Lucene search
K
QualysblogRecent

1089 matches found

Qualys Blog
Qualys Blog
added 2022/09/28 10:5 p.m.38 views

Remediate Your Vulnerable Lenovo Systems with Qualys Custom Assessment and Remediation

Lenovo disclosed Multi-Vendor BIOS Security Vulnerabilities in September 2022 that affect multiple Lenovo devices. These are high severity vulnerabilities that have the potential of resulting in information disclosure, privilege escalation, and denial of service. Here are the related CVEs:...

4.6CVSS1.9AI score0.00423EPSS
Exploits1
Qualys Blog
Qualys Blog
added 2022/09/28 6:43 p.m.29 views

Optimizing a Web Application Security Scan for bWAPP

Today almost all organizations have an online presence, with more information accessible at the click of a mouse, making customer experiences much more frictionless. Yet the delivery of great experiences also opens the door to potential hackers intent on compromising the website and its APIs...

7.9AI score
Exploits0
Qualys Blog
Qualys Blog
added 2022/09/27 5:13 p.m.13 views

Prepare Your Organization for Compliance with the NYDFS Cybersecurity Regulation

Cyberattacks are on the rise, with bad actors accelerating their nefarious exfiltration of valuable and confidential data from financial institutions, Federal agencies, healthcare organizations, and more. According to an IBM study, the Financial Services industry saw an increase in the cost of da...

1.2AI score
Exploits0
Qualys Blog
Qualys Blog
added 2022/09/20 9:8 p.m.22 views

Why Organizations Struggle with Patch Management (and What to Do about It)

The cybersecurity attack surface continues to grow exponentially. Modern technologies are being deployed on-premises and in the cloud as part of digital transformation journeys. Meanwhile, the current practice of identifying, classifying, prioritizing, and remediating vulnerabilities has become...

0.3AI score
Exploits0
Qualys Blog
Qualys Blog
added 2022/09/13 8:0 p.m.110 views

September 2022 Patch Tuesday | Microsoft Releases 63 Vulnerabilities with 5 Critical, plus 16 Microsoft Edge (Chromium-Based); Adobe Releases 7 Advisories, 63 Vulnerabilities with 35 Critical.

Microsoft Patch Tuesday Summary Microsoft has fixed 63 vulnerabilities aka flaws in the September 2022 update, including five 5 vulnerabilities classified as Critical as they allow Remote Code Execution RCE. This months Patch Tuesday fixes two 2 zero-day vulnerabilities, with one 1 actively...

7.2CVSS10AI score0.99174EPSS
Exploits46
Qualys Blog
Qualys Blog
added 2022/09/08 5:52 p.m.40 views

Let Smart Automation Reduce the Risk of Zero-Day Attacks on Third-Party Applications

Last week, Google released yet another zero-day patch for its Chrome browser to fix a high-severity flaw that was already being exploited. That vulnerability CVE-2022-3075 is the sixth actively exploited zero-day found in Chrome this year. While users are grateful for the urgent patch, it was...

9.6AI score0.0568EPSS
Exploits0
Qualys Blog
Qualys Blog
added 2022/09/07 10:24 p.m.38 views

Let Smart Automation Reduce the Risk of Zero-Day Attacks on Third-Party Applications

Last week, Google released yet another zero-day patch for its Chrome browser to fix a high-severity flaw that was already being exploited. That vulnerability CVE-2022-3075 is the sixth actively exploited zero-day found in Chrome this year. While users are grateful for the urgent patch, it was...

9.6AI score0.0568EPSS
Exploits0
Qualys Blog
Qualys Blog
added 2022/09/01 9:0 p.m.73 views

Introducing Qualys Threat Research Thursdays

Welcome to the first edition of the Qualys Research Team’s “Threat Research Thursday” where we collect and curate notable new tools, techniques, procedures, threat intelligence, cybersecurity news, malware attacks, and more. We will endeavor to issue these update reports regularly, as often as...

10CVSS9.3AI score0.9817EPSS
Exploits1
Qualys Blog
Qualys Blog
added 2022/08/31 9:14 p.m.24 views

An End-to-End Approach to Next-Gen Security for Web Applications & APIs

According to Verizon’s 2022 Data Breach Investigations Report, web applications remain both the top hacking vector and data breach pattern, accounting for roughly 70% of security incidents. This is because web applications are everywhere and easily probed for weaknesses. A vulnerability in any...

7AI score
Exploits0
Qualys Blog
Qualys Blog
added 2022/08/23 10:46 a.m.200 views

Mitigating the Risk of Zero-Day Vulnerabilities by using Compensating Controls

Zero-day vulnerability attacks have emerged as a major cybersecurity threat in the last few years. Organizations most often targeted include large enterprises and government/Federal agencies. However, any organization, regardless of its size, business, or industry, is a potential target for...

10CVSS0.2AI score0.99999EPSS
Exploits733
Qualys Blog
Qualys Blog
added 2022/08/22 1:0 p.m.13 views

Qualys VMDR Recognized as Best VM Solution by SC Awards 2022 & Leader by GigaOm

Qualys VMDR has been recognized for its commanding industry leadership by both the 2022 SC Awards and analyst firm GigaOm. SC Magazine has chosen Qualys VMDR as the winner of the Best Vulnerability Management Solution category in its SC Awards 2022. The SC Awards honors the best solutions in...

7.2AI score
Exploits0
Qualys Blog
Qualys Blog
added 2022/08/17 10:12 a.m.381 views

Atlassian Confluence: Questions for Confluence App Hardcoded Credentials Vulnerability (CVE-2022-26138)

Over the last few months, Atlassian Confluence has increasingly become a target for attackers. In June 2022, a critical severity OGNL Remote Code Execution vulnerability was disclosed CVE-2022-26134. More recently, CVE-2022-26138 was disclosed on social media platforms in July 2022. In...

7.5CVSS10AI score0.99999EPSS
Exploits76
Qualys Blog
Qualys Blog
added 2022/08/16 11:9 p.m.65 views

AsyncRAT C2 Framework: Overview, Technical Analysis & Detection

In this blog we describe the AsyncRAT C2 command & control Framework, which allows attackers to remotely monitor and control other computers over a secure encrypted link. We provide an overview of this threat, a technical analysis, and a method of detecting the malware using Qualys Multi-Vector...

8.2AI score
Exploits0
Qualys Blog
Qualys Blog
added 2022/08/15 3:0 p.m.27 views

Qualys Security Updates: Cloud Agent for Linux

The security and protection of our customers is of the utmost importance to Qualys, as is transparency whenever issues arise. A customer responsibly disclosed two scenarios related to the Qualys Cloud Agent: 1. For the first scenario, we added supplementary safeguards for signatures running on...

6.7AI score0.00369EPSS
Exploits0
Qualys Blog
Qualys Blog
added 2022/08/09 8:0 p.m.643 views

August 2022 Patch Tuesday | Microsoft Releases 121 Vulnerabilities with 17 Critical, plus 20 Microsoft Edge (Chromium-Based); Adobe Releases 5 Advisories, 25 Vulnerabilities with 15 Critical.

Microsoft Patch Tuesday Summary Microsoft has fixed 121 vulnerabilities aka flaws in the August 2022 update, including 17 vulnerabilities classified as Critical as they allow Elevation of Privilege EoP and Remote Code Execution RCE. This months Patch Tuesday fixes two 2 zero-day vulnerabilities,...

9.3CVSS0.2AI score0.99374EPSS
Exploits67
Qualys Blog
Qualys Blog
added 2022/08/09 5:45 p.m.77 views

Know Your ServiceNow and Qualys Integrations

If you are a current ServiceNow customer interested in cybersecurity, this blog is for you. If you are a Qualys customer who also uses ServiceNow, this blog is for you too. ServiceNow and Qualys have enjoyed a multi-year partnership, being two of the premier SaaS vendors covering the IT and...

1.2AI score
Exploits0
Qualys Blog
Qualys Blog
added 2022/08/08 9:54 p.m.284 views

A Deep Dive into VMDR 2.0 with Qualys TruRisk™

The old way of ranking vulnerabilities doesn’t work anymore. Instead, enterprise security teams need to rate the true risks to their business. In this blog, we examine each of the risk scores delivered by Qualys TruRisk, the criteria used to compute them, and how they can be used to prioritize...

6.4CVSS8.6AI score0.66023EPSS
Exploits4
Qualys Blog
Qualys Blog
added 2022/08/05 5:9 p.m.74 views

Qualys API Best Practices: CyberSecurity Asset Management API

The Qualys Security Blog’s API Best Practices Series is designed for Qualys customer programmers or stakeholders with a general knowledge of programming who want to implement best practices to improve development, design, and performance of their programs that use the Qualys API. For non-customer...

0.2AI score
Exploits0
Qualys Blog
Qualys Blog
added 2022/08/03 1:1 p.m.27 views

Introducing CyberSecurity Asset Management 2.0 with Natively Integrated External Attack Surface Management

Qualys is introducing Qualys CyberSecurity Asset Management 2.0, which now delivers natively integrated External Attack Surface Management EASM to enable Cybersecurity teams to identify any and all assets visible on the internet, including previously unknown assets and any potential security...

0.8AI score
Exploits0
Qualys Blog
Qualys Blog
added 2022/08/01 12:0 p.m.36 views

Here’s a Simple Script to Detect the Stealthy Nation-State BPFDoor

In this blog, the Qualys Research Team explains the mechanics of a Linux malware variant named BPFdoor. We then demonstrate the efficacy of Qualys Custom Assessment and Remediation to detect it, and Qualys Multi-Vector EDR to protect against it. BPFDoor is a Linux/Unix backdoor that allows threat...

7.8AI score
Exploits0
Qualys Blog
Qualys Blog
added 2022/07/29 5:54 p.m.34 views

New Qualys Research Report: Evolution of Quasar RAT

The Qualys Threat Research Team continues to inform enterprise cybersecurity teams of emerging threats that could impact their business. These threat intelligence reports summarize individual threat exploits and provide practical recommendations for protecting against them. In this free research...

0.2AI score
Exploits0
Qualys Blog
Qualys Blog
added 2022/07/28 11:0 a.m.33 views

Attack Surface Management: a Critical Pillar of Cybersecurity Asset Management

In their recent Innovation Insight for Attack Surface Management report, Gartner calls Attack Surface Management or “ASM”, for short the first pillar in a broader Exposure Management strategy. According to Gartner, ASM addresses the questions: What does my organization look like from an attacker’...

0.5AI score
Exploits0
Qualys Blog
Qualys Blog
added 2022/07/27 6:24 p.m.47 views

Join Qualys at Black Hat USA 2022!

Need to get more security? As a Titanium Sponsor of Black Hat USA 2022 Qualys will be located front and center in Booth 1320 on the show floor. Stop by and visit us to learn about our latest techniques, best practices, and solutions for risk-based vulnerability management, external attack surface...

7.3AI score
Exploits0
Qualys Blog
Qualys Blog
added 2022/07/26 11:0 a.m.27 views

Aflac Reduces Critical Vulnerabilities by 55% with Qualys VMDR 2.0 with TruRisk

The following is a guest blog by Aflac, a Qualys VMDR customer, on their recent experience completing a Proof of Concept project for the newly release VMDR 2.0 with Qualys TruRisk. About Aflac Aflac Inc. NYSE: AFL is an insurance leader and the largest provider of supplemental insurance in the...

0.5AI score
Exploits0
Qualys Blog
Qualys Blog
added 2022/07/25 2:33 p.m.50 views

Integrating JIRA to the Qualys Cloud Platform

This is the second in a blog series on integrations to the Qualys Cloud Platform. This post looks at what are the requirements to build a successful integration and workarounds when some of the pieces are missing functionality. We then specifically consider the question of integrated Qualys with...

0.4AI score
Exploits0
Qualys Blog
Qualys Blog
added 2022/07/20 8:46 p.m.13 views

Use Qualys ­­Flow to Automate Detection & Remediation with No-code Workflows

The threat landscape is rapidly and constantly evolving. New software vulnerabilities and service misconfigurations are discovered daily, and exploits targeting them are often released within hours. For effective security, pursuing the automation of both detection and remediation processes is...

1.1AI score
Exploits0
Qualys Blog
Qualys Blog
added 2022/07/12 8:9 p.m.332 views

July 2022 Patch Tuesday | Microsoft Releases 84 Vulnerabilities with 4 Critical, plus 2 Microsoft Edge (Chromium-Based); Adobe Releases 4 Advisories, 27 Vulnerabilities with 18 Critical.

Microsoft Patch Tuesday Summary Microsoft has fixed 84 vulnerabilities aka flaws in the July 2022 update, including four 4 vulnerabilities classified as Critical as they allow Remote Code Execution RCE. This months Patch Tuesday cumulative Windows update includes the fix for one 1 actively...

9.3CVSS0.5AI score0.99374EPSS
Exploits64
Qualys Blog
Qualys Blog
added 2022/07/11 8:2 p.m.33 views

About CMDB Sync Integration with Qualys CyberSecurity Asset Management

Welcome to the first in a new series of blog posts about Qualys integrations. This first blog in the series covers our integrations as they relate to CMDB Sync, which is a part of Qualys CyberSecurity Asset Management CSAM and has two versions. One version is for basic ServiceNow customers who ha...

0.5AI score
Exploits0
Qualys Blog
Qualys Blog
added 2022/07/11 1:0 p.m.30 views

How to Quickly Prioritize Risks with VMDR 2.0 and Orchestrate Response with CMDB & ITSM Integration

A single source of truth for asset inventory enables Cybersecurity and IT teams to optimally automate risk prioritization and response. Qualys VMDR 2.0 with TruRiskTM leverages Qualys CSAM to automate the Asset Criticality Score, a key parameter of risk scoring. This blog explains how with insigh...

0.3AI score
Exploits0
Qualys Blog
Qualys Blog
added 2022/06/29 8:23 p.m.62 views

Atlassian Confluence OGNL Injection Remote Code Execution (RCE) Vulnerability (CVE-2022-26134)

On June 02, 2022, Atlassian published a security advisory about a critical severity Unauthenticated Remote Code Execution vulnerability affecting Confluence Server and Data Center. According to the advisory, the vulnerability is being actively exploited and Confluence Server and Data Center...

7.5CVSS10AI score0.99999EPSS
Exploits75
Qualys Blog
Qualys Blog
added 2022/06/22 9:23 p.m.80 views

Risk-based Remediation Powered by Patch Management in Qualys VMDR 2.0

According to the recently released Verizon DBIR report, vulnerability exploitation continued to be one of the top three attack vectors exploited by bad actors in 2021 to break into organizations. As of this writing, it’s only June, but more than 10,000 vulnerabilities have already been disclosed ...

7.5CVSS0.5AI score0.99999EPSS
Exploits63
Qualys Blog
Qualys Blog
added 2022/06/21 1:20 a.m.24 views

Defending Against Scheduled Task Attacks in Windows Environments

Scheduling tasks is one of the most popular attack techniques used by threat actors to establish persistence on a victim’s machine. The Qualys Research Team investigated different ways that attackers could use to conceal scheduled tasks. In this blog, we describe three new techniques to hide and...

7.6AI score
Exploits0
Qualys Blog
Qualys Blog
added 2022/06/15 9:46 p.m.24 views

New Qualys Research Report: Inside a Redline InfoStealer Campaign

The Qualys Threat Research Team continues its efforts to identify and document previously unseen adversary activity to better understand their tactics, techniques, and procedures TTPs and defend against them. Recently we identified a new Redline InfoStealer campaign that spreads via fake cracked...

1.1AI score
Exploits0
Qualys Blog
Qualys Blog
added 2022/06/14 8:52 p.m.798 views

Detect the Follina MSDT Vulnerability (CVE-2022-30190) with Qualys Multi-Vector EDR & Context XDR

A new remote code execution vulnerability called “Follina” has been found lurking in most Microsoft products. In this blog, we examine a potential attack vector as well as technical details of Follina, and chart the ability to detect this new vulnerability using both Qualys Multi-Vector EDR and...

9.3CVSS8.6AI score0.99374EPSS
Exploits62
Qualys Blog
Qualys Blog
added 2022/06/14 8:0 p.m.252 views

June 2022 Patch Tuesday | Microsoft Releases 55 Vulnerabilities with 3 Critical; Adobe Releases 6 Advisories, 46 Vulnerabilities with 40 Critical.

Microsoft Patch Tuesday Summary Microsoft has fixed 55 vulnerabilities aka flaws in the June 2022 update, including three 3 vulnerabilities classified as Critical as they allow Remote Code Execution RCE. This months Patch Tuesday cumulative Windows update includes the fix for one 1 zero-day...

10CVSS0.7AI score0.99374EPSS
Exploits64
Qualys Blog
Qualys Blog
added 2022/06/07 4:25 p.m.18 views

Close the Gap Between IT & Security with Our New App: Qualys VMDR for ITSM

In recent years, the world has seen an alarming rise in cyber-attacks. According to the just released Verizon DBIR report, the rate of increase of ransomware attacks in 2021 was greater than its rate of increase in the last five years, combined. Malicious exploitation of vulnerabilities continues...

0.1AI score
Exploits0
Qualys Blog
Qualys Blog
added 2022/06/06 12:55 p.m.727 views

Introducing Qualys VMDR 2.0

Over the last five years, the number of vulnerabilities disclosed has doubled. The speed at which vulnerabilities are weaponized and leveraged for mass exploitation is down to mere days from weeks. For example, mass exploitation of the Log4Shell vulnerability at the end of 2021 occurred 48 hours...

5CVSS0.66023EPSS
Exploits4
Qualys Blog
Qualys Blog
added 2022/05/31 7:41 p.m.21 views

Transitioning to a Risk-based Approach to Cybersecurity

For todays CISOs, managing cyber risk is Job 1, and its a full-time concern. This was communicated loud and clear when Qualys recently hosted several CISOs and cybersecurity executives from our global enterprise customer base at our Strategic Advisory Board meeting in London. Their teams are...

7.3AI score
Exploits0
Qualys Blog
Qualys Blog
added 2022/05/26 6:28 p.m.14 views

Qualys FIM: Be Compliance Ready with Intuitive, Ready-to-Use File Monitoring Profiles

Requirements for file-level security are often set by laws, regulations, and audit standards. These include identification of what must be protected, the various controls required to implement security, and outcomes required to successfully pass audits for compliance. This blog describes these an...

7.1AI score
Exploits0
Qualys Blog
Qualys Blog
added 2022/05/20 1:0 p.m.266 views

Put SecOps in the Driver’s Seat with Custom Assessment and Remediation

When zero-day threats emerge, time is of the essence. Security teams struggle to manage and respond to a range of challenges that often require custom approaches outside of existing vulnerability and security programs. Recently, many companies scrambled to mount their defenses against the Log4She...

9.3CVSS0.1AI score0.99999EPSS
Exploits349
Qualys Blog
Qualys Blog
added 2022/05/16 9:25 p.m.23 views

Upgrade Your FIM Program to Detect Risk and Streamline Compliance

File integrity monitoring FIM tools are essential for defending business and customer data, but legacy tools are falling short by swamping security analysts with irrelevant alerts. This blog describes how Qualys FIM easily solves such issues by accurately isolating file-level breaches and sending...

Exploits0
Qualys Blog
Qualys Blog
added 2022/05/10 7:29 p.m.224 views

May 2022 Patch Tuesday | Microsoft Releases 75 Vulnerabilities with 8 Critical; Adobe Releases 5 Advisories, 18 Vulnerabilities with 16 Critical.

Microsoft Patch Tuesday Summary Microsoft has fixed 75 vulnerabilities in the May 2022 update, including one advisory ADV2200011 for Azure in response to CVE-2022-29972, a publicly exposed Zero-Day Remote Code Execution RCE Vulnerability, and eight 8 vulnerabilities classified as Critical as they...

9.3CVSS0.5AI score0.83277EPSS
Exploits11
Qualys Blog
Qualys Blog
added 2022/05/09 4:40 a.m.34 views

Ursnif Malware Banks on News Events for Phishing Attacks

Ursnif aka Gozi, Dreambot, ISFB is one of the most widespread banking trojans. It has been observed evolving over the past few years. Ursnif has shown incredible theft capabilities. In 2020 Ursnif rose to prominence becoming one of the top ten most prolific pieces of malware. Among its core...

0.6AI score
Exploits0
Qualys Blog
Qualys Blog
added 2022/05/06 12:19 p.m.842 views

CISA Alert: Top 15 Routinely Exploited Vulnerabilities

The U.S. Cybersecurity & Infrastructure Security Agency has published its report on the top exploited vulnerabilities of 2021. This blog summarizes the report’s findings and how you can use Qualys VMDR to automatically detect and remediate these risks in your enterprise environment. The...

10CVSS0.7AI score0.99999EPSS
Exploits666
Qualys Blog
Qualys Blog
added 2022/05/04 9:40 a.m.1199 views

Ransomware Insights from the FBI’s 2021 Internet Crime Report

The FBI has published its annual report on Internet crime. Qualys has analyzed its trends and statistics. In this post, we review our findings, especially with regards to the prevalence of Ransomware, and our recommendations for actions that enterprises should take to mitigate their risk. Every...

10CVSS0.6AI score0.99898EPSS
Exploits141
Qualys Blog
Qualys Blog
added 2022/04/21 6:2 p.m.25 views

Assessing Certificate Risk with Qualys VMDR

Digital certificates and SSL are everywhere. However, managing an accurate inventory of all current certificates in use across your enterprise is an ongoing challenge. This blog examines the scale of the problem, the shortcomings of some popular certificate tracking methods, and how Qualys VMDR’s...

7.1AI score
Exploits0
Qualys Blog
Qualys Blog
added 2022/04/20 7:26 p.m.26 views

Implications of Windows Subsystem for Linux for Adversaries & Defenders (Part 2)

This post is the second of a multi-part blog series that explores and highlights the different risks that Windows Subsystem for Linux WSL poses to an enterprise IT environment. Here we examine different TTPs that abuse WSL and assess different methods to defend against such threats. ← Go to Part ...

0.1AI score
Exploits0
Qualys Blog
Qualys Blog
added 2022/04/12 8:7 p.m.189 views

April 2022 Patch Tuesday: Microsoft Releases 145 Vulnerabilities with 10 Critical; Adobe Releases 4 Advisories, 78 Vulnerabilities with 51 Critical.

Microsoft Patch Tuesday Summary Microsoft has fixed 145 vulnerabilities, including 17 Microsoft Edge vulnerabilities, in the April 2022 update, with ten 10 classified as Critical as they allow Remote Code Execution RCE. This month’s Patch Tuesday release includes fixes for two 2 zero-day...

10CVSS1AI score0.91316EPSS
Exploits22
Qualys Blog
Qualys Blog
added 2022/04/04 1:0 p.m.15 views

EDR Is Dead. Long Live Multi-Vector EDR.

News of EDR’s demise has been greatly exaggerated. Fact is: older approaches to EDR have to move over. There’s a new solution now: Multi-Vector EDR. This blog reviews the highlights of our latest release of this critically important app on the Qualys Cloud Platform. Although it now seems like a...

7.4AI score
Exploits0
Qualys Blog
Qualys Blog
added 2022/03/31 11:34 p.m.28 views

Qualys Multi-Vector EDR Excels in 2022 MITRE ATT&CK Evaluation

MITRE evaluated Qualys Multi-Vector EDR against competing alternatives, and the results are in. This blog reviews the basics of MITRE ATT&CK evaluation, how our EDR solution performed, and how to interpret the ratings. MITRE Engenuity has released the results of round 4 of its ATT&CK Evaluations...

7.3AI score
Exploits0
Total number of security vulnerabilities1089