Qualys VMDR and TotalCloud™ Now Available on Oracle Cloud Marketplace

Key Takeaways Qualys VMDR and TotalCloud are now available on the Oracle Cloud Marketplace, simplifying procurement and deployment for Oracle Cloud Infrastructure OCI customers. Organizations can deploy security faster with native OCI integration and one-click provisioning. The combined platform...

EUVD-2024-33491

Malicious code in bioql PyPI...

Steps to TruRisk™ – 2: Measuring the Likelihood of Vulnerability Exploitation

Cybersecurity programs rely on various methods to measure the risk associated with vulnerabilities for prioritization, such as CVSS, EPSS, CISA KEV, or even internally developed systems that combine multiple approaches. While these methods help assess whether a specific vulnerability exists on an...

Award-winning Qualys Vulnerability and Compliance Solution now available on IBM zSystems & LinuxONE

Todays modern IBM mainframe is central to hybrid cloud environments, valued by two-thirds of the Fortune 100 as a highly secured platform for running mission-critical workloads. Not surprisingly, according to a recent IBM commissioned study by Celent, it is estimated that 70% of global bank cards...

Optimizing a Web Application Security Scan for bWAPP

Today almost all organizations have an online presence, with more information accessible at the click of a mouse, making customer experiences much more frictionless. Yet the delivery of great experiences also opens the door to potential hackers intent on compromising the website and its APIs...

Microsoft Released Out-of-Band Advisory – Windows Adobe Type Manager Library Remote Code Execution Vulnerability (ADV200006)

Today, Microsoft released an out-of-band security advisory ADV200006 to address two critical remote code execution vulnerabilities in Adobe Type Manager Library. Microsoft is also aware of limited, targeted attacks that attempt to leverage this vulnerability. The Vulnerability Microsoft Windows...

Top 10 Most Innovative Cybersecurity Companies After RSA 2020

The RSA Conference, the world's leading information security conference and exposition, held its 29th annual event in San Francisco last week. According to the organizers, over 36,000 attendees, 704 speakers, and 658 exhibitors gathered at the Moscone Center to discuss privacy, Machine Learning,...

New EOL QIDs for Microsoft Windows 7 and 2008/R2

Qualys Vulnerability Signature, version 2.4.815-2, will include EOL QIDs detections for end-of-life software for Windows 7, Windows 2008, and Windows 2008 R2. Customers will be able to scan the QIDs shown below using Qualys Vulnerability Management VM: QID 105859 - EOL/Obsolete Operating System:...

OpenBSD Multiple Authentication Vulnerabilities

Multiple authentication vulnerabilities in OpenBSD have been disclosed by Qualys Research Labs. The vulnerabilities are assigned following CVEs: CVE-2019-19522, CVE-2019-19521, CVE-2019-19520, CVE-2019-19519. OpenBSD developers have confirmed the vulnerabilities and also provided a quick response...

Petya Ransomware: What You Need to Know

On Tuesday, a variant of the ransomware "Petya" began propagating in several countries across Europe. This new variant leverages the EternalBlue exploit used in WannaCry, and also takes advantage of misconfigured permissions to spread throughout the network. EternalBlue is a leaked exploit...

The Shadow Brokers Release Zero Day Exploit Tools

On Friday, a hacker group known as The Shadow Brokers publicly released a large number of functional exploit tools. Several of these tools make use of zero-day vulnerabilities, most of which are in Microsoft Windows. Exploiting these vulnerabilities in many cases leads to remote code execution an...

Debian Security Advisory DSA 2506-1 (libapache-mod-security)

The remote host is missing an update to libapache-mod-security announced via advisory DSA 2506-1. OpenVAS Vulnerability Test $Id: deb25061.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2506-1 libapache-mod-security Authors: Thomas Reinke Copyright:...

[SECURITY] [DSA 2506-1] libapache-mod-security security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2506-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez July 02, 2012 http://www.debian.org/security/faq -...

Adobe Shockwave Player Remote Code Execution (CVE-2012-2029)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Qualys Vulnerability & Malware Research Labs VMRL http://www.dissect.pe Memory corruption when Adobe Shockwave Player parses .dir media file CVE-2012-2029 INTRODUCTION Adobe Shockwave Player is the Adobe plugin to many different browsers to view...