Lucene search
K
QualysblogRecent

1089 matches found

Qualys Blog
Qualys Blog
added 2021/10/28 6:22 a.m.239 views

Apache HTTP Server Path Traversal & Remote Code Execution (CVE-2021-41773 & CVE-2021-42013)

On October 4, 2021, Apache HTTP Server Project released Security advisory on a Path traversal and File disclosure vulnerability in Apache HTTP Server 2.4.49 and 2.4.50 tracked as CVE-2021-41773 and CVE-2021-42013. In the advisory, Apache also highlighted “the issue is known to be exploited in the...

7.5CVSS0.3AI score0.99992EPSS
Exploits173
Qualys Blog
Qualys Blog
added 2021/10/27 12:7 p.m.233 views

Apache Tomcat HTTP Request Smuggling Vulnerability (CVE-2021-33037)

A vulnerability CVE-2021-33037 discovered this year in Apache Tomcat causes incorrect parsing of the HTTP transfer-encoding request header in some circumstances, leading to the possibility of HTTP Request Smuggling HRS when used with a reverse proxy. HTTP Request Smuggling HRS is a web applicatio...

5CVSS0.1AI score0.75353EPSS
Exploits1
Qualys Blog
Qualys Blog
added 2021/10/25 5:0 a.m.16 views

Vulnerability On-Demand Search Reporting & Easy Download options

Vulnerability reporting is different from any other aspect of a Vulnerability Management Program. The methodologies of Discover, Assess, Report and Remediate are critical components that should be included in the respective sections of a Vulnerability Report. Qualys VMDR Vulnerability Management...

1.3AI score
Exploits0
Qualys Blog
Qualys Blog
added 2021/10/18 7:41 a.m.191 views

Apple fixes zero-day in iOS and iPadOS 15.0.2 emergency release: Detect and Prioritize Vulnerabilities using VMDR for Mobile Devices

Apple recently released iOS and iPadOS 15.0.2 as an emergency security update that addresses 1 critical zero-day vulnerabilities, which is exploited in wild. Qualys recommends that security teams should immediately update all devices running iOS and iPadOS to the latest version. "Apple is aware o...

9.3CVSS2.1AI score0.75994EPSS
Exploits3
Qualys Blog
Qualys Blog
added 2021/10/13 2:14 p.m.185 views

Microsoft & Adobe Patch Tuesday (October 2021) – Microsoft 74 Vulnerabilities with 3 Critical, 4 Zero-Days. Adobe 10 Vulnerabilities

Microsoft Patch Tuesday – October 2021 Microsoft patched 74 vulnerabilities in their October 2021 Patch Tuesday release, of which three are rated as critical severity and four were previously reported as zero-days. Critical Microsoft Vulnerabilities Patched CVE-2021-40449 - Win32k Elevation of...

7.2CVSS0.3AI score0.73381EPSS
Exploits11
Qualys Blog
Qualys Blog
added 2021/10/13 12:41 p.m.28 views

Tenacity 2.0 – Emulating Threat groups

Introduction The previous article: Tenacity – An Adversary Emulation Tool for Persistence, walked us through the working of Tenacity, techniques it supports, and how it can help organizations and individuals to validate the risk posture. As with the second installment of the series, this post wil...

0.8AI score
Exploits0
Qualys Blog
Qualys Blog
added 2021/10/11 2:0 a.m.29 views

From Technical Features to Customer Security Metrics

Qualys solutions are packed with great functionality to deliver operational efficiency to all our customers, but the value does not end with bits and bytes. Qualys customers can count on Technical Account Managers to maximize the effectiveness of their subscription, and this post tells a story...

6.9AI score
Exploits0
Qualys Blog
Qualys Blog
added 2021/10/05 12:50 p.m.722 views

The Rise of Ransomware

With most employees still working from remote locations, ransomware attacks have increased steadily since the early months of the Covid-19 pandemic. According to the FBI’s 2020 Internet Crime Report 2400+ ransomware-related incidents in 2020 resulted in a loss of about 29 million dollars. These...

10CVSS0.7AI score0.99999EPSS
Exploits272
Qualys Blog
Qualys Blog
added 2021/10/05 12:50 p.m.225 views

Assess Your Risk From Ransomware Attacks, Powered by Qualys Research

Ransomware attacks are among the most significant cyber threats facing businesses today. Recent warnings about Conti ransomware, issued by a joint cybersecurity advisory from the U.S. Cybersecurity and Infrastructure Security Agency CISA, FBI and National Security Agency, are a strong signal that...

10CVSS1.1AI score0.99759EPSS
Exploits149
Qualys Blog
Qualys Blog
added 2021/09/29 9:31 a.m.27 views

QID Spotlight: Discover Azul Java Vulnerabilities

The Qualys vulnerability signatures team has released a new series of signatures detections for Azul Java, allowing security teams to identify Azul Java hosts and detect their vulnerabilities. Azul is a Java platform used for modern cloud enterprises. The platform is used for developing,...

7.1AI score
Exploits0
Qualys Blog
Qualys Blog
added 2021/09/29 8:28 a.m.77 views

NSO Pegasus iPhone Spyware Vulnerabilities Fixed by Apple – Detect & Prioritize Using VMDR for Mobile Devices

Apple recently released iOS and iPadOS 12.5.5, 15.0, which includes a security update that addresses almost 25 vulnerabilities, including several critical RCE and privilege escalation vulnerabilities. In 12.5.5, Apple fixed 3 critical zero-day vulnerabilities, which are used to deploy NSO Pegasus...

9.3CVSS1AI score0.75994EPSS
Exploits2
Qualys Blog
Qualys Blog
added 2021/09/27 4:23 p.m.16 views

Prioritize Remediation with a Perceived-Risk Approach to Strengthen CyberSecurity Effectiveness

Minimizing Time To Remediate TTR is becoming one of the key metrics of security program effectiveness. This holistic measure represents many capabilities and is a good validation of your risk mitigation capacity because it captures how quickly you can respond to the most critical vulnerabilities...

6.9AI score
Exploits0
Qualys Blog
Qualys Blog
added 2021/09/21 2:40 p.m.195 views

Apache Struts 2 Double OGNL Evaluation Vulnerability (CVE-2020-17530)

A vulnerability CVE-2020-17530 discovered last year in the Object Graph Navigation Language OGNL evaluation function of Apache Struts versions 2.0.0 – 2.5.25 can be exploited by attackers to perform remote code execution. This RCE vulnerability doesn’t come packaged with Apache struts but is...

7.5CVSS10AI score0.95922EPSS
Exploits11
Qualys Blog
Qualys Blog
added 2021/09/20 6:45 p.m.20 views

Improving Cybersecurity Practices by Managing the Asset Lifecycle

Securing enterprise environments continues to increase in importance. Attacks on infrastructure continue to increase and organizations need to focus more on prevention. While new vulnerabilities are continually being discovered, companies are also left vulnerable to attacks because their...

7AI score
Exploits0
Qualys Blog
Qualys Blog
added 2021/09/20 2:47 p.m.110 views

Detect & Prioritize NSO Pegasus iPhone Spyware Vulnerabilities Using VMDR for Mobile Devices

Apple recently released iOS and iPadOS 14.8 as a security update that addresses 2 critical zero-day vulnerabilities, which are used to deploy NSO Pegasus iPhone spyware. Qualys recommends that security teams should immediately update all devices running iOS and iPadOS to the latest version. "Appl...

6.8CVSS1.4AI score0.75994EPSS
Exploits2
Qualys Blog
Qualys Blog
added 2021/09/20 2:45 p.m.53 views

Google Android September 2021 Security Patch Vulnerabilities: Discover and Take Remote Response Action Using VMDR for Mobile Devices

The recently released Android Security Bulletin for September 2021 addresses 40 vulnerabilities, out of which 7 are rated as critical vulnerabilities. The vulnerabilities affect open-source components such as the Android Framework, Android Media Framework, and Android System. The vulnerabilities...

10CVSS1.2AI score0.00778EPSS
Exploits0
Qualys Blog
Qualys Blog
added 2021/09/14 6:56 p.m.119 views

Microsoft and Adobe Patch Tuesday (September 2021) – Microsoft 60 Vulnerabilities with 3 Critical, Adobe 61 Vulnerabilities

Microsoft Patch Tuesday – September 2021 Microsoft patched 60 vulnerabilities in their September 2021 Patch Tuesday release, and an additional 26 CVEs since September 1st. Among the 60 released in the September Patch Tuesday, 3 of them are rated as critical severity, one as moderate, and 56 as...

9.3CVSS0.99723EPSS
Exploits62
Qualys Blog
Qualys Blog
added 2021/09/14 12:55 p.m.17 views

Optimize Vulnerability Remediation with Proactive Zero-Touch Patch

Vulnerability remediation is a complex task, and most organizations struggle to identify, prioritize and remediate vulnerabilities efficiently. With the rise in vulnerability discovery, there is a correlating increase in ransomware attacks initiated through unpatched vulnerabilities. This has led...

0.1AI score
Exploits0
Qualys Blog
Qualys Blog
added 2021/08/13 11:19 p.m.99 views

Google Android August 2021 Security Patch Vulnerabilities: Discover and Take Remote Response Action Using VMDR for Mobile Devices

The recently released Android Security Bulletin for August 2021 addresses 36 vulnerabilities, out of which 5 are rated as critical vulnerabilities. The vulnerabilities affect open-source components such as the Android Framework, Android Media Framework, and Android System. The vulnerabilities als...

10CVSS1.2AI score0.00782EPSS
Exploits0
Qualys Blog
Qualys Blog
added 2021/08/10 7:58 p.m.137 views

Microsoft and Adobe Patch Tuesday (August 2021) – Microsoft 51 Vulnerabilities with 7 Critical, Adobe 29 Vulnerabilities

Microsoft Patch Tuesday – August 2021 Microsoft patched 51 vulnerabilities in their August 2021 Patch Tuesday release, and 7 of them are rated as critical severity. Three 0-day vulnerability patches were included in the release. Critical Microsoft Vulnerabilities Patched CVE-2021-36942 - Windows...

7.5CVSS8.6AI score0.66023EPSS
Exploits9
Qualys Blog
Qualys Blog
added 2021/08/10 2:40 p.m.100 views

QID Spotlight: Discover CBL-Mariner Vulnerabilities using Qualys VMDR

The Qualys vulnerability signatures team has released a new series of signatures detections for CBL-Mariner Common Base Linux, allowing security teams to identify CBL-Mariner hosts and detect their vulnerabilities. CBL-Mariner Common Base Linux is developed by Microsoft and is a Linux distributio...

1.2AI score
Exploits0
Qualys Blog
Qualys Blog
added 2021/08/06 4:51 a.m.68 views

Tenacity – An Adversary Emulation Tool for Persistence

Persistence is one of the more sought-after techniques of an attacker or adversary. Persistence is achieved through a set of tactics or techniques that adversaries use to maintain their foothold on compromised systems across restarts, changed credentials, and other interruptions that could cut of...

7.5AI score
Exploits0
Qualys Blog
Qualys Blog
added 2021/08/05 1:44 a.m.73 views

Qualys Research Wins Two 2021 Pwnie Awards

The Qualys Research team won two Pwnie Awards today at Black Hat USA 2021 for discovering and responsibly disclosing these new vulnerabilities: Best Privilege Escalation Bug and Most Under-Hyped Research. The Qualys Research team received these awards: Best Privilege Escalation Bug Heap-based...

7.2CVSS1.7AI score0.99295EPSS
Exploits81
Qualys Blog
Qualys Blog
added 2021/08/03 12:55 p.m.46 views

Securing Red Hat Enterprise Linux CoreOS in Red Hat OpenShift with Qualys

Qualys full-stack security for Red Hat OpenShift adds visibility, actionable intelligence, and security auditing for Red Hat Enterprise Linux CoreOS, the operating system that underpins OpenShift deployments for running containers securely. With this new offering, Qualys is now the first and only...

Exploits0
Qualys Blog
Qualys Blog
added 2021/08/02 3:59 p.m.193 views

Qualys Research Nominated for Pwnie Awards 2021

The Qualys Research team has been nominated for five Pwnie Awards this year in three different categories. In addition to nominations for Best Privilege Escalation Bug 2 nominations and Best Server-Side Bug 2 nominations, the team is also nominated for Most Under-Hyped Research. Qualys is honored...

7.2CVSS1.7AI score0.99295EPSS
Exploits91
Qualys Blog
Qualys Blog
added 2021/07/31 4:7 p.m.83 views

Top Black Hat USA Sessions for Qualys Customers

Black Hat USA is known for cutting-edge security research, and this year’s conference is no different. If you’re a Qualys customer, here are some Black Hat sessions we think youll find relevant. Next-Gen DFIR: Mass Exploits & Supplier Compromise An investigation of real “next-gen” digital forensi...

0.1AI score
Exploits0
Qualys Blog
Qualys Blog
added 2021/07/29 12:20 a.m.729 views

CISA Alert: Top Routinely Exploited Vulnerabilities

On July 28, 2021, the U.S. Cybersecurity and Infrastructure Security Agency CISA released a cybersecurity advisory detailing the top 30 publicly known vulnerabilities that have been routinely exploited by cyber threat actors in 2020 and 2021. Organizations are advised to prioritize and apply...

10CVSS1.1AI score0.99999EPSS
Exploits453
Qualys Blog
Qualys Blog
added 2021/07/28 7:41 p.m.136 views

iOS and iPadOS 14.7 and 14.7.1 Security Update: Discover Vulnerabilities and Take Remote Response Action Using VMDR for Mobile Devices

Apple recently released iOS and iPadOS 14.7 and 14.7.1 which include a security update that addresses almost 38 vulnerabilities, among them several critical RCE and privilege escalation vulnerabilities. Qualys recommends that security teams should immediately update all devices running iOS and...

7.5CVSS1AI score0.28839EPSS
Exploits0
Qualys Blog
Qualys Blog
added 2021/07/23 4:31 p.m.174 views

Protect your Devices from Pegasus Spyware using VMDR for Mobile Devices’ Proactive Approach

Pegasus spyware is in the news, and it has been used to target devices of critical people from different sectors and countries including journalists, activists, politicians, and business executives. It has been said that a leaked list of 50,000 phone numbers of potential surveillance targets was...

9.3CVSS1.7AI score0.07082EPSS
Exploits1
Qualys Blog
Qualys Blog
added 2021/07/20 12:55 p.m.367 views

CVE-2021-33910: Denial of Service (Stack Exhaustion) in systemd (PID 1)

The Qualys Research Team has discovered a stack exhaustion denial-of-service vulnerability in systemd, a near-ubiquitous utility available on major Linux operating systems. Any unprivileged user can exploit this vulnerability to crash systemd and hence the entire operating system a kernel panic...

7.2CVSS0.1AI score0.09808EPSS
Exploits7
Qualys Blog
Qualys Blog
added 2021/07/20 12:54 p.m.483 views

Sequoia: A Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909)

The Qualys Research Team has discovered a sizet-to-int type conversion vulnerability in the Linux Kernel’s filesystem layer affecting most Linux operating systems. Any unprivileged user can gain root privileges on a vulnerable host by exploiting this vulnerability in a default configuration. Abou...

7.2CVSS7.7AI score0.09808EPSS
Exploits7
Qualys Blog
Qualys Blog
added 2021/07/13 9:4 p.m.91 views

Google Android July 2021 Security Patch Vulnerabilities: Discover and Take Remote Response Action Using VMDR for Mobile Devices

The recently released Android Security Bulletin for July 2021 addresses 44 vulnerabilities, out of which 7 are rated as critical vulnerabilities. The vulnerabilities affect open-source components such as the Android Framework, Android Media Framework, and Android System. The vulnerabilities also...

10CVSS1.3AI score0.03016EPSS
Exploits0
Qualys Blog
Qualys Blog
added 2021/07/13 7:49 p.m.172 views

Microsoft and Adobe Patch Tuesday (July 2021) – Microsoft 117 Vulnerabilities with 13 Critical, Adobe 26 Vulnerabilities

Microsoft Patch Tuesday – July 2021 Microsoft patched 117 vulnerabilities in their July 2021 Patch Tuesday release, and 13 of them are rated as critical severity. Critical Microsoft Vulnerabilities Patched CVE-2021-34448 – Scripting Engine Memory Corruption Vulnerability This is being actively...

9.3CVSS0.1AI score0.99759EPSS
Exploits41
Qualys Blog
Qualys Blog
added 2021/07/09 4:11 p.m.281 views

Qualys API Best Practices: Host List Detection API

Host List Detection is your subscriptions list of hosts and their corresponding up-to-date detections including: 1. Confirmed Vulnerability Detections 2. Potential Vulnerability Detections 3. Information Gathered Detections about your system After extracting Host List Detection vulnerability data...

0.1AI score
Exploits0
Qualys Blog
Qualys Blog
added 2021/07/08 5:7 p.m.394 views

Kaseya REvil Ransomware Attack (CVE-2021-30116) – Automatically Discover and Prioritize Using Qualys VMDR®

On July 2, 2021, Kaseya announced its software had been compromised and was being used to attack the IT infrastructure of its customers. The REvil ransomware attack leveraged multiple zero-day vulnerabilities in Kaseya’s VSA Virtual System/Server Administrator product that helps Kaseya customers ...

7.5CVSS1AI score0.85619EPSS
Exploits1
Qualys Blog
Qualys Blog
added 2021/07/07 11:41 p.m.335 views

Analyzing the REvil Ransomware Attack

Over the past year, there has been a rise in extortion malware, e.g. Nefilim and Darkside, which steal and threaten to publish sensitive data or encrypt it until a ransom is paid. Nowadays, cybercriminals use various techniques to gain their initial foothold within a network in the organization...

7.5CVSS1AI score0.85619EPSS
Exploits1
Qualys Blog
Qualys Blog
added 2021/07/07 11:30 p.m.1300 views

Microsoft Windows Print Spooler RCE Vulnerability (PrintNightmare-CVE-2021-34527) – Automatically Discover, Prioritize and Remediate Using Qualys VMDR®

Update July 9, 2021: Added "Registry Settings Check After Installing the Updates" section below. Original Post: On June 29, 2021, a zero-day exploit was observed on Microsoft Windows systems which allows authenticated users with a regular Domain User account to gain full SYSTEM-level privileges. ...

9.3CVSS0.7AI score0.99759EPSS
Exploits75
Qualys Blog
Qualys Blog
added 2021/06/09 3:0 p.m.309 views

DarkSide Ransomware

DarkSide ransomware is a relatively new ransomware strain that threat actors have been using to target multiple large, high-revenue organizations resulting in the encryption and theft of sensitive data and threats to make it publicly available if the ransom demand is not paid. Because of its...

10CVSS0.4AI score0.96823EPSS
Exploits2
Qualys Blog
Qualys Blog
added 2021/06/08 9:19 p.m.432 views

Microsoft & Adobe Patch Tuesday (June 2021) – Microsoft 50 Vulnerabilities with 5 Critical, Adobe 21 Critical Vulnerabilities

Microsoft Patch Tuesday – June 2021 Microsoft patched 50 CVEs in their June 2021 Patch Tuesday release, and five of them are rated as critical severity. Six have applicable exploits. Critical Microsoft Vulnerabilities Patched CVE-2021-31985 – Microsoft Defender Remote Code Execution Vulnerability...

9.3CVSS8.5AI score0.86132EPSS
Exploits77
Qualys Blog
Qualys Blog
added 2021/05/25 2:31 p.m.39 views

Monitor Windows Registry Changes with Qualys File Integrity Monitoring

With Windows registries storing a large number of programs and OS security settings and a large amount of raw data, threat actors have begun to use those registries as a data store for their malicious activity. It is therefore imperative for organizations to monitor changes in Windows registries ...

0.3AI score
Exploits0
Qualys Blog
Qualys Blog
added 2021/05/24 2:4 p.m.123 views

Reinforce Defense with File Reputation and Trusted Source Intelligence in Qualys FIM

Monitoring change events in the file system is both a crucial aspect of security and a critical compliance requirement. A file integrity monitoring tool functions as an essential layer of defense to identify illicit activities across critical system files and registries, diagnose changes, and sen...

7.2AI score
Exploits0
Qualys Blog
Qualys Blog
added 2021/05/18 12:55 p.m.102 views

Reinventing Cybersecurity Asset Management

Because security teams need their own asset inventory solution In conversations with our customers, it’s very clear that organizations need to establish a comprehensive view of their IT asset infrastructure because you can’t secure what you don’t know or can’t see. But that comprehensive view nee...

Exploits0
Qualys Blog
Qualys Blog
added 2021/05/18 12:54 p.m.111 views

Introducing CyberSecurity Asset Management

With the rapid expansion of new IT technologies and their growing adoption rate, organizations face an increasing problem in securing their myriad on-premises, virtual & cloud-based assets. Add to that the explosion of intelligent devices on the corporate network and you have a huge landscape to...

0.6AI score
Exploits0
Qualys Blog
Qualys Blog
added 2021/05/12 3:34 p.m.1201 views

Nefilim Ransomware

Over the past year there has been a rise in extortion malware that focuses on stealing sensitive data and threatening to publish the data unless a ransom is paid. This technique bypasses some of the mitigations put in place, such as backups, which would allow IT organizations to recover data...

7.5CVSS0.1AI score0.99999EPSS
Exploits48
Qualys Blog
Qualys Blog
added 2021/05/11 9:53 p.m.377 views

Microsoft & Adobe Patch Tuesday (May 2021) – Qualys covers 85 Vulnerabilities, 26 Critical

Microsoft Patch Tuesday – May 2021 Microsoft patched 55 CVEs in their May 2021 Patch Tuesday release, of which 4 are rated as critical severity. Three 0-day vulnerability patches were included in the release. As of this publication date, none have been exploited. Qualys released 12 QIDs on the sa...

9.3CVSS0.99782EPSS
Exploits63
Qualys Blog
Qualys Blog
added 2021/05/10 10:5 p.m.58 views

Google Android May 2021 Security Patch Vulnerabilities: Discover and Take Remote Response Action Using VMDR for Mobile Devices

The recently released Android Security Bulletin for May 2021 addresses 40 vulnerabilities, out of which 4 are rated as critical vulnerabilities. The vulnerabilities affect open-source components such as the Android Framework, Android Media Framework, Android System, and Android’s Linux Kernel for...

10CVSS0.9AI score0.03357EPSS
Exploits0
Qualys Blog
Qualys Blog
added 2021/05/04 2:10 p.m.413 views

21Nails: Multiple Critical Vulnerabilities in Exim Mail Server

Update May 7, 2021: Exim has released a security update to address multiple vulnerabilities in Exim versions prior to 4.94.2. See the CISA announcement. Original Post: The Qualys Research Team has discovered multiple critical vulnerabilities in the Exim mail server, some of the which can be chain...

9.3CVSS0.61061EPSS
Exploits6
Qualys Blog
Qualys Blog
added 2021/05/03 12:55 p.m.54 views

The Convergence of Endpoint Protection with Detection & Response

By almost every account, trend, or metric, the cybersecurity threat landscape is getting worse year over year. According to Qualys Labs, 2020 saw the highest number of vulnerabilities ever recorded. The average time it takes to patch vulnerabilities is months not weeks or days. Ransomware payouts...

0.3AI score
Exploits0
Qualys Blog
Qualys Blog
added 2021/04/28 7:45 p.m.82 views

iOS / iPadOS 14.5 Updates: Identify Assets Requiring Update and Take Remote Action with VMDR for Mobile Devices

Apple recently released iOS 14.5 and iPadOS 14.5 which include a security update that addresses almost 50 vulnerabilities including several critical RCE and privilege escalation vulnerabilities. Qualys recommends security teams to immediately update all devices running iOS and iPadOS to the lates...

4.9CVSS8.6AI score0.02132EPSS
Exploits0
Qualys Blog
Qualys Blog
added 2021/04/22 7:20 p.m.90 views

WhatsApp Vulnerabilities: Automatically Discover and Remediate Using VMDR for Mobile Devices

WhatsApp has recently fixed critical and high-severity vulnerabilities affecting WhatsApp for Android, WhatsApp Business for Android, WhatsApp for iOS, and WhatsApp Business for iOS. The Indian Computer Emergency Response Team CERT-In has issued a high-severity security warning for WhatsApp users...

10CVSS0.4AI score0.03805EPSS
Exploits1
Total number of security vulnerabilities1089