1089 matches found
Apache HTTP Server Path Traversal & Remote Code Execution (CVE-2021-41773 & CVE-2021-42013)
On October 4, 2021, Apache HTTP Server Project released Security advisory on a Path traversal and File disclosure vulnerability in Apache HTTP Server 2.4.49 and 2.4.50 tracked as CVE-2021-41773 and CVE-2021-42013. In the advisory, Apache also highlighted “the issue is known to be exploited in the...
Apache Tomcat HTTP Request Smuggling Vulnerability (CVE-2021-33037)
A vulnerability CVE-2021-33037 discovered this year in Apache Tomcat causes incorrect parsing of the HTTP transfer-encoding request header in some circumstances, leading to the possibility of HTTP Request Smuggling HRS when used with a reverse proxy. HTTP Request Smuggling HRS is a web applicatio...
Vulnerability On-Demand Search Reporting & Easy Download options
Vulnerability reporting is different from any other aspect of a Vulnerability Management Program. The methodologies of Discover, Assess, Report and Remediate are critical components that should be included in the respective sections of a Vulnerability Report. Qualys VMDR Vulnerability Management...
Apple fixes zero-day in iOS and iPadOS 15.0.2 emergency release: Detect and Prioritize Vulnerabilities using VMDR for Mobile Devices
Apple recently released iOS and iPadOS 15.0.2 as an emergency security update that addresses 1 critical zero-day vulnerabilities, which is exploited in wild. Qualys recommends that security teams should immediately update all devices running iOS and iPadOS to the latest version. "Apple is aware o...
Microsoft & Adobe Patch Tuesday (October 2021) – Microsoft 74 Vulnerabilities with 3 Critical, 4 Zero-Days. Adobe 10 Vulnerabilities
Microsoft Patch Tuesday – October 2021 Microsoft patched 74 vulnerabilities in their October 2021 Patch Tuesday release, of which three are rated as critical severity and four were previously reported as zero-days. Critical Microsoft Vulnerabilities Patched CVE-2021-40449 - Win32k Elevation of...
Tenacity 2.0 – Emulating Threat groups
Introduction The previous article: Tenacity – An Adversary Emulation Tool for Persistence, walked us through the working of Tenacity, techniques it supports, and how it can help organizations and individuals to validate the risk posture. As with the second installment of the series, this post wil...
From Technical Features to Customer Security Metrics
Qualys solutions are packed with great functionality to deliver operational efficiency to all our customers, but the value does not end with bits and bytes. Qualys customers can count on Technical Account Managers to maximize the effectiveness of their subscription, and this post tells a story...
The Rise of Ransomware
With most employees still working from remote locations, ransomware attacks have increased steadily since the early months of the Covid-19 pandemic. According to the FBI’s 2020 Internet Crime Report 2400+ ransomware-related incidents in 2020 resulted in a loss of about 29 million dollars. These...
Assess Your Risk From Ransomware Attacks, Powered by Qualys Research
Ransomware attacks are among the most significant cyber threats facing businesses today. Recent warnings about Conti ransomware, issued by a joint cybersecurity advisory from the U.S. Cybersecurity and Infrastructure Security Agency CISA, FBI and National Security Agency, are a strong signal that...
QID Spotlight: Discover Azul Java Vulnerabilities
The Qualys vulnerability signatures team has released a new series of signatures detections for Azul Java, allowing security teams to identify Azul Java hosts and detect their vulnerabilities. Azul is a Java platform used for modern cloud enterprises. The platform is used for developing,...
NSO Pegasus iPhone Spyware Vulnerabilities Fixed by Apple – Detect & Prioritize Using VMDR for Mobile Devices
Apple recently released iOS and iPadOS 12.5.5, 15.0, which includes a security update that addresses almost 25 vulnerabilities, including several critical RCE and privilege escalation vulnerabilities. In 12.5.5, Apple fixed 3 critical zero-day vulnerabilities, which are used to deploy NSO Pegasus...
Prioritize Remediation with a Perceived-Risk Approach to Strengthen CyberSecurity Effectiveness
Minimizing Time To Remediate TTR is becoming one of the key metrics of security program effectiveness. This holistic measure represents many capabilities and is a good validation of your risk mitigation capacity because it captures how quickly you can respond to the most critical vulnerabilities...
Apache Struts 2 Double OGNL Evaluation Vulnerability (CVE-2020-17530)
A vulnerability CVE-2020-17530 discovered last year in the Object Graph Navigation Language OGNL evaluation function of Apache Struts versions 2.0.0 – 2.5.25 can be exploited by attackers to perform remote code execution. This RCE vulnerability doesn’t come packaged with Apache struts but is...
Improving Cybersecurity Practices by Managing the Asset Lifecycle
Securing enterprise environments continues to increase in importance. Attacks on infrastructure continue to increase and organizations need to focus more on prevention. While new vulnerabilities are continually being discovered, companies are also left vulnerable to attacks because their...
Detect & Prioritize NSO Pegasus iPhone Spyware Vulnerabilities Using VMDR for Mobile Devices
Apple recently released iOS and iPadOS 14.8 as a security update that addresses 2 critical zero-day vulnerabilities, which are used to deploy NSO Pegasus iPhone spyware. Qualys recommends that security teams should immediately update all devices running iOS and iPadOS to the latest version. "Appl...
Google Android September 2021 Security Patch Vulnerabilities: Discover and Take Remote Response Action Using VMDR for Mobile Devices
The recently released Android Security Bulletin for September 2021 addresses 40 vulnerabilities, out of which 7 are rated as critical vulnerabilities. The vulnerabilities affect open-source components such as the Android Framework, Android Media Framework, and Android System. The vulnerabilities...
Microsoft and Adobe Patch Tuesday (September 2021) – Microsoft 60 Vulnerabilities with 3 Critical, Adobe 61 Vulnerabilities
Microsoft Patch Tuesday – September 2021 Microsoft patched 60 vulnerabilities in their September 2021 Patch Tuesday release, and an additional 26 CVEs since September 1st. Among the 60 released in the September Patch Tuesday, 3 of them are rated as critical severity, one as moderate, and 56 as...
Optimize Vulnerability Remediation with Proactive Zero-Touch Patch
Vulnerability remediation is a complex task, and most organizations struggle to identify, prioritize and remediate vulnerabilities efficiently. With the rise in vulnerability discovery, there is a correlating increase in ransomware attacks initiated through unpatched vulnerabilities. This has led...
Google Android August 2021 Security Patch Vulnerabilities: Discover and Take Remote Response Action Using VMDR for Mobile Devices
The recently released Android Security Bulletin for August 2021 addresses 36 vulnerabilities, out of which 5 are rated as critical vulnerabilities. The vulnerabilities affect open-source components such as the Android Framework, Android Media Framework, and Android System. The vulnerabilities als...
Microsoft and Adobe Patch Tuesday (August 2021) – Microsoft 51 Vulnerabilities with 7 Critical, Adobe 29 Vulnerabilities
Microsoft Patch Tuesday – August 2021 Microsoft patched 51 vulnerabilities in their August 2021 Patch Tuesday release, and 7 of them are rated as critical severity. Three 0-day vulnerability patches were included in the release. Critical Microsoft Vulnerabilities Patched CVE-2021-36942 - Windows...
QID Spotlight: Discover CBL-Mariner Vulnerabilities using Qualys VMDR
The Qualys vulnerability signatures team has released a new series of signatures detections for CBL-Mariner Common Base Linux, allowing security teams to identify CBL-Mariner hosts and detect their vulnerabilities. CBL-Mariner Common Base Linux is developed by Microsoft and is a Linux distributio...
Tenacity – An Adversary Emulation Tool for Persistence
Persistence is one of the more sought-after techniques of an attacker or adversary. Persistence is achieved through a set of tactics or techniques that adversaries use to maintain their foothold on compromised systems across restarts, changed credentials, and other interruptions that could cut of...
Qualys Research Wins Two 2021 Pwnie Awards
The Qualys Research team won two Pwnie Awards today at Black Hat USA 2021 for discovering and responsibly disclosing these new vulnerabilities: Best Privilege Escalation Bug and Most Under-Hyped Research. The Qualys Research team received these awards: Best Privilege Escalation Bug Heap-based...
Securing Red Hat Enterprise Linux CoreOS in Red Hat OpenShift with Qualys
Qualys full-stack security for Red Hat OpenShift adds visibility, actionable intelligence, and security auditing for Red Hat Enterprise Linux CoreOS, the operating system that underpins OpenShift deployments for running containers securely. With this new offering, Qualys is now the first and only...
Qualys Research Nominated for Pwnie Awards 2021
The Qualys Research team has been nominated for five Pwnie Awards this year in three different categories. In addition to nominations for Best Privilege Escalation Bug 2 nominations and Best Server-Side Bug 2 nominations, the team is also nominated for Most Under-Hyped Research. Qualys is honored...
Top Black Hat USA Sessions for Qualys Customers
Black Hat USA is known for cutting-edge security research, and this year’s conference is no different. If you’re a Qualys customer, here are some Black Hat sessions we think youll find relevant. Next-Gen DFIR: Mass Exploits & Supplier Compromise An investigation of real “next-gen” digital forensi...
CISA Alert: Top Routinely Exploited Vulnerabilities
On July 28, 2021, the U.S. Cybersecurity and Infrastructure Security Agency CISA released a cybersecurity advisory detailing the top 30 publicly known vulnerabilities that have been routinely exploited by cyber threat actors in 2020 and 2021. Organizations are advised to prioritize and apply...
iOS and iPadOS 14.7 and 14.7.1 Security Update: Discover Vulnerabilities and Take Remote Response Action Using VMDR for Mobile Devices
Apple recently released iOS and iPadOS 14.7 and 14.7.1 which include a security update that addresses almost 38 vulnerabilities, among them several critical RCE and privilege escalation vulnerabilities. Qualys recommends that security teams should immediately update all devices running iOS and...
Protect your Devices from Pegasus Spyware using VMDR for Mobile Devices’ Proactive Approach
Pegasus spyware is in the news, and it has been used to target devices of critical people from different sectors and countries including journalists, activists, politicians, and business executives. It has been said that a leaked list of 50,000 phone numbers of potential surveillance targets was...
CVE-2021-33910: Denial of Service (Stack Exhaustion) in systemd (PID 1)
The Qualys Research Team has discovered a stack exhaustion denial-of-service vulnerability in systemd, a near-ubiquitous utility available on major Linux operating systems. Any unprivileged user can exploit this vulnerability to crash systemd and hence the entire operating system a kernel panic...
Sequoia: A Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909)
The Qualys Research Team has discovered a sizet-to-int type conversion vulnerability in the Linux Kernel’s filesystem layer affecting most Linux operating systems. Any unprivileged user can gain root privileges on a vulnerable host by exploiting this vulnerability in a default configuration. Abou...
Google Android July 2021 Security Patch Vulnerabilities: Discover and Take Remote Response Action Using VMDR for Mobile Devices
The recently released Android Security Bulletin for July 2021 addresses 44 vulnerabilities, out of which 7 are rated as critical vulnerabilities. The vulnerabilities affect open-source components such as the Android Framework, Android Media Framework, and Android System. The vulnerabilities also...
Microsoft and Adobe Patch Tuesday (July 2021) – Microsoft 117 Vulnerabilities with 13 Critical, Adobe 26 Vulnerabilities
Microsoft Patch Tuesday – July 2021 Microsoft patched 117 vulnerabilities in their July 2021 Patch Tuesday release, and 13 of them are rated as critical severity. Critical Microsoft Vulnerabilities Patched CVE-2021-34448 – Scripting Engine Memory Corruption Vulnerability This is being actively...
Qualys API Best Practices: Host List Detection API
Host List Detection is your subscriptions list of hosts and their corresponding up-to-date detections including: 1. Confirmed Vulnerability Detections 2. Potential Vulnerability Detections 3. Information Gathered Detections about your system After extracting Host List Detection vulnerability data...
Kaseya REvil Ransomware Attack (CVE-2021-30116) – Automatically Discover and Prioritize Using Qualys VMDR®
On July 2, 2021, Kaseya announced its software had been compromised and was being used to attack the IT infrastructure of its customers. The REvil ransomware attack leveraged multiple zero-day vulnerabilities in Kaseya’s VSA Virtual System/Server Administrator product that helps Kaseya customers ...
Analyzing the REvil Ransomware Attack
Over the past year, there has been a rise in extortion malware, e.g. Nefilim and Darkside, which steal and threaten to publish sensitive data or encrypt it until a ransom is paid. Nowadays, cybercriminals use various techniques to gain their initial foothold within a network in the organization...
Microsoft Windows Print Spooler RCE Vulnerability (PrintNightmare-CVE-2021-34527) – Automatically Discover, Prioritize and Remediate Using Qualys VMDR®
Update July 9, 2021: Added "Registry Settings Check After Installing the Updates" section below. Original Post: On June 29, 2021, a zero-day exploit was observed on Microsoft Windows systems which allows authenticated users with a regular Domain User account to gain full SYSTEM-level privileges. ...
DarkSide Ransomware
DarkSide ransomware is a relatively new ransomware strain that threat actors have been using to target multiple large, high-revenue organizations resulting in the encryption and theft of sensitive data and threats to make it publicly available if the ransom demand is not paid. Because of its...
Microsoft & Adobe Patch Tuesday (June 2021) – Microsoft 50 Vulnerabilities with 5 Critical, Adobe 21 Critical Vulnerabilities
Microsoft Patch Tuesday – June 2021 Microsoft patched 50 CVEs in their June 2021 Patch Tuesday release, and five of them are rated as critical severity. Six have applicable exploits. Critical Microsoft Vulnerabilities Patched CVE-2021-31985 – Microsoft Defender Remote Code Execution Vulnerability...
Monitor Windows Registry Changes with Qualys File Integrity Monitoring
With Windows registries storing a large number of programs and OS security settings and a large amount of raw data, threat actors have begun to use those registries as a data store for their malicious activity. It is therefore imperative for organizations to monitor changes in Windows registries ...
Reinforce Defense with File Reputation and Trusted Source Intelligence in Qualys FIM
Monitoring change events in the file system is both a crucial aspect of security and a critical compliance requirement. A file integrity monitoring tool functions as an essential layer of defense to identify illicit activities across critical system files and registries, diagnose changes, and sen...
Reinventing Cybersecurity Asset Management
Because security teams need their own asset inventory solution In conversations with our customers, it’s very clear that organizations need to establish a comprehensive view of their IT asset infrastructure because you can’t secure what you don’t know or can’t see. But that comprehensive view nee...
Introducing CyberSecurity Asset Management
With the rapid expansion of new IT technologies and their growing adoption rate, organizations face an increasing problem in securing their myriad on-premises, virtual & cloud-based assets. Add to that the explosion of intelligent devices on the corporate network and you have a huge landscape to...
Nefilim Ransomware
Over the past year there has been a rise in extortion malware that focuses on stealing sensitive data and threatening to publish the data unless a ransom is paid. This technique bypasses some of the mitigations put in place, such as backups, which would allow IT organizations to recover data...
Microsoft & Adobe Patch Tuesday (May 2021) – Qualys covers 85 Vulnerabilities, 26 Critical
Microsoft Patch Tuesday – May 2021 Microsoft patched 55 CVEs in their May 2021 Patch Tuesday release, of which 4 are rated as critical severity. Three 0-day vulnerability patches were included in the release. As of this publication date, none have been exploited. Qualys released 12 QIDs on the sa...
Google Android May 2021 Security Patch Vulnerabilities: Discover and Take Remote Response Action Using VMDR for Mobile Devices
The recently released Android Security Bulletin for May 2021 addresses 40 vulnerabilities, out of which 4 are rated as critical vulnerabilities. The vulnerabilities affect open-source components such as the Android Framework, Android Media Framework, Android System, and Android’s Linux Kernel for...
21Nails: Multiple Critical Vulnerabilities in Exim Mail Server
Update May 7, 2021: Exim has released a security update to address multiple vulnerabilities in Exim versions prior to 4.94.2. See the CISA announcement. Original Post: The Qualys Research Team has discovered multiple critical vulnerabilities in the Exim mail server, some of the which can be chain...
The Convergence of Endpoint Protection with Detection & Response
By almost every account, trend, or metric, the cybersecurity threat landscape is getting worse year over year. According to Qualys Labs, 2020 saw the highest number of vulnerabilities ever recorded. The average time it takes to patch vulnerabilities is months not weeks or days. Ransomware payouts...
iOS / iPadOS 14.5 Updates: Identify Assets Requiring Update and Take Remote Action with VMDR for Mobile Devices
Apple recently released iOS 14.5 and iPadOS 14.5 which include a security update that addresses almost 50 vulnerabilities including several critical RCE and privilege escalation vulnerabilities. Qualys recommends security teams to immediately update all devices running iOS and iPadOS to the lates...
WhatsApp Vulnerabilities: Automatically Discover and Remediate Using VMDR for Mobile Devices
WhatsApp has recently fixed critical and high-severity vulnerabilities affecting WhatsApp for Android, WhatsApp Business for Android, WhatsApp for iOS, and WhatsApp Business for iOS. The Indian Computer Emergency Response Team CERT-In has issued a high-severity security warning for WhatsApp users...