Lucene search
+L
QualysblogMost viewed

1097 matches found

Qualys Blog
Qualys Blog
added 2021/04/14 6:9 p.m.476 views

April 2021 Patch Tuesday – 108 Vulnerabilities, 19 Critical, Adobe

This month’s Microsoft Patch Tuesday addresses 108 vulnerabilities, of which 19 are rated critical severity and 88 are rated high severity. Adobe released patches for its Photoshop, Digital Editions, and Bridge products. CVE-2021-28310: Win32k Elevation of Privilege Vulnerability Microsoft releas...

10CVSS0.1AI score0.83214EPSS
Exploits4
Qualys Blog
Qualys Blog
added 2018/03/09 9:45 p.m.468 views

Cryptomining is all the rage among hackers, as DDoS amplification attacks continue

In this week’s InfoSec news review we’ll dive into cryptomining, get the latest on DDoS amplification, go over recent data breaches, and check out another vendor claiming it can crack iPhones. I, me, mine The freight train that’s cryptomining shows no sign of slowing down, and the cyber security...

10CVSS10AI score0.99999EPSS
Exploits44
Qualys Blog
Qualys Blog
added 2022/01/25 5:36 p.m.466 views

PwnKit: Local Privilege Escalation Vulnerability Discovered in polkit’s pkexec (CVE-2021-4034)

The Qualys Research Team has discovered a memory corruption vulnerability in polkits pkexec, a SUID-root program that is installed by default on every major Linux distribution. This easily exploited vulnerability allows any unprivileged user to gain full root privileges on a vulnerable host by...

7.2CVSS0.2AI score0.94921EPSS
Exploits152
Qualys Blog
Qualys Blog
added 2019/09/24 8:13 p.m.466 views

Microsoft Released Out-of-Band Security Updates – How to Detect and Remediate

Microsoft released an out-of-band update yesterday that fixes two critical vulnerabilities - The Internet Explorer remote code execution vulnerability CVE-2019-1367 and Microsoft Defender Denial of Service Vulnerability CVE-2019-1255. According to the Microsoft advisory CVE-2019-1367, the Interne...

7.6CVSS8.1AI score0.52729EPSS
Exploits0
Qualys Blog
Qualys Blog
added 2017/04/18 9:39 p.m.465 views

Oracle Plugs Struts and Shadow Brokers hole along with 299 Total Vulnerabilities

Today Oracle released a total of 299 new security fixes across all product families. It is important to note that it fixed 25 instances of the infamous Apache Struts vulnerability which could allow a remote attacker to take complete control of the server running Struts. The struts fix was applied...

10CVSS0.3AI score0.99999EPSS
Exploits53
Qualys Blog
Qualys Blog
added 2021/02/09 8:22 p.m.440 views

February 2021 Patch Tuesday – 56 Vulnerabilities, 11 Critical, Adobe

This month’s Microsoft Patch Tuesday addresses 56 vulnerabilities, of which 11 are rated as Critical. Adobe released patches today for Reader, Acrobat, Magento, Photoshop, Animate, Illustrator, and Dreamweaver. TCP/IP Trio Microsoft released a set of fixes affecting Windows TCP/IP implementation...

7.5CVSS1.3AI score0.8621EPSS
Exploits30
Qualys Blog
Qualys Blog
added 2023/01/16 11:46 a.m.439 views

Detection of Vulnerabilities in JavaScript Libraries

JavaScript is a popular programming language which is an integral component while developing interactive and dynamic web applications. It allows developers to create engaging and responsive user interfaces, handling complex web page elements, enhancing the overall functionality of the application...

5CVSS8.6AI score0.05664EPSS
Exploits1
Qualys Blog
Qualys Blog
added 2021/06/08 9:19 p.m.433 views

Microsoft & Adobe Patch Tuesday (June 2021) – Microsoft 50 Vulnerabilities with 5 Critical, Adobe 21 Critical Vulnerabilities

Microsoft Patch Tuesday – June 2021 Microsoft patched 50 CVEs in their June 2021 Patch Tuesday release, and five of them are rated as critical severity. Six have applicable exploits. Critical Microsoft Vulnerabilities Patched CVE-2021-31985 – Microsoft Defender Remote Code Execution Vulnerability...

9.3CVSS8.5AI score0.86132EPSS
Exploits77
Qualys Blog
Qualys Blog
added 2020/10/22 11:10 p.m.422 views

NSA Alert: Chinese State-Sponsored Actors Exploit Known Vulnerabilities

On October 20, 2020, the United States National Security Agency NSA released a cybersecurity advisory on Chinese state-sponsored malicious cyber activity. The NSA alert provided a list of 25 publicly known vulnerabilities that are known to be recently leveraged by cyber actors for various hacking...

10CVSS9.7AI score0.99999EPSS
Exploits573
Qualys Blog
Qualys Blog
added 2021/11/09 6:15 a.m.419 views

Qualys Response to CISA Alert: Binding Operational Directive 22-01

Start your VMDR 30-day, no-cost trial today Overview On November 3, 2021, the U.S. Cybersecurity and Infrastructure Security Agency CISA released a Binding Operational Directive 22-01, "Reducing the Significant Risk of Known Exploited Vulnerabilities." This directive recommends urgent and...

10CVSS8.5AI score0.99999EPSS
Exploits757
Qualys Blog
Qualys Blog
added 2021/05/04 2:10 p.m.415 views

21Nails: Multiple Critical Vulnerabilities in Exim Mail Server

Update May 7, 2021: Exim has released a security update to address multiple vulnerabilities in Exim versions prior to 4.94.2. See the CISA announcement. Original Post: The Qualys Research Team has discovered multiple critical vulnerabilities in the Exim mail server, some of the which can be chain...

9.3CVSS0.61664EPSS
Exploits6
Qualys Blog
Qualys Blog
added 2023/10/06 12:14 a.m.412 views

Curl 8.4.0 – Proactively Identifying Potential Vulnerable Assets

On Wednesday, October 4, 2023, the curl project maintainers announced pre-notification for curl version 8.4.0 to be released on October 11. This version will fix two new vulnerabilities with one high and one low-severity CVE. The prenotification stated that the high-severity issue is arguably the...

8.1AI score0.78483EPSS
Exploits6
Qualys Blog
Qualys Blog
added 2021/02/10 9:17 p.m.405 views

Expand Your Vulnerability & Patch Management Program to Mobile Devices with Qualys VMDR

As mobile devices have become ubiquitous in almost every business process, whether in bank branches, manufacturing sites or retail stores, they are now hosting business applications and data that is subject to regulatory compliance and security. With access to critical corporate resources inside...

6.8CVSS0.5AI score0.78808EPSS
Exploits34
Qualys Blog
Qualys Blog
added 2019/06/27 2:24 p.m.403 views

Qualys Cloud Platform (VM, PC) 8.20 New Features

This new release of the Qualys Cloud Platform VM, PC, version 8.20, includes several new features in Qualys Cloud Platform and additional support for multiple technologies in Qualys Policy Compliance. Feature Highlights Qualys Cloud Platform Configure Password Expiration Notification – Now users...

Exploits0
Qualys Blog
Qualys Blog
added 2018/11/13 6:46 p.m.402 views

November 2018 Patch Tuesday – 62 Vulns, TFTP Server RCE, Adobe PoC

This month's Patch Tuesday addresses 62 vulnerabilities, with 12 of them labeled as Critical. Out of the Criticals, 8 are for the Chakra Scripting Engine used by Microsoft Edge. A Remote Code Execution vulnerability in Windows Deployment Services' TFTP server is also addressed in this release...

10CVSS7.8AI score0.63294EPSS
Exploits0
Qualys Blog
Qualys Blog
added 2018/07/25 5:0 p.m.399 views

Staying Safe in the Era of Browser-based Cryptocurrency Mining

Qualys Malware Research Labs is announcing the release of Qualys BrowserCheck CoinBlocker Chrome extension to detect and block browser-based cryptocurrency mining, aka cryptojacking. Cryptojacking Cryptojacking attacks leverage the victim system’s resources via malicious JavaScript to mine certai...

7.5CVSS0.3AI score0.99993EPSS
Exploits46
Qualys Blog
Qualys Blog
added 2021/07/08 5:7 p.m.398 views

Kaseya REvil Ransomware Attack (CVE-2021-30116) – Automatically Discover and Prioritize Using Qualys VMDR®

On July 2, 2021, Kaseya announced its software had been compromised and was being used to attack the IT infrastructure of its customers. The REvil ransomware attack leveraged multiple zero-day vulnerabilities in Kaseya’s VSA Virtual System/Server Administrator product that helps Kaseya customers ...

7.5CVSS1AI score0.85619EPSS
Exploits1
Qualys Blog
Qualys Blog
added 2019/06/14 10:27 p.m.398 views

Exim MTA Vulnerability (The Return of the WIZard – CVE-2019-10149)

Last week, Qualys issued a security advisory for a vulnerability we discovered during a code review of Exim. This vulnerability can lead to Remote Command Injection, and is currently being actively attacked in the wild. This blog will show you how to quickly identify assets that are impacted by...

7.5CVSS1.3AI score0.99961EPSS
Exploits27
Qualys Blog
Qualys Blog
added 2023/04/19 11:47 a.m.394 views

Oracle Patch Tuesday April 2023 Security Update Review

Oracle has released the second quarterly edition of Critical Patch Update, which contains a group of patches for 433 security vulnerabilities. Some of the vulnerabilities addressed this month impact various products. These patches address vulnerabilities in Oracle code and third-party components...

7.5CVSS9.5AI score0.99677EPSS
Exploits132
Qualys Blog
Qualys Blog
added 2022/08/17 10:12 a.m.382 views

Atlassian Confluence: Questions for Confluence App Hardcoded Credentials Vulnerability (CVE-2022-26138)

Over the last few months, Atlassian Confluence has increasingly become a target for attackers. In June 2022, a critical severity OGNL Remote Code Execution vulnerability was disclosed CVE-2022-26134. More recently, CVE-2022-26138 was disclosed on social media platforms in July 2022. In...

7.5CVSS10AI score0.99999EPSS
Exploits77
Qualys Blog
Qualys Blog
added 2020/03/10 7:7 p.m.381 views

March 2020 Patch Tuesday – 115 Vulns, 26 Critical, Microsoft Word and Workstation Patches

This month’s Microsoft Patch Tuesday addresses 115 vulnerabilities with 26 of them labeled as Critical. Of the 26 Critical vulns, 17 are for browser and scripting engines, 4 are for Media Foundation, 2 are for GDI+ and the remaining 3 are for LNK files, Microsoft Word and Dynamics Business...

9.3CVSS0.7AI score0.9981EPSS
Exploits126
Qualys Blog
Qualys Blog
added 2021/05/11 9:53 p.m.379 views

Microsoft & Adobe Patch Tuesday (May 2021) – Qualys covers 85 Vulnerabilities, 26 Critical

Microsoft Patch Tuesday – May 2021 Microsoft patched 55 CVEs in their May 2021 Patch Tuesday release, of which 4 are rated as critical severity. Three 0-day vulnerability patches were included in the release. As of this publication date, none have been exploited. Qualys released 12 QIDs on the sa...

9.3CVSS0.99782EPSS
Exploits63
Qualys Blog
Qualys Blog
added 2021/07/20 12:55 p.m.374 views

CVE-2021-33910: Denial of Service (Stack Exhaustion) in systemd (PID 1)

The Qualys Research Team has discovered a stack exhaustion denial-of-service vulnerability in systemd, a near-ubiquitous utility available on major Linux operating systems. Any unprivileged user can exploit this vulnerability to crash systemd and hence the entire operating system a kernel panic...

7.2CVSS0.1AI score0.09729EPSS
Exploits7
Qualys Blog
Qualys Blog
added 2020/06/24 11:24 p.m.373 views

Ripple20: Multiple Vulnerabilities Identified in Treck TCP/IP Stack

Multiple vulnerabilities that use a low-level TCP/IP software library developed by Treck, Inc. were identified recently in implementations of the Treck IP stack for embedded systems. These vulnerabilities were discovered by the JSOF research lab and have been named Ripple20. Ripple20...

10CVSS1AI score0.36965EPSS
Exploits17
Qualys Blog
Qualys Blog
added 2017/08/02 3:27 p.m.367 views

Countdown to GDPR: Manage Vulnerabilities

If your organization needs a compelling reason for establishing or enhancing its vulnerability management program, circle this date in bold, red ink on your corporate calendar: May 25, 2018. On that day, the EU's General Data Protection Regulation GDPR goes into effect, intensifying the need for...

9.3CVSS0.3AI score0.91324EPSS
Exploits13
Qualys Blog
Qualys Blog
added 2022/02/08 10:35 p.m.349 views

Microsoft & Adobe Patch Tuesday (February 2022) – Microsoft 70 Vulnerabilities with 0 Critical; Adobe 17 Vulnerabilities with 5 Critical

Microsoft Patch Tuesday – February 2022 Microsoft addresses 70 vulnerabilities in their February 2022 Patch Tuesday release. While none of the vulnerabilities in this month’s Microsoft release cycle have been assigned as critical risk, several have been given a High risk rating CVSSv3.1 score of...

6.9CVSS0.4AI score0.16825EPSS
Exploits0
Qualys Blog
Qualys Blog
added 2021/01/12 8:1 p.m.346 views

January 2021 Patch Tuesday – 83 Vulnerabilities, 10 Critical, One Zero Day, Adobe

This month’s Microsoft Patch Tuesday addresses 83 vulnerabilities. The 10 Critical vulnerabilities cover Windows codecs, Office, HEVC video extensions, RPC runtime, and several other workstation vulnerabilities. Adobe released patches today for Photoshop, Campaign Classic, InCopy, Illustrator,...

7.2CVSS0.4AI score0.39653EPSS
Exploits1
Qualys Blog
Qualys Blog
added 2021/07/07 11:41 p.m.337 views

Analyzing the REvil Ransomware Attack

Over the past year, there has been a rise in extortion malware, e.g. Nefilim and Darkside, which steal and threaten to publish sensitive data or encrypt it until a ransom is paid. Nowadays, cybercriminals use various techniques to gain their initial foothold within a network in the organization...

7.5CVSS1AI score0.85619EPSS
Exploits1
Qualys Blog
Qualys Blog
added 2022/07/12 8:9 p.m.334 views

July 2022 Patch Tuesday | Microsoft Releases 84 Vulnerabilities with 4 Critical, plus 2 Microsoft Edge (Chromium-Based); Adobe Releases 4 Advisories, 27 Vulnerabilities with 18 Critical.

Microsoft Patch Tuesday Summary Microsoft has fixed 84 vulnerabilities aka flaws in the July 2022 update, including four 4 vulnerabilities classified as Critical as they allow Remote Code Execution RCE. This months Patch Tuesday cumulative Windows update includes the fix for one 1 actively...

9.3CVSS0.5AI score0.99374EPSS
Exploits64
Qualys Blog
Qualys Blog
added 2018/03/28 9:29 p.m.334 views

QID 86725 “F5 BIG-IP Load Balancer Internal IP Address Disclosure”

QID 86725 “F5 BIG-IP Load Balancer Internal IP Address Disclosure Vulnerability” will be marked as a PCI Fail as of May 1, 2018 in accordance with its CVSS score. F5 BIG IP encodes private IP addresses in the persistent cookies, which could be collected by the attacker and decoded back. The...

6.9AI score
Exploits0
Qualys Blog
Qualys Blog
added 2023/07/19 3:53 p.m.331 views

CVE-2023-38408: Remote Code Execution in OpenSSH’s forwarded ssh-agent

The Qualys Threat Research Unit TRU has discovered a remote code execution vulnerability in OpenSSHs forwarded ssh-agent. This vulnerability allows a remote attacker to potentially execute arbitrary commands on vulnerable OpenSSH’s forwarded ssh-agent. Given the widespread use of OpenSSH’s...

7.5CVSS9.1AI score0.76768EPSS
Exploits10
Qualys Blog
Qualys Blog
added 2017/11/14 7:37 p.m.328 views

November Patch Tuesday: 53 Vulnerabilities and a Massive Adobe Update

This November Patch Tuesday is moderate in volume and severity. Microsoft released patches to address 53 unique vulnerabilities, with 25 focused on Remote Code Execution fixes. Windows OS receives 14 patches, while the lion's share is focused on Browsers, Microsoft Office, and Adobe. According to...

9.3CVSS7.8AI score0.99945EPSS
Exploits48
Qualys Blog
Qualys Blog
added 2021/07/09 4:11 p.m.319 views

Qualys API Best Practices: Host List Detection API

Host List Detection is your subscriptions list of hosts and their corresponding up-to-date detections including: 1. Confirmed Vulnerability Detections 2. Potential Vulnerability Detections 3. Information Gathered Detections about your system After extracting Host List Detection vulnerability data...

0.1AI score
Exploits0
Qualys Blog
Qualys Blog
added 2019/01/22 8:6 p.m.314 views

Qualys Cloud Platform (VM, PC) 8.16 New Features

This new release of the Qualys Cloud Platform VM, PC, version 8.16, contains several new improvements in Qualys Vulnerability Management and Qualys Policy Compliance, which includes new password security option, increased limit for virtual hosts that can be added to a subscription, added support...

7.6AI score
Exploits0
Qualys Blog
Qualys Blog
added 2021/06/09 3:0 p.m.311 views

DarkSide Ransomware

DarkSide ransomware is a relatively new ransomware strain that threat actors have been using to target multiple large, high-revenue organizations resulting in the encryption and theft of sensitive data and threats to make it publicly available if the ransom demand is not paid. Because of its...

10CVSS0.4AI score0.96823EPSS
Exploits2
Qualys Blog
Qualys Blog
added 2019/04/09 6:50 p.m.308 views

April 2019 Patch Tuesday – 74 Vulns, 16 Critical, 2 Actively Attacked, 1 PoC Exploit, Adobe Vulns

This month's Patch Tuesday addresses 74 vulnerabilities, with 16 labeled as Critical. Eight of the Critical vulns are for scripting engines and browser components, impacting Microsoft browsers and Office, along with another 5 Critical vulns in MSXML. Two Critical remote code execution RCE...

9.3CVSS1.7AI score0.4523EPSS
Exploits47
Qualys Blog
Qualys Blog
added 2019/11/04 9:50 p.m.304 views

BlueKeep Attacks Observed Months after Initial Release

The BlueKeep vulnerability, initially released in May 2019, is currently being exploited in the wild. Cybersecurity researchers have spotted initial attacks of Bluekeep RDP vulnerability. Here's a reminder about BlueKeep and instructions for using Qualys to identify attacks and remediate this...

10CVSS1.3AI score0.99999EPSS
Exploits123
Qualys Blog
Qualys Blog
added 2021/03/23 7:19 p.m.300 views

Unified Dashboard Preview for Enhanced Security Visualization

Qualys has introduced the Unified Dashboard Framework UDF to enrich your dashboarding experience. Unified Dashboard UD brings information from all Qualys applications into a single place for visualization. UD adds a powerful new dashboarding framework to the Qualys Cloud Platform that will be...

0.2AI score
Exploits0
Qualys Blog
Qualys Blog
added 2018/04/19 11:0 p.m.296 views

The Sky Is Falling! Responding Rationally to Headline Vulnerabilities

It’s happening more and more. Gill Langston, a Qualys Director of Product Management, speaks at RSA Conference 2018 High profile vulnerabilities like Meltdown and Spectre are disclosed, and become headline-grabbing news not just in the technology press, but on general news outlets worldwide. Even...

10CVSS10AI score0.99999EPSS
Exploits44
Qualys Blog
Qualys Blog
added 2022/11/01 1:27 p.m.295 views

Why Is Snapshot Scanning Not Enough?

As new scanning technologies are released, their supposed superiority is touted over the others. The problem is, however, that there is no best scanning technology, all of them have strengths and limitations. If recent claims from several vendors are believed, a “best” scanning method called...

10CVSS10AI score0.99999EPSS
Exploits489
Qualys Blog
Qualys Blog
added 2022/08/08 9:54 p.m.294 views

A Deep Dive into VMDR 2.0 with Qualys TruRisk™

The old way of ranking vulnerabilities doesn’t work anymore. Instead, enterprise security teams need to rate the true risks to their business. In this blog, we examine each of the risk scores delivered by Qualys TruRisk, the criteria used to compute them, and how they can be used to prioritize...

6.4CVSS8.6AI score0.66023EPSS
Exploits4
Qualys Blog
Qualys Blog
added 2019/07/09 6:12 p.m.292 views

July 2019 Patch Tuesday – 77 Vulns, 15 Critical, DHCP RCE, Exploited PrivEsc, SQL, Adobe Vulns

This month’s Microsoft Patch Tuesday addresses 77 vulnerabilities with 15 of them labeled as Critical. Of the 15 Critical vulns, 11 are for scripting engines and browsers, with the remaining four covering DHCP Server, GDI+, .NET Framework, and Azure DevOps Server / Team Foundation Server. In...

7.8CVSS8.7AI score0.98745EPSS
Exploits7
Qualys Blog
Qualys Blog
added 2021/12/14 11:55 p.m.279 views

Log4Shell Exploit Detection and Response with Qualys Multi-Vector EDR

Author: Hiep Dang & Malware Threat Research Team On Dec 9, 2021, the world first learned about the Log4Shell vulnerability aka Log4J CVE-2021-44228 found in the Log4j2 library commonly used by Java applications. Since then, everyone in the cybersecurity industry has been scrambling to understand...

9.3CVSS10AI score0.99999EPSS
Exploits355
Qualys Blog
Qualys Blog
added 2025/07/16 2:55 p.m.272 views

Oracle Critical Patch Update, July 2025 Security Update Review

Oracle released its second quarterly edition of this year’s Critical Patch Update. The update received patches for 309 security vulnerabilities. Some of the vulnerabilities addressed in this update impact more than one product. These patches address vulnerabilities in various product families,...

10CVSS8.2AI score0.26049EPSS
Exploits5
Qualys Blog
Qualys Blog
added 2021/12/20 5:41 a.m.271 views

6 Ways to Quickly Detect a Log4Shell Exploit in Your Environment

In recent days, the cybersecurity industry has been rapidly assessing the full impact of the Log4Shell CVE-2021-44228 and CVE-2021-45046 vulnerability. Many organizations are quickly trying to figure out whether this vulnerability is within their environment, and where. The next question a securi...

9.3CVSS0.99999EPSS
Exploits357
Qualys Blog
Qualys Blog
added 2022/05/20 1:0 p.m.268 views

Put SecOps in the Driver’s Seat with Custom Assessment and Remediation

When zero-day threats emerge, time is of the essence. Security teams struggle to manage and respond to a range of challenges that often require custom approaches outside of existing vulnerability and security programs. Recently, many companies scrambled to mount their defenses against the Log4She...

9.3CVSS0.1AI score0.99999EPSS
Exploits355
Qualys Blog
Qualys Blog
added 2017/10/10 6:23 p.m.265 views

October Patch Tuesday: 28 Critical Microsoft Vulnerabilities

Today Microsoft released patches covering 62 vulnerabilities as part of October’s Patch Tuesday update, with 30 of them affecting Windows. Patches covering 28 of these vulnerabilities are labeled as Critical, and 33 can result in Remote Code Execution. According to Microsoft, a vulnerability in...

10CVSS8.5AI score0.81454EPSS
Exploits4
Qualys Blog
Qualys Blog
added 2022/10/25 9:55 p.m.264 views

CVE-2022-42889: Detect Text4Shell via Qualys Container Security

A new critical vulnerability CVE-2022-42889 Text4Shell in Apache Commons Text library was reported by Alvaro Muñoz. The vulnerability, when exploited could result in remote code execution RCE applied to untrusted input due to insecure interpolation defaults. As a result, this CVE is rated at CVSS...

1.6AI score0.99931EPSS
Exploits42
Qualys Blog
Qualys Blog
added 2021/12/28 6:0 p.m.262 views

Log4Shell – Follow This Multi-Layered Approach for Detection and Remediation

Since the Log4Shell vulnerability was first discovered, Qualys has analyzed and responded to the threat in a systematic way approaching it from all angles – detection, mitigation and remediation. Recognizing the challenge it poses to large enterprises, we recommend that organizations follow a...

9.3CVSS9.7AI score0.99999EPSS
Exploits355
Qualys Blog
Qualys Blog
added 2019/12/12 12:49 a.m.262 views

OpenBSD Local Privilege Escalation Vulnerability (CVE-2019-19726)

Qualys Research Labs discovered a local privilege escalation vulnerability in OpenBSD's dynamic loader. The vulnerability could allow local users or malicious software to gain full root privileges. OpenBSD developers have confirmed the vulnerability and released security patches in less than 3...

7.5CVSS1.4AI score0.03522EPSS
Exploits14
Total number of security vulnerabilities1097