Bad Tenable plugin updates take down Nessus agents worldwide

Latest News on Tenable Plugin Update Issues and Nessus Agents Downtime

Tenable Nessus Agent 10.8.0 and 10.8.1 Downtime Issue:
As of January 3, 2025, Tenable has identified a known issue that can cause Tenable Nessus Agent versions 10.8.0 and 10.8.1 to go offline when a differential plugin update is triggered1. To mitigate this issue, Tenable has disabled plugin feed updates for these versions and has recommended that users either upgrade to version 10.8.2 or downgrade to version 10.7.3.

Upgrade Instructions:

1. Upgrade to 10.8.2:

   • Use the following script to reset and upgrade the agent plugins:

     systemctl stop nessusagent && /opt/nessus_agent/sbin/nessuscli plugins --reset && systemctl start nessusagent
     

   • Alternatively, manually reset and upgrade the agent plugins by stopping the agent service, running nessuscli plugins --reset, and then starting the agent service1.

2. Downgrade to 10.7.3:

   • Update your agent profiles to use version 10.7.3.
   • Follow the same steps as above for manual plugin reset and service restart1.

Incident Response for Tenable 2023

While the specific incident response details for Tenable in 2023 are not provided in the recent news sources, general best practices for incident response in a Tenable environment include:

1. Monitoring: Continuously monitor your Tenable setup for any anomalies or issues.
2. Patch Management: Regularly apply patches and updates to ensure you have the latest security fixes.
3. Configuration Management: Maintain accurate and up-to-date configurations of your Tenable agents and servers.
4. Documentation: Keep detailed documentation of your setup, including agent versions, configurations, and any known issues.

For more specific guidance on incident response, refer to Tenable's official documentation and support resources.

Additional Context

• Tenable Vulnerability Management: Tenable has introduced a new sensor domain (sensor.cloud.tenable.com) for improved security and scalability. Agents must communicate with this domain to ensure proper functionality1.
• Cybersecurity Landscape: The demand for robust cybersecurity solutions continues to grow as cyber threats evolve rapidly. SIEM systems remain critical tools in managing these threats2.

By following these steps and maintaining a proactive approach to patch management and configuration, organizations can minimize downtime and ensure the integrity of their Tenable setup.