Tenable Research has discovered a configuration issue impacting NETGEAR Nighthawk WiFi6 Routers commonly used in small offices and large homes. Organizations need to manually apply firmware updates.
While cloud computing providers such as Amazon Web Services (AWS), Google Cloud Platform (GCP) and Microsoft Azure offer robust and scalable services, securing your cloud environment brings its own unique challenges. You can reduce risk by addressing these eight common cloud security vulnerabilities and misconfigurations.
International cybersecurity agencies issue a joint alert outlining the top malware strains of 2021. We identified vulnerabilities associated with these strains.
The key players within the ransomware ecosystem, including affiliates and initial access brokers, work together cohesively like a band of musicians, playing their respective parts as they strive for fame and fortune.
Having gained the industry’s attention in the first months of 2022, the LAPSUS$ extortion group has largely gone quiet. What can we learn from this extortion group’s story and tactics?
Learn about well-known vulnerabilities and attacks and how they affected critical infrastructure —from Phone Phreaking to recent ransomware.
Understanding the Ransomware Ecosystem: From Screen Lockers to Multimillion-Dollar Criminal EnterpriseJune 22, 2022
Ransomware is a constantly evolving cyberthreat, and it is through its evolution that ransomware has managed to not only survive, but thrive.
XML External Entity (XXE) flaws present unique mitigation challenges and remain a common attack path. Learn how XXE flaws arise, why some common attack paths are so challenging to mitigate and how Tenable.io Web Application Scanning can help.
Since March 10, Tenable Research has attempted to work with Microsoft to address two serious flaws in the underlying infrastructure of Azure Synapse Analytics.
Among the thousands of vulnerabilities disclosed so far in 2022, we highlight five and explain why they matter.
Twitter Crypto Scams: Bored Ape Yacht Club, Azuki and Other Projects Impersonated to Steal NFTs, Digital CurrenciesMay 26, 2022
Scammers are using verified and unverified accounts to impersonate notable NFT projects like Bored Ape Yacht Club and others, tagging Twitter users to drive them to phishing websites.
The 2021 Threat Landscape Retrospective explored the top five vulnerabilities of the year. Learn about other high-impact vulnerabilities that nearly made our list. When putting together the Threat ...