Saturday, January 19, 2019
Tenable

[R1] Nessus 7.1.4 Fixes Multiple Third-party Vulnerabilities

Nessus leverages third-party software to help provide underlying functionality. One third-party component (OpenSSL) was found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution and in line with good practice, Tenable opted to...
Tenable

[R1] Nessus 8.1.1 Fixes Multiple Third-party Vulnerabilities

Nessus leverages third-party software to help provide underlying functionality. One third-party component (OpenSSL) was found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution and in line with good practice, Tenable opted to...
Tenable

[R1] SecurityCenter 5.8.0 Fixes Multiple Third-Party Vulnerabilities

SecurityCenter leverages third-party software to help provide underlying functionality. Two separate third-party components (Apache Xalan and Serializer) were found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution and in line with good...
Tenable

[R1] Nessus 8.0.0 Fixes Multiple Third-party Vulnerabilities

Nessus leverages third-party software to help provide underlying functionality. One third-party component (OpenSSL) was found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution and in line with good practice, Tenable opted to...
Tenable

[R1] LCE 5.1.1 Fixes One Third-party Vulnerability

Log Correlation Engine leverages third-party software to help provide underlying functionality. One third-party component (OpenSSL) was found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution and in line with good practice, Tenable...
Tenable

[R1] SecurityCenter 5.7.1 Fixes Multiple Third-Party Vulnerabilities

SecurityCenter leverages third-party software to help provide underlying functionality. Two separate third-party components (PHP and OpenSSL) were found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution and in line with good practice,...
Tenable

[R1] SecurityCenter 5.7.0 Fixes Multiple Vulnerabilities

SecurityCenter leverages third-party software to help provide underlying functionality. Two separate third-party components (PHP and jQuery) were found to contain vulnerabilities, and updated versions have been made available by the providers.
Tenable

[R1] TenableCore Web Application Scanner v20180702 Fixes Third-party Vulnerabilities

The TenableCore Web Application Scanner Image v20180328 was found to contain a command injection flaw in a script included in the bundled DHCP client (dhclient) package.A malicious DHCP server, or an attacker on the local network able to spoof...
Tenable

[R1] Nessus Agent 7.1.0 Fixes Multiple Third-party Vulnerabilities

Nessus Agent leverages third-party software to help provide underlying functionality. Some of the third-party components were found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution and in line with good practice, Tenable...
Tenable

[R1] Nessus 7.1.1 Fixes Multiple Third-party Vulnerabilities

Nessus leverages third-party software to help provide underlying functionality. Some of the third-party components were found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution and in line with good practice, Tenable opted...
Tenable

[R1] Nessus Network Monitor 5.5.0 Fixes One Third-party Vulnerability

Nessus Network Monitor leverages third-party software to help provide underlying functionality. One of the third-party components (OpenSSL) were found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution and in line with...
Tenable

[R1] Industrial Security 1.1.0 Fixes One Third-party Vulnerability

Industrial Security leverages third-party software to help provide underlying functionality. One of the third-party components (OpenSSL) were found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution and in line with good practice,...
Tenable

[R1] Nessus 7.1.0 Fixes Multiple Vulnerabilities

Nessus versions 7.0.3 and earlier have been found vulnerable to two separate issues. The first vulnerability (XSS) exists due to improper input validation. An authenticated attacker could create and upload a .nessus file, that may be viewed by an administrator...
Tenable

[R1] OpenSSL Stand-alone Patch Available for SecurityCenter versions 5.0 or Later

SecurityCenter leverages third-party software to help provide underlying functionality. One of the third-party components (OpenSSL) was found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution and in line with good practice, Tenable...
Tenable

[R2] SecurityCenter 5.6.2.1 Fixes One Third-party Vulnerability

SecurityCenter leverages third-party software to help provide underlying functionality. One of the third-party components (PHP) were found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution and in line with good practice, Tenable...
ZDNet

Websites can steal browser data via extensions APIs

Researcher finds nearly 200 Chrome, Firefox, and Opera extensions vulnerable to attacks from malicious sites.
Security Affairs

6 Reasons We Need to Boost Cybersecurity Focus in 2019

Paying attention to cybersecurity is more important than ever in 2019. But, some companies are still unwilling to devote the necessary resources to securing their infrastructures against cyberattacks, and naive individuals think they’re immune to the tactics of cybercriminals,...
isBuzz

Fortnite Vulnerabilities Allow Hackers To Take Over Gamers’ Accounts, Data And In-Game Currency

Cybersecurity researchers today shared details of vulnerabilities that could have affected any player of the hugely popular online battle game, Fortnite. If exploited, the vulnerability would have given an attacker full access to a user’s account and their personal information  as well...

DNC Accuses Russia, ACLU Sues ICE, and More Security News This Week

Trump dominated security headlines this week, but there's plenty of other news to catch up on.
SecurityWeek

Bulgaria Extradites Russian Hacker to US: Embassy

Bulgaria has extradited a Russian indicted by a US court for mounting a complex hacking scheme to the United States, the Russian embassy in Washington said Saturday. read more