1097 matches found
April 2021 Patch Tuesday – 108 Vulnerabilities, 19 Critical, Adobe
This month’s Microsoft Patch Tuesday addresses 108 vulnerabilities, of which 19 are rated critical severity and 88 are rated high severity. Adobe released patches for its Photoshop, Digital Editions, and Bridge products. CVE-2021-28310: Win32k Elevation of Privilege Vulnerability Microsoft releas...
Cryptomining is all the rage among hackers, as DDoS amplification attacks continue
In this week’s InfoSec news review we’ll dive into cryptomining, get the latest on DDoS amplification, go over recent data breaches, and check out another vendor claiming it can crack iPhones. I, me, mine The freight train that’s cryptomining shows no sign of slowing down, and the cyber security...
PwnKit: Local Privilege Escalation Vulnerability Discovered in polkit’s pkexec (CVE-2021-4034)
The Qualys Research Team has discovered a memory corruption vulnerability in polkits pkexec, a SUID-root program that is installed by default on every major Linux distribution. This easily exploited vulnerability allows any unprivileged user to gain full root privileges on a vulnerable host by...
Microsoft Released Out-of-Band Security Updates – How to Detect and Remediate
Microsoft released an out-of-band update yesterday that fixes two critical vulnerabilities - The Internet Explorer remote code execution vulnerability CVE-2019-1367 and Microsoft Defender Denial of Service Vulnerability CVE-2019-1255. According to the Microsoft advisory CVE-2019-1367, the Interne...
Oracle Plugs Struts and Shadow Brokers hole along with 299 Total Vulnerabilities
Today Oracle released a total of 299 new security fixes across all product families. It is important to note that it fixed 25 instances of the infamous Apache Struts vulnerability which could allow a remote attacker to take complete control of the server running Struts. The struts fix was applied...
February 2021 Patch Tuesday – 56 Vulnerabilities, 11 Critical, Adobe
This month’s Microsoft Patch Tuesday addresses 56 vulnerabilities, of which 11 are rated as Critical. Adobe released patches today for Reader, Acrobat, Magento, Photoshop, Animate, Illustrator, and Dreamweaver. TCP/IP Trio Microsoft released a set of fixes affecting Windows TCP/IP implementation...
Detection of Vulnerabilities in JavaScript Libraries
JavaScript is a popular programming language which is an integral component while developing interactive and dynamic web applications. It allows developers to create engaging and responsive user interfaces, handling complex web page elements, enhancing the overall functionality of the application...
Microsoft & Adobe Patch Tuesday (June 2021) – Microsoft 50 Vulnerabilities with 5 Critical, Adobe 21 Critical Vulnerabilities
Microsoft Patch Tuesday – June 2021 Microsoft patched 50 CVEs in their June 2021 Patch Tuesday release, and five of them are rated as critical severity. Six have applicable exploits. Critical Microsoft Vulnerabilities Patched CVE-2021-31985 – Microsoft Defender Remote Code Execution Vulnerability...
NSA Alert: Chinese State-Sponsored Actors Exploit Known Vulnerabilities
On October 20, 2020, the United States National Security Agency NSA released a cybersecurity advisory on Chinese state-sponsored malicious cyber activity. The NSA alert provided a list of 25 publicly known vulnerabilities that are known to be recently leveraged by cyber actors for various hacking...
Qualys Response to CISA Alert: Binding Operational Directive 22-01
Start your VMDR 30-day, no-cost trial today Overview On November 3, 2021, the U.S. Cybersecurity and Infrastructure Security Agency CISA released a Binding Operational Directive 22-01, "Reducing the Significant Risk of Known Exploited Vulnerabilities." This directive recommends urgent and...
21Nails: Multiple Critical Vulnerabilities in Exim Mail Server
Update May 7, 2021: Exim has released a security update to address multiple vulnerabilities in Exim versions prior to 4.94.2. See the CISA announcement. Original Post: The Qualys Research Team has discovered multiple critical vulnerabilities in the Exim mail server, some of the which can be chain...
Curl 8.4.0 – Proactively Identifying Potential Vulnerable Assets
On Wednesday, October 4, 2023, the curl project maintainers announced pre-notification for curl version 8.4.0 to be released on October 11. This version will fix two new vulnerabilities with one high and one low-severity CVE. The prenotification stated that the high-severity issue is arguably the...
Expand Your Vulnerability & Patch Management Program to Mobile Devices with Qualys VMDR
As mobile devices have become ubiquitous in almost every business process, whether in bank branches, manufacturing sites or retail stores, they are now hosting business applications and data that is subject to regulatory compliance and security. With access to critical corporate resources inside...
Qualys Cloud Platform (VM, PC) 8.20 New Features
This new release of the Qualys Cloud Platform VM, PC, version 8.20, includes several new features in Qualys Cloud Platform and additional support for multiple technologies in Qualys Policy Compliance. Feature Highlights Qualys Cloud Platform Configure Password Expiration Notification – Now users...
November 2018 Patch Tuesday – 62 Vulns, TFTP Server RCE, Adobe PoC
This month's Patch Tuesday addresses 62 vulnerabilities, with 12 of them labeled as Critical. Out of the Criticals, 8 are for the Chakra Scripting Engine used by Microsoft Edge. A Remote Code Execution vulnerability in Windows Deployment Services' TFTP server is also addressed in this release...
Staying Safe in the Era of Browser-based Cryptocurrency Mining
Qualys Malware Research Labs is announcing the release of Qualys BrowserCheck CoinBlocker Chrome extension to detect and block browser-based cryptocurrency mining, aka cryptojacking. Cryptojacking Cryptojacking attacks leverage the victim system’s resources via malicious JavaScript to mine certai...
Kaseya REvil Ransomware Attack (CVE-2021-30116) – Automatically Discover and Prioritize Using Qualys VMDR®
On July 2, 2021, Kaseya announced its software had been compromised and was being used to attack the IT infrastructure of its customers. The REvil ransomware attack leveraged multiple zero-day vulnerabilities in Kaseya’s VSA Virtual System/Server Administrator product that helps Kaseya customers ...
Exim MTA Vulnerability (The Return of the WIZard – CVE-2019-10149)
Last week, Qualys issued a security advisory for a vulnerability we discovered during a code review of Exim. This vulnerability can lead to Remote Command Injection, and is currently being actively attacked in the wild. This blog will show you how to quickly identify assets that are impacted by...
Oracle Patch Tuesday April 2023 Security Update Review
Oracle has released the second quarterly edition of Critical Patch Update, which contains a group of patches for 433 security vulnerabilities. Some of the vulnerabilities addressed this month impact various products. These patches address vulnerabilities in Oracle code and third-party components...
Atlassian Confluence: Questions for Confluence App Hardcoded Credentials Vulnerability (CVE-2022-26138)
Over the last few months, Atlassian Confluence has increasingly become a target for attackers. In June 2022, a critical severity OGNL Remote Code Execution vulnerability was disclosed CVE-2022-26134. More recently, CVE-2022-26138 was disclosed on social media platforms in July 2022. In...
March 2020 Patch Tuesday – 115 Vulns, 26 Critical, Microsoft Word and Workstation Patches
This month’s Microsoft Patch Tuesday addresses 115 vulnerabilities with 26 of them labeled as Critical. Of the 26 Critical vulns, 17 are for browser and scripting engines, 4 are for Media Foundation, 2 are for GDI+ and the remaining 3 are for LNK files, Microsoft Word and Dynamics Business...
Microsoft & Adobe Patch Tuesday (May 2021) – Qualys covers 85 Vulnerabilities, 26 Critical
Microsoft Patch Tuesday – May 2021 Microsoft patched 55 CVEs in their May 2021 Patch Tuesday release, of which 4 are rated as critical severity. Three 0-day vulnerability patches were included in the release. As of this publication date, none have been exploited. Qualys released 12 QIDs on the sa...
CVE-2021-33910: Denial of Service (Stack Exhaustion) in systemd (PID 1)
The Qualys Research Team has discovered a stack exhaustion denial-of-service vulnerability in systemd, a near-ubiquitous utility available on major Linux operating systems. Any unprivileged user can exploit this vulnerability to crash systemd and hence the entire operating system a kernel panic...
Ripple20: Multiple Vulnerabilities Identified in Treck TCP/IP Stack
Multiple vulnerabilities that use a low-level TCP/IP software library developed by Treck, Inc. were identified recently in implementations of the Treck IP stack for embedded systems. These vulnerabilities were discovered by the JSOF research lab and have been named Ripple20. Ripple20...
Countdown to GDPR: Manage Vulnerabilities
If your organization needs a compelling reason for establishing or enhancing its vulnerability management program, circle this date in bold, red ink on your corporate calendar: May 25, 2018. On that day, the EU's General Data Protection Regulation GDPR goes into effect, intensifying the need for...
Microsoft & Adobe Patch Tuesday (February 2022) – Microsoft 70 Vulnerabilities with 0 Critical; Adobe 17 Vulnerabilities with 5 Critical
Microsoft Patch Tuesday – February 2022 Microsoft addresses 70 vulnerabilities in their February 2022 Patch Tuesday release. While none of the vulnerabilities in this month’s Microsoft release cycle have been assigned as critical risk, several have been given a High risk rating CVSSv3.1 score of...
January 2021 Patch Tuesday – 83 Vulnerabilities, 10 Critical, One Zero Day, Adobe
This month’s Microsoft Patch Tuesday addresses 83 vulnerabilities. The 10 Critical vulnerabilities cover Windows codecs, Office, HEVC video extensions, RPC runtime, and several other workstation vulnerabilities. Adobe released patches today for Photoshop, Campaign Classic, InCopy, Illustrator,...
Analyzing the REvil Ransomware Attack
Over the past year, there has been a rise in extortion malware, e.g. Nefilim and Darkside, which steal and threaten to publish sensitive data or encrypt it until a ransom is paid. Nowadays, cybercriminals use various techniques to gain their initial foothold within a network in the organization...
July 2022 Patch Tuesday | Microsoft Releases 84 Vulnerabilities with 4 Critical, plus 2 Microsoft Edge (Chromium-Based); Adobe Releases 4 Advisories, 27 Vulnerabilities with 18 Critical.
Microsoft Patch Tuesday Summary Microsoft has fixed 84 vulnerabilities aka flaws in the July 2022 update, including four 4 vulnerabilities classified as Critical as they allow Remote Code Execution RCE. This months Patch Tuesday cumulative Windows update includes the fix for one 1 actively...
QID 86725 “F5 BIG-IP Load Balancer Internal IP Address Disclosure”
QID 86725 “F5 BIG-IP Load Balancer Internal IP Address Disclosure Vulnerability” will be marked as a PCI Fail as of May 1, 2018 in accordance with its CVSS score. F5 BIG IP encodes private IP addresses in the persistent cookies, which could be collected by the attacker and decoded back. The...
CVE-2023-38408: Remote Code Execution in OpenSSH’s forwarded ssh-agent
The Qualys Threat Research Unit TRU has discovered a remote code execution vulnerability in OpenSSHs forwarded ssh-agent. This vulnerability allows a remote attacker to potentially execute arbitrary commands on vulnerable OpenSSH’s forwarded ssh-agent. Given the widespread use of OpenSSH’s...
November Patch Tuesday: 53 Vulnerabilities and a Massive Adobe Update
This November Patch Tuesday is moderate in volume and severity. Microsoft released patches to address 53 unique vulnerabilities, with 25 focused on Remote Code Execution fixes. Windows OS receives 14 patches, while the lion's share is focused on Browsers, Microsoft Office, and Adobe. According to...
Qualys API Best Practices: Host List Detection API
Host List Detection is your subscriptions list of hosts and their corresponding up-to-date detections including: 1. Confirmed Vulnerability Detections 2. Potential Vulnerability Detections 3. Information Gathered Detections about your system After extracting Host List Detection vulnerability data...
Qualys Cloud Platform (VM, PC) 8.16 New Features
This new release of the Qualys Cloud Platform VM, PC, version 8.16, contains several new improvements in Qualys Vulnerability Management and Qualys Policy Compliance, which includes new password security option, increased limit for virtual hosts that can be added to a subscription, added support...
DarkSide Ransomware
DarkSide ransomware is a relatively new ransomware strain that threat actors have been using to target multiple large, high-revenue organizations resulting in the encryption and theft of sensitive data and threats to make it publicly available if the ransom demand is not paid. Because of its...
April 2019 Patch Tuesday – 74 Vulns, 16 Critical, 2 Actively Attacked, 1 PoC Exploit, Adobe Vulns
This month's Patch Tuesday addresses 74 vulnerabilities, with 16 labeled as Critical. Eight of the Critical vulns are for scripting engines and browser components, impacting Microsoft browsers and Office, along with another 5 Critical vulns in MSXML. Two Critical remote code execution RCE...
BlueKeep Attacks Observed Months after Initial Release
The BlueKeep vulnerability, initially released in May 2019, is currently being exploited in the wild. Cybersecurity researchers have spotted initial attacks of Bluekeep RDP vulnerability. Here's a reminder about BlueKeep and instructions for using Qualys to identify attacks and remediate this...
Unified Dashboard Preview for Enhanced Security Visualization
Qualys has introduced the Unified Dashboard Framework UDF to enrich your dashboarding experience. Unified Dashboard UD brings information from all Qualys applications into a single place for visualization. UD adds a powerful new dashboarding framework to the Qualys Cloud Platform that will be...
The Sky Is Falling! Responding Rationally to Headline Vulnerabilities
It’s happening more and more. Gill Langston, a Qualys Director of Product Management, speaks at RSA Conference 2018 High profile vulnerabilities like Meltdown and Spectre are disclosed, and become headline-grabbing news not just in the technology press, but on general news outlets worldwide. Even...
Why Is Snapshot Scanning Not Enough?
As new scanning technologies are released, their supposed superiority is touted over the others. The problem is, however, that there is no best scanning technology, all of them have strengths and limitations. If recent claims from several vendors are believed, a “best” scanning method called...
A Deep Dive into VMDR 2.0 with Qualys TruRisk™
The old way of ranking vulnerabilities doesn’t work anymore. Instead, enterprise security teams need to rate the true risks to their business. In this blog, we examine each of the risk scores delivered by Qualys TruRisk, the criteria used to compute them, and how they can be used to prioritize...
July 2019 Patch Tuesday – 77 Vulns, 15 Critical, DHCP RCE, Exploited PrivEsc, SQL, Adobe Vulns
This month’s Microsoft Patch Tuesday addresses 77 vulnerabilities with 15 of them labeled as Critical. Of the 15 Critical vulns, 11 are for scripting engines and browsers, with the remaining four covering DHCP Server, GDI+, .NET Framework, and Azure DevOps Server / Team Foundation Server. In...
Log4Shell Exploit Detection and Response with Qualys Multi-Vector EDR
Author: Hiep Dang & Malware Threat Research Team On Dec 9, 2021, the world first learned about the Log4Shell vulnerability aka Log4J CVE-2021-44228 found in the Log4j2 library commonly used by Java applications. Since then, everyone in the cybersecurity industry has been scrambling to understand...
Oracle Critical Patch Update, July 2025 Security Update Review
Oracle released its second quarterly edition of this year’s Critical Patch Update. The update received patches for 309 security vulnerabilities. Some of the vulnerabilities addressed in this update impact more than one product. These patches address vulnerabilities in various product families,...
6 Ways to Quickly Detect a Log4Shell Exploit in Your Environment
In recent days, the cybersecurity industry has been rapidly assessing the full impact of the Log4Shell CVE-2021-44228 and CVE-2021-45046 vulnerability. Many organizations are quickly trying to figure out whether this vulnerability is within their environment, and where. The next question a securi...
Put SecOps in the Driver’s Seat with Custom Assessment and Remediation
When zero-day threats emerge, time is of the essence. Security teams struggle to manage and respond to a range of challenges that often require custom approaches outside of existing vulnerability and security programs. Recently, many companies scrambled to mount their defenses against the Log4She...
October Patch Tuesday: 28 Critical Microsoft Vulnerabilities
Today Microsoft released patches covering 62 vulnerabilities as part of October’s Patch Tuesday update, with 30 of them affecting Windows. Patches covering 28 of these vulnerabilities are labeled as Critical, and 33 can result in Remote Code Execution. According to Microsoft, a vulnerability in...
CVE-2022-42889: Detect Text4Shell via Qualys Container Security
A new critical vulnerability CVE-2022-42889 Text4Shell in Apache Commons Text library was reported by Alvaro Muñoz. The vulnerability, when exploited could result in remote code execution RCE applied to untrusted input due to insecure interpolation defaults. As a result, this CVE is rated at CVSS...
Log4Shell – Follow This Multi-Layered Approach for Detection and Remediation
Since the Log4Shell vulnerability was first discovered, Qualys has analyzed and responded to the threat in a systematic way approaching it from all angles – detection, mitigation and remediation. Recognizing the challenge it poses to large enterprises, we recommend that organizations follow a...
OpenBSD Local Privilege Escalation Vulnerability (CVE-2019-19726)
Qualys Research Labs discovered a local privilege escalation vulnerability in OpenBSD's dynamic loader. The vulnerability could allow local users or malicious software to gain full root privileges. OpenBSD developers have confirmed the vulnerability and released security patches in less than 3...