1089 matches found
The January 2023 Oracle Critical Patch Update
This Oracle Critical Patch Update contains a group of patches for multiple security vulnerabilities that address 327 new security patches. Some of the vulnerabilities addressed this month impact various products. These patches address vulnerabilities in Oracle code and in third-party components...
Detection of Vulnerabilities in JavaScript Libraries
JavaScript is a popular programming language which is an integral component while developing interactive and dynamic web applications. It allows developers to create engaging and responsive user interfaces, handling complex web page elements, enhancing the overall functionality of the application...
The January 2023 Patch Tuesday Security Update Review
As we enter the first second Tuesday of the year, it is noteworthy that both Microsoft and Adobe have released their latest security updates and fixes. We invite you to join us as we review and discuss the particulars of these essential security patches. Microsoft Patches for January 2023 Microso...
Driving CISA Compliance with Qualys
How CyberSecurity Asset Management with External Attack Surface Management Improves Compliance for the Protection of National Infrastructure Since 2018, the Cybersecurity and Infrastructure Security Agency CISA of the U.S. government has focused on reducing risk and building resilience to cyber a...
Implement Risk-Based Vulnerability Management with Qualys TruRisk™: Part 3
In this final blog of the series, we will discuss the importance of implementing effective risk-based remediation strategies to reduce the risk of vulnerabilities being exploited in your environment. In the earlier blogs, we covered how to operationalize Qualys TruRisk and to effectively visualiz...
BitRAT Now Sharing Sensitive Bank Data as a Lure
Introduction In June of 2022 Qualys Threat Research Unit TRU wrote an in-depth report on Redline, a commercial off the shelf infostealer that spreads via fake cracked software hosted on Discord’s content delivery network. Since then, we have continued to track similar threats to identify their...
Qualys Threat Research Unit: Threat Thursdays, December 2022
Welcome to the fourth edition of the Qualys Threat Research Unit’s TRU “Threat Research Thursday”, where we collect and curate notable new tools, techniques, procedures, threat intelligence, cybersecurity news, malware attacks, and more. This also happens to be the last edition for the year...
Implement Risk-Based Vulnerability Management with Qualys TruRisk™ : Part 2
This blog is a continuation of our first blog on implementing risk-based vulnerability management with Qualys TruRiskTM. In the first blog, we covered how to correctly tag and categorize assets for accurate risk assessment. Now that you have properly tagged your assets, Qualys TruRiskTM will...
The December 2022 Patch Tuesday Security Update Review
Welcome to the final second Tuesday of the year. As expected, Microsoft and Adobe have released their latest security updates and fixes. Take a break from your holiday preparations and join us as we review the details of the latest security patches. Microsoft Patches for December 2022 In this...
Dissecting the Empire C2 Framework
Introduction In this blog we will be taking a quick dive into Empire, a popular open-source post-exploitation framework. Empire provides an adversary with the capability to expand his foothold in a victim’s environment by leveraging hundreds of modules, RATs in multiple languages and stealthy C2...
Implement Risk-Based Vulnerability Management with Qualys TruRisk™ : Part 1
For today’s CISOs, managing cyber risk is Job 1 priority, and it’s a full-time concern. Security practitioners are spending a considerable amount of time responding to cybersecurity threats and finding ways to reduce risk from threats that are unknown. Earlier this year Qualys introduced Qualys...
The 9th Google Chrome Zero-Day Threat this Year – Again Just Before the Weekend
Google has released yet another security update for the Chrome desktop web browser to address a high-severity vulnerability that is being exploited in the wild. This is the ninth Chrome zero-day fixed this year by Google. This security bug CVE-2022-4262; QID 377804 is a Type Confusion vulnerabili...
Identify Server-Side Attacks Using Qualys Periscope
Qualys previously announced the introduction of Qualys Periscope in 2020. This technology allows Qualys Web Application Scanning WAS to detect out-of-band vulnerabilities such as server-side request forgery SSRF. Qualys Periscope provides confirmed detections for additional vulnerabilities, such ...
Effective Vulnerability Management with Stakeholder Specific Vulnerability Categorization (SSVC) and Qualys TruRisk
Security stakeholders across the globe have long relied on the Common Vulnerability Scoring System CVSS to prioritize vulnerabilities and assess their risk posture. The reason why the CVSS has become the standard for many security and vulnerability management teams alike is that this method is ea...
Snapd Race Condition Vulnerability in snap-confine’s must_mkdir_and_open_with_perms() (CVE-2022-3328)
The Qualys Threat Research Unit TRU has discovered a new vulnerability in snap-confine function on Linux operating systems, a SUID-root program installed by default on Ubuntu. Qualys recommends that security teams apply the patch for this vulnerability as soon as possible. In February 2022, Qualy...
Qualys Broadens Security Offerings for Oracle Cloud Infrastructure
As organizations increase their use of public cloud platforms, they encounter cloud-specific security and compliance threats, which can be challenging to address without the right tools and processes. Organizations’ cloud security difficulties lie in two main areas: Lack of visibility into their...
Don’t Spend Your Holiday Season Patching Chrome
As we come back from our Thanksgiving holidays, Google has released yet another security update for the Chrome desktop web browser to address a high-severity vulnerability that exists in the wild. This is the eighth Chrome zero-day fixed this year by Google. This security bug CVE-2022-4135; QID...
Ease Your Cybersecurity Maturity Model Certification Journey With Qualys
The Cybersecurity Maturity Model Certification CMMC is a cybersecurity training, certification, and assessment program from the United States Department of Defense DoD. CMMC is designed to provide increased assurance to the DoD that a contractor can adequately protect controlled unclassified...
QSC 2022: That’s a Wrap!
Over the years, the threat landscape has exploded, and bad actors have become increasingly sophisticated, making the demand for cloud security platforms - that save security teams time and increase efficiency - a must-have for every cyber arsenal. This was underscored last week at QSC 2022 Las...
QSC 2022: Listening to the Voice of the Customer
It would be redundant to state that today’s threat landscape is growing increasingly sophisticated and erratic. With all types of attacks becoming “commonplace,” the baseline for normal is abnormal. Bad actors are taking advantage of whatever attack vector they can whether that is a phishing...
QSC 2022: Qualys’ Threat Research Unit (TRU) – Our Shield Is Your Shield
Day two of QSC profiled the special launch of the Qualys Threat Research Unit, TRU. Taking the audience through a madcap tour of what the threat research unit is doing to provide intelligence and actionable insights into its census was Travis Smith, VP of Qualys Threat Research Unit. He dove deep...
QSC 2022 Day 1 Recap: Qualys Gives Organizations More Security in an Ever-Expanding Threat Landscape
The first day of Qualys’ annual security conference in Vegas was filled with a series of presentations by Qualys executives, product managers and customers’ stories about how they used the various security products. The keynotes given by Shark Tank celebrity businessman and CEO of Cyderes, Robert...
QSC 2022 Kickoff: Quantifying and Qualifying Digital Cyber Risks
Qualys’ annual security conference returned to a live-only event this week at the Venetian Hotel in Las Vegas, and the keynote addresses started things off on a very practical note… about selling coconuts, toasters, and carbon monoxide detectors. The first two keynotes featured speeches from both...
November 2022 Patch Tuesday | Microsoft Releases 65 New Vulnerabilities with 10 Critical; Adobe Releases Zero Advisories (for the first time in six years).
Microsoft Patch Tuesday Summary Microsoft has fixed 65 new vulnerabilities aka flaws in the November 2022 update, including ten 10 vulnerabilities classified as Critical as they allow Denial of Service DoS, Elevation of Privilege EoP, and Remote Code Execution RCE. This months Patch Tuesday...
Get Your Patch Tuesday Vulnerabilities Patched on Tuesday
Every IT person is familiar with Patch Tuesdays. It’s the time of the month where IT needs to put their daily work aside and prepare for patching their entire IT environment. However, for many organizations Patch Tuesday is not a single event that occurs as an isolated point in time. It typically...
OpenSSL Vulnerability Recap
Last week a CRITICAL vulnerability in OpenSSL was pre-announced to give organizations a head start in coming up with a playbook for how to address the highest severity OpenSSL vulnerability since Heartbleed in 2014. A lot of effort was put in by vendors and organizations alike to come up with a...
Why Is Snapshot Scanning Not Enough?
As new scanning technologies are released, their supposed superiority is touted over the others. The problem is, however, that there is no best scanning technology, all of them have strengths and limitations. If recent claims from several vendors are believed, a “best” scanning method called...
Introducing TotalCloud – Cloud Security Simplified
The shift of business applications and on-premises infrastructure to the cloud has resulted in cloud security teams needing to manage the cyber security risks across the workloads, cloud services, resources, users, and applications. Today, security teams must deal with a set of siloed...
Qualys Research Alert: OpenSSL 3.0.7 – What You Need To Know
On Tuesday, November 1, 2022, the OpenSSL project released a new version of OpenSSL with version 3.0.7. This update patches two buffer overflow vulnerabilities which can be triggered in X.509 certificate verification. These vulnerabilities only apply to OpenSSL 3.x. Both these vulnerabilities are...
Don’t spend another weekend patching Chrome
As we head into the weekend, Google has released an emergency security update for the Chrome desktop web browser to address a high-severity vulnerability known to be exploited in the wild. This is the seventh Chrome zero-day fixed this year by Google. This security bug CVE-2022-3723; QID 377721 i...
Chrome Zero Day – Just Before the Weekend (again)
As we head into the weekend, Google has released an emergency security update for the Chrome desktop web browser to address a high-severity vulnerability known to be exploited in the wild. This is the seventh Chrome zero-day fixed this year by Google. This security bug CVE-2022-3723; QID 377721 i...
Qualys Research Team: Threat Thursdays, October 2022
Welcome to the third edition of the Qualys Research Team’s “Threat Research Thursday”, where we collect and curate notable new tools, techniques, procedures, threat intelligence, cybersecurity news, malware attacks, and more. Feedback on our second edition, Qualys Threat Research Thursday, is mor...
Text4Shell: Detect, Prioritize and Remediate The Risk Across On-premise, Cloud, Container Environment Using Qualys Platform
On 2022-10-13, Apache Security Team disclosed a critical vulnerability with CVE-2022-42889 affecting the popular Apache Commons Text library. This vulnerability is popularly named “Text4Shell” which when exploited can allow an unauthenticated attacker to execute arbitrary code on the vulnerable...
Join Us November 7-10 for Qualys Security Conference 2022 Las Vegas!
Get ready for our annual event for cybersecurity professionals: Qualys Security Conference 2022 Las Vegas! This years theme is Get More Security which emphasizes simplifying security to drive better outcomes. At the event, you will experience two days of training followed by two days of keynotes,...
Fingerprinting Web Applications and APIs using Qualys Web Application Scanning
Decoding the impact of Fingerprinting Organizations develop an effective, actionable go-to-market plan to launch a profitable product into the target market. A go-to-market strategy predicts market demand by analyzing market research, competitor data, and previous examples. Without a solid...
Leeloo Multipath: Authorization bypass and symlink attack in multipathd (CVE-2022-41974 and CVE-2022-41973)
The Qualys Research Team has discovered two vulnerabilities in multipathd, the most important of which can be exploited for authorization bypass. Qualys recommends security teams apply patches for these vulnerabilities as soon as possible. The Qualys Research Team combined these two vulnerabiliti...
CVE-2022-42889: Detect Text4Shell via Qualys Container Security
A new critical vulnerability CVE-2022-42889 Text4Shell in Apache Commons Text library was reported by Alvaro Muñoz. The vulnerability, when exploited could result in remote code execution RCE applied to untrusted input due to insecure interpolation defaults. As a result, this CVE is rated at CVSS...
CISA BOD 23-01: Meeting and Exceeding CISA Requirements with Qualys
The latest Binding Operational Directive from the Cybersecurity and Infrastructure Security Agency CISA BOD 23-01 requires agencies to implement an essential cybersecurity practice within the next 6 months. While this new mandate impacts agencies directly, it also impacts their supply chain...
Not Your Average FIM: Why Customers Choose Qualys FIM
Choosing the right FIM solution is a crucial step for an organization. One should not need professional services just to onboard or manage. Traditional FIM solutions with legacy architecture are either too noisy or too hard to use. The market demands an intelligent FIM solution that is easy to...
Creating Awareness of External JavaScript Libraries in Web Applications
Qualys Web Application Scanning WAS routinely reviews and solicits customer feedback regarding vulnerabilities. This may be to enhance the detection or the detections reporting. Previously, all JavaScript libraries detected on an application are reported under the Information Gathering QID 150176...
Award-winning Qualys Vulnerability and Compliance Solution now available on IBM zSystems & LinuxONE
Todays modern IBM mainframe is central to hybrid cloud environments, valued by two-thirds of the Fortune 100 as a highly secured platform for running mission-critical workloads. Not surprisingly, according to a recent IBM commissioned study by Celent, it is estimated that 70% of global bank cards...
JSON Web Token (JWT) Weaknesses
JSON Web Tokens, or JWTs, are an encoded set of claims commonly seen in REST APIs and Single page web applications SPAs. These encoded claims are used to provide identification of the requester and other information related to accessing. It is a stateless mechanism, and the token is sent with eve...
October 2022 Patch Tuesday | Microsoft Releases 84 Vulnerabilities with 13 Critical, plus 12 Microsoft Edge (Chromium-Based); Adobe Releases 4 Advisories, 29 Vulnerabilities with 17 Critical.
Microsoft Patch Tuesday Summary Microsoft has fixed 84 vulnerabilities aka flaws in the October 2022 update, including 13 vulnerabilities classified as Critical as they allow Elevation of Privilege EoP, Remote Code Execution RCE, and Spoofing. This months Patch Tuesday fixes two 2 zero-day...
In-Depth Look Into Data-Driven Science Behind Qualys TruRisk
Vulnerability Management is a foundational component of any cybersecurity program for the implementation of appropriate security controls and the management of cyber risk. Earlier this year Qualys introduced the latest iteration of its vulnerability management product VMDR 2.0 with TruRisk which...
NSA Alert: Topmost CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors
On October 6, 2022, the United States National Security Agency NSA released a cybersecurity advisory on the Chinese government—officially known as the People’s Republic of China PRC states-sponsored cyber actors activity to seek national interests. These malicious cyber activities attributed to t...
Qualys Performance Tuning Series – Remove Stale Assets for Best Performance
As organizations transition to the cloud, their cloud environments and assets rapidly grow. Many of the assets within the cloud are ephemeral in nature, they exist for a few minutes, hours or days and then are terminated. These transitory assets pose a unique challenge from an asset and...
WhatsApp Fixed Critical Vulnerabilities that Could Let an Attacker Hack Devices Remotely – Automatically Discover and Remediate Using VMDR Mobile
WhatsApp has recently fixed critical and high-severity vulnerabilities affecting WhatsApp for Android, WhatsApp Business for Android, WhatsApp for iOS, and WhatsApp Business for iOS. Exploiting these vulnerabilities would be the first step of an attacker installing any malware on the device. In...
Qualys Response to ProxyNotShell Microsoft Exchange Server Zero-Day Threat Using Qualys Cloud Platform
On September 29, 2022, active attacks against Microsoft Exchange were reported by Vietnamese cybersecurity company GTSC. The researcher at GTSC reported two critical vulnerabilities now named “ProxyNotShell” in Microsoft Exchange Server via two advisories issued by Zero Day Initiative:...
Spelunking Your Qualys Data with Splunk
For the uninitiated, “spelunking” is the exploration of underground caves and caverns, and it’s not for the faint of heart. This increasingly popular sport involves walking, climbing, crawling, or zip-lining blindly into the dark abyss with only a headlamp… and spiders and bats for company. Lucki...
Qualys Threat Research Thursday
Welcome to the second edition of the Qualys Research Team’s “Threat Research Thursday”, where we collect and curate notable new tools, techniques, procedures, threat intelligence, cybersecurity news, malware attacks, and more. Feedback on our first edition, Introducing Qualys Threat Research...