Tenable Network Security Podcast Episode 192 - "Detecting Malware, Passive Scanning"
Announcements
- We're hiring! - Visit the Tenable website for more information about open positions.
- Check out our video channel on YouTube which contains new Nessus, PVS, and SecurityCenter tutorials.
- Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make product and company announcements, provide Nessus plugin statistics, and more!
- Want to ask questions about Nessus, PVS, SecurityCenter, and LCE, and get answers from the experts at Tenable? Join the Tenable Discussions Forum for custom scripts, announcements, and more!
- You can subscribe to the Tenable Network Security Podcast on iTunes!
Discussion & Highlighted Plugins
This week, Carlos and I discussed the Passive Vulnerability Scanner's ability to detect client-side and embedded device vulnerabilities. We also covered Ron's presentation https://discussions.nessus.org/docs/DOC-1051 on using Tenable products to detect malware. We highlighted how PVS can search the files being hosted and search the DNS names hosts are accessing to detect common malware. We also covered how to pull information from different sources and use correlation to alert on the events you will care about.
Nessus
General
- Flash Player for Mac <= 11.7.700.252 / 11.9.900.152 Multiple Vulnerabilities (APSB13-28)
- Adobe AIR for Mac <= 3.9.0.1210 Multiple Vulnerabilities (APSB13-28)
- Flash Player <= 11.7.700.252 / 11.9.900.152 Multiple Vulnerabilities (APSB13-28)
- Adobe AIR <= AIR 3.9.0.1210 Multiple Vulnerabilities (APSB13-28)
- SeaMonkey < 2.23 Multiple Vulnerabilities
- Mozilla Thunderbird < 24.2 Multiple Vulnerabilities
- Firefox < 26.0 Multiple Vulnerabilities
- Firefox ESR 24.x < 24.2 Multiple Vulnerabilities
- Thunderbird < 24.2 Multiple Vulnerabilities (Mac OS X)
- Firefox < 26.0 Multiple Vulnerabilities (Mac OS X)
- Firefox ESR 24.x < 24.2 Multiple Vulnerabilities (Mac OS X)
- Shockwave Player <= 12.0.6.147 Memory Corruptions (APSB13-29)
- VMware Player 5.x < 5.0.3 LGTOSYNC.SYS Guest Privilege Escalation (VMSA-2013-0014)
- VMware Fusion 5.x < 5.0.4 LGTOSYNC.SYS Privilege Escalation (VMSA-2013-0014)
- IBM WebSphere Application Server 8.5 < Fix Pack 8.5.5.1 Multiple Vulnerabilities
- Google Chrome < 31.0.1650.63 Multiple Vulnerabilities (Mac OS X)
- Google Chrome < 31.0.1650.63 Multiple Vulnerabilities
- ManageEngine Desktop Central Default Administrator Credentials
- ManageEngine Desktop Central AgentLogUploadServlet Arbitrary File Upload
- ManageEngine Desktop Central AgentLogUploadServlet Arbitrary File Upload (intrusive check)
- ManageEngine Desktop Central Detection
- Jenkins Accessible without Credentials
- VMSA-2013-0014 : VMware Workstation, Fusion, ESXi and ESX patches address a guest privilege escalation
- Atlassian Confluence < 4.3.7 Multiple Vulnerabilities
- Monitorix Built-in HTTP Server Remote Command Execution
Passive Vulnerability Scanner
Note: Passive Vulnerability Scanner (PVS) is now Nessus Network Monitor. To learn more about this application and its latest capabilities, visit the Nessus Network Monitor web page.
Vulnerability Detection
- Amazon Silk Web Browser Detection
- OpenSSL < 0.9.8x / < 1.0.0j / < 1.0.1c Remote Denial of Service Vulnerability
- Bitcoin Client Detection (Stratum)
- Bitcoin Client Detection (JSON/RPC)
- Bitcoin Client Detection (Bitcoin Protocol)
- UPNP Traffic Detection (Client)
- Google Chrome < 31.0.1650.63 Multiple Vulnerabilities
- Google Chrome < 31.0.1650.57 Multiple Remote Code Execution Vulnerabilities
- Google Chrome < 31.0.1650.48 Multiple Vulnerabilities
- Apple Deployed Software Version Detection
- Apple iOS 7.x < 7.0.4 Purchases Authentication Bypass
- Apple iOS 7.x < 7.0.3 Multiple Vulnerabilities
- Apple iOS 7.x < 7.0.2 Multiple Vulnerabilities
- Opera Web Browser Version Detection
- Opera < 18.0 Multiple Unspecified Vulnerabilities
- Innominate Security Technologies mGuard SCADA Security Device Detection
- Advantech Embedded Controller Detection
SecurityCenter Apps
Security News Stories
- Important Security Update for D-Link Routers | Krebs on Security
- GCC Poison | Leaf Security Research
- Mobile Device Tips, Tricks and Resources
- How to find out if your password has been stolen | ZDNet
- Video: Installing PVS, the Passive Vulnerability Scanner
Related Articles
Cybersecurity Snapshot: North Korea’s Cyber Spies Hunt for Nuclear Secrets, as Online Criminals Ramp Up AI Use in the EU
July 26, 2024Check out a CISA-FBI advisory about North Korean cyber espionage on critical infrastructure orgs. Plus, what Europol found about the use of AI for cybercrime. Meanwhile, the risk concerns that healthcare leaders have about generative AI. And a poll on water plant cybersecurity. And much more!
Kinsing Malware Hides Itself as a Manual Page and Targets Cloud Servers
May 16, 2024Tenable Cloud Security Research Team has recently discovered that Kinsing malware, known for targeting Linux-based cloud infrastructures, exploits Apache Tomcat servers with new advanced stealth techniques. Explore our analysis and the indicators of compromise in this report.
Shifting the Paradigm: Why the Cyber Insurance Industry Should Focus on Preventive Security
May 13, 2024As claims and losses climb, it’s clear that preventive security should be prioritized more when designing a cyber insurance policy. Here’s why preventive security investments are cost effective and can lead to lower premiums.
Cybersecurity Snapshot: Many Employees Overshare Work Info with AI Tools, Report Finds, as ‘Cybersecurity Awareness Month’ Kicks Off
October 4, 2024Check out the best practices cyber agencies are promoting during Cybersecurity Awareness Month, as a report warns that staffers are feeding confidential info to AI tools. Meanwhile, a study highlights how business decisions can derail OT security. Plus, get the latest on Active Directory security, CISO salary trends and ransomware attacks!
How to Unlock Advanced IoT Visibility for Cyber-Physical Systems
October 1, 2024As the number of IoT devices deployed globally continues to rise, cyber-physical systems and business operations are exposed to greater risk. Improving asset visibility, monitoring and risk management are critical steps to preventing breaches.
Cybersecurity Snapshot: NIST Program Probes AI Cyber and Privacy Risks, as U.S. Gov’t Tackles Automotive IoT Threat from Russia, China
September 27, 2024A new NIST program will revise security frameworks like NIST’s CSF as AI risks intensify. Plus, the U.S. may ban cars with Russian and Chinese IoT components. Meanwhile, the CSA adds AI insights to its zero trust guide. And get the latest on cybersecurity budgets, SBOMs and the Ghost cybercrime platform!
- Malware
- Nessus Network Monitor
- Podcast