functionality. One of the...
Tenable

[R1] Stand-alone Security Patch Available for Tenable.sc versions 5.22.0 to 5.23.1: SC-202302.3

Stand-alone Security Patch Available for Tenable.sc versions 5.22.0 to 5.23.1: SC-202302.3 Arnie Cabral Tue, 02/21/2023 - 10:20 Tenable.sc leverages third-party software to help provide underlying functionality. One of the...
Tenable

[R1] Tenable Plugin Feed ID #202212212055 Fixes Privilege Escalation Vulnerability

Tenable Plugin Feed ID #202212212055 Fixes Privilege Escalation Vulnerability Arnie Cabral Mon, 01/30/2023 - 11:18 As part of our Security Development Lifecycle, a potential privilege escalation issue was identified...
Tenable

[R1] Tenable.sc 6.0.0 Fixes Multiple Vulnerabilities

Tenable.sc 6.0.0 Fixes Multiple Vulnerabilities Arnie Cabral Tue, 01/24/2023 - 11:16 Tenable.sc leverages third-party software to help provide underlying functionality. Several of the third-party components (moment.js, libcurl) were found...
Tenable

[R1] Nessus Version 8.15.8 Fixes One Vulnerability

Nessus Version 8.15.8 Fixes One Vulnerability Arnie Cabral Wed, 01/18/2023 - 12:13 A privilege escalation vulnerability was identified in Nessus versions 8.15.7 and earlier. An authenticated attacker could potentially...
The Hacker News

Microsoft Warns of Stealthy Outlook Vulnerability Exploited by Russian Hackers

Microsoft on Friday shared guidance to help customers discover indicators of compromise (IoCs) associated with a recently patched Outlook vulnerability. Tracked as CVE-2023-23397 (CVSS score: 9.8), the critical flaw relates to a case of privilege escalation that could be exploited to steal...
The Hacker News

OpenAI Reveals Redis Bug Behind ChatGPT User Data Exposure Incident

OpenAI on Friday disclosed that a bug in the Redis open source library was responsible for the exposure of other users' personal information and chat titles in the upstart's ChatGPT service earlier this week. The glitch, which came to light on...
SecurityWeek

US Charges 20-Year-Old Head of Hacker Site BreachForums

The US Justice Department charged Conor Brian Fitzpatrick, founder of BreachForums, a major underground website for computer hackers. The post US Charges 20-Year-Old Head of Hacker Site BreachForums appeared first on SecurityWeek.
SC Magazine

Dish customers struggle with service disruptions weeks after ransomware attack

Customers complain that they are still having payment issues and are not able to contact customer service weeks after Dish Network suffered a ransomware attack.
Security Affairs

CISA announced the Pre-Ransomware Notifications initiative

The US Cybersecurity and Infrastructure Security Agency (CISA) announced the Pre-Ransomware Notifications service to help organizations stop ransomware attacks before damage occurs. The US Cybersecurity and Infrastructure Security Agency announced a new Pre-Ransomware Notification initiative that aims at alerting organizations of...