Tenable Releases Plugins for Critical Windows CryptoAPI Vulnerability

Written by Customer Service on . Posted in Public Companies.

COLUMBIA, Md., Jan. 15, 2020 (GLOBE NEWSWIRE) — Tenable®, Inc., the Cyber Exposure company, has released plugins for CVE-2020-0601, a critical vulnerability in the cryptographic library used in Windows 10 and Windows Server 2016/2019. The flaw would allow attackers to deliver malicious code that appears to be from a trusted entity.
The vulnerability, which was disclosed by the National Security Agency (NSA), reportedly bypasses Windows’ capability to verify cryptographic trust, which would enable an attacker to pass malicious applications off as legitimate, trusted code.“This vulnerability, and the attention it’s received from various government agencies, is unprecedented. It calls into question our very trust in today’s digital world — the trust that our encoded communications are secure,” said Renaud Deraison, co-founder and CTO, Tenable. “We implore organizations to patch their systems immediately.”Microsoft has released software updates to address CVE-2020-0601. Tenable urges customers to apply updates immediately. A list of Tenable plugins to identify CVE-2020-0601 is available here.Additional Resources:
Read the Tenable Research Blog Post
Register for the webinar on Thursday, January 16 at 11 AM ETAbout TenableTenable®, Inc. is the Cyber Exposure company. Over 27,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. As the creator of Nessus®, Tenable extended its expertise in vulnerabilities to deliver the world’s first platform to see and secure any digital asset on any computing platform. Tenable customers include more than 50 percent of the Fortune 500, more than 25 percent of the Global 2000 and large government agencies. Learn more at www.tenable.com.Contact Information:
Cayla Baker
Tenable
tenablepr@tenable.com
443-545-2102, x 1544

Disclaimer & Cookie Notice

Welcome to GOLDEA services for Professionals

Before you continue, please confirm the following:

Professional advisers only

I am a professional adviser and would like to visit the GOLDEA CAPITAL for Professionals website.

Cookie Notice

We use cookies to improve your experience on our website

Information we collect about your use of Goldea Capital website

Goldea Capital website collects personal data about visitors to its website.

When someone visits our websites, we use a third party service, Google Analytics, to collect standard internet log information (such as IP address and type of browser they’re using) and details of visitor behavior patterns. We do this to allow us to keep track of the number of visitors to the various parts of the sites and understand how our website is used. We do not make any attempt to find out the identities or nature of those visiting our websites. We won’t share your information with any other organizations for marketing, market research or commercial purposes and we don’t pass on your details to other websites.

Use of cookies
Cookies are small text files that are placed on your computer or other device by websites that you visit. They are widely used to make websites work, or work more efficiently, as well as to provide information to the owners of the site.