1093 matches found
Auto-Discover and Secure Middleware Instances in Your Environment
Enterprise middleware plays a critical role in bringing together many moving parts within an organization, ensuring efficient collaboration, seamless integration and interoperability. A systematic evaluation of middleware architectures is important to thoroughly assess the overall security and...
Microsoft Windows TCP/IP Remote Code Execution Vulnerability (CVE-2020-16898) – Automatically Discover, Prioritize and Remediate Using Qualys VMDR®
On October 13, 2020, Microsoft fixed a critical remote code execution vulnerability in the Windows TCP/IP stack for handling ICMPv6 Router Advertisement packets. While Microsoft ranks this vulnerability as “Exploitation More Likely,” we may see a proof-of-concept released soon. The security issue...
Discover A10 Networks Advanced Core OS Vulnerabilities using Qualys VMDR
The Qualys vulnerability signatures team has released a new series of signatures detections for A10 Networks ACOS Advanced Core Operating System, allowing security teams to identify A10 hosts and detect their vulnerabilities. A10 Advanced Core Operating System with true Scalable Symmetrical...
October 2020 Patch Tuesday – 87 Vulnerabilities, 11 Critical, SharePoint, TCP/IP Stack, Graphics, Adobe Vulns
This month’s Microsoft Patch Tuesday addresses 87 vulnerabilities with 11 of them labeled as Critical. The 11 Critical vulnerabilities cover TCP/IP Stack, SharePoint, Windows Camera Codec Pack, Graphics and several other workstation vulnerabilities. Adobe issued patches today for Adobe Flash...
Instrument VMware Virtual Machines for Security and Compliance
How do you ensure Qualys is managing the security and compliance of all your VMware workloads? First, you need to have Qualys Cloud Agent installed and running on all of your VMware virtual machines. While VMware vCenter knows the exact inventory of your virtual machines at all times, it doesn’t...
Detecting HTTP Request Smuggling with Qualys WAS
HTTP Request Smuggling HRS is a web application vulnerability that enables an attacker to craft a single request that hides a second request within the body of the first request. HRS enables the following types of attack: Web cache poisoning Web cache deception Session hijacking Cross-site...
PAN-OS Critical Buffer Overflow Vulnerability (CVE-2020-2040) – Automatically Discover, Prioritize and Remediate Using Qualys VMDR®
On Sept 9, 2020, Palo Alto Networks published nine security bulletins addressing vulnerabilities in PAN-OS operating system versions 8.0 or later. One of the nine CVEs released, CVE-2020-2040, received a critical severity rating score of 9.8 based on the CVSS v3 Scoring system. PAN-OS devices are...
Vulnerability Detection Pipeline (Beta)
Update October 22, 2020: The Vulnerability Detection Pipeline beta has been updated to include detections of all severities. It now gives visibility into upcoming and recently published detections with severity 3, 2 and 1 in addition to severity 5 and 4. The pipeline also supports a URL parameter...
Microsoft Netlogon Vulnerability (CVE-2020-1472 – Zerologon) – Automatically Discover, Prioritize and Remediate Using Qualys VMDR®
Update October 1, 2020: Microsoft has added step-by-step Zerologon patching instructions because the original instructions "proved confusing to users and may have caused issues with other business operations." Update October 1, 2020: Qualys released new QID 91680 to add a remote unauthenticated...
Discover Gentoo Linux Vulnerabilities using Qualys VMDR
The Qualys vulnerability signatures team has released a new series of signatures detections for Gentoo Linux, allowing security teams to identify Gentoo Linux hosts and detect their vulnerabilities. Gentoo Linux is a Linux distribution built using the Portage package management system. It is a fr...
September 2020 Patch Tuesday – 129 Vulnerabilities, 23 Critical, SharePoint, Exchange, Windows Codecs, Adobe Vulns
This month’s Microsoft Patch Tuesday addresses 129 vulnerabilities with 23 of them labeled as Critical. The 23 Critical vulnerabilities cover SharePoint, Exchange, Dynamics 365, Windows Codecs, and several other workstation vulnerabilities. Adobe released patches today for Experience Manager,...
Detect FritzFrog and Other Malware Infections with Inventory Data
Recently, Guardicore researchers discovered a new type of malware called “FritzFrog,” which targets multiple industry verticals, including government, finance, and healthcare. It employs brute-forcing SSH credentials as an initial attack vector, uses a proprietary P2P protocol to efficiently...
Discover EulerOS Vulnerabilities using Qualys VMDR
The Qualys vulnerability signatures team has released a new series of signatures detections for EulerOS, allowing security teams to identify EulerOS hosts and detect their vulnerabilities. EulerOS is a Linux distribution developed by Huawei Technologies and widely adopted by customers in Asia,...
Meow Attack: A Reminder for Organizations to Identify and Secure Their Databases
Thousands of unsecured internet-facing databases have fallen prey to the “Meow” attack and have been permanently destroyed. Meow attacks replace the original index with a newly created one with the suffix “-meow”. With no ransomware demands or any other explanatory note, the attackers seem to hav...
Automated Discovery and Assessment of PaaS Databases with Lambda Service for Qualys Policy Compliance
In the last several years, Platform as a Service PaaS solutions have evolved and matured. As organizations have focused on digital transformation, there has been a major shift towards adopting PaaS solutions driven by benefits including scalability, agility, faster deployment, and cost-effective...
August 2020 Patch Tuesday – 120 Vulnerabilities, 17 Critical, Media Foundation, Windows Codecs, Workstation, Adobe
This month’s Microsoft Patch Tuesday addresses 120 vulnerabilities with 17 of them labeled as Critical. The 17 Critical vulnerabilities cover Media Foundation, .NET Framework, Browsers, Scripting Engines, Office, Outlook, Windows Codecs and several other workstation vulnerabilities. Adobe release...
Continuous Monitoring and Beyond
As security professionals, we struggle with the high volume of data we need to sort through while trying to parse out the critical alerts that are important for us to take immediate action upon. Being at the forefront of innovation for the past 20 years, Qualys offers 20 plus solutions which all...
Join us at Black Hat USA 2020!
Qualys is excited to present two sponsored sessions at the Black Hat USA 2020 virtual event, open to all attendees with the free Business Hall pass. Register or log in to Black Hat USA 2020, and then view and register for these free sessions. Join us to learn about our new multi-vector EDR soluti...
GRUB2 Boothole Buffer Overflow Vulnerability (CVE-2020-10713) – Automatically Discover, Prioritize and Remediate Using Qualys VMDR®
On July 29, 2020, Eclypsium researchers disclosed a high-risk vulnerability in GRUB2 GRand Unified Bootloader version 2 affecting billions of Linux and Windows systems, even when secure boot is enabled. CVE-2020-10713 is assigned to this buffer overflow vulnerability, termed as “Boothole”...
Automatically Discover, Prioritize and Remediate Windows DNS Vulnerability (SigRed – CVE-2020-1350) Using Qualys VMDR®
On July 14, 2020, Microsoft issued a new security advisory on Microsoft Windows Patch Day – addressing CVE-2020-1350, also known as SigRed – a remote code execution vulnerability in Windows Domain Name System DNS servers. The security issue has received a critical severity rating score of 10.0...
July 2020 Patch Tuesday – 123 Vulnerabilities, 18 Critical, Hyper-V RemoteFX, DNS Server, Workstation, Adobe
This month’s Microsoft Patch Tuesday addresses 123 vulnerabilities with 18 of them labeled as Critical. The 18 Critical vulnerabilities cover Hyper-V, DNS Server, PerformancePoint, SharePoint Server, Office, Outlook, Remote Desktop, and several other workstation vulnerabilities. Adobe issued...
F5 BIG-IP Remote Code Execution Vulnerability (CVE-2020-5902)
Update July 10, 2020: F5 updated their mitigation section of security advisory on July 8, 2020 at 17:00 Pacific time, and provided a new mitigation mechanism to help customers mitigate currently known unauthenticated exploits. Qualys also updated QID 38791 to reflect these changes and are availab...
Add Ergonomic Security to Your CI/CD Pipeline
Wikipedia defines ergonomics as “the application of psychological and physiological principles to the engineering and design of products, processes, and systems. The goal … is to reduce human error, increase productivity, and enhance safety and comfort with a specific focus on the interaction...
Ripple20: Multiple Vulnerabilities Identified in Treck TCP/IP Stack
Multiple vulnerabilities that use a low-level TCP/IP software library developed by Treck, Inc. were identified recently in implementations of the Treck IP stack for embedded systems. These vulnerabilities were discovered by the JSOF research lab and have been named Ripple20. Ripple20...
Secure Your Global Remote Workforce
Update June 9, 2020: Qualys adds Malware Detection to Free 60-Day Remote Endpoint Protection offering. This post has been updated to reflect this new Malware Detection capability. IT organizations around the world are responding to the challenge posed by COVID-19 by ensuring that employees are ab...
June 2020 Patch Tuesday – 128 Vulns, 11 Critical, Sharepoint, Workstation, Adobe Patches
This month’s Microsoft Patch Tuesday addresses 128 vulnerabilities with 11 of them labeled as Critical. The 11 Critical vulnerabilities cover SharePoint server, Browsers, Scripting Engines, Windows, GDI+, OLE and LNK files. Adobe issued patches today for Experience Manager, Flash Player and...
Product, API & Library Notifications Move to Notifications.qualys.com
Qualys has consolidated notifications of new product features, API changes, and policy library updates at Qualys Notifications to make it easier for our customers to track these changes in one place. Now you will find important notifications such as the latest new Qualys Cloud Platform app...
NSA Announces Sandworm Actors Exploiting Exim MTA Vulnerability (CVE-2019-10149)
The Exim MTA vulnerability, initially reported by Qualys in May 2019, is currently being exploited in the wild. Recently, the US National Security Agency NSA announced that Sandworm actors Russian hacker group have been actively exploiting the Exim Mail Transfer Agent vulnerability. Qualys releas...
The European Cybersecurity Blogger Awards 2020 – Meet the Finalists
Qualys is sponsoring the EU Cybersecurity Blogger Awards for 2020, representing a ‘who’s who’ of people that write and share their opinions around the security sector. Ahead of the winners being announced on the 2nd of June, we thought we’d ask some questions around what is taking place in securi...
Qualys Adds Cloud Agent Linux Support for AWS ARM-Based EC2 Instances
Releasing this week May 26, 2020, Qualys adds Cloud Agent Linux support for Amazon Web Services EC2 instances powered by ARM processors including the new Graviton2 processor. AWS Graviton2 processors power Amazon EC2 M6g, C6g, and R6g instances that provide up to 40% better price performance over...
Verizon Data Breach Investigations Report 2020
One of the most respected publications in cybersecurity is the Verizon Data Breach Investigations Report DBIR, analyzing over 150,000 incidents and providing a comprehensive analysis covering the 32,002 incidents and 3950 breaches that meet Verizon's quality standards. I liked very much how they...
Policy Compliance Library Updates, May 2020
Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from OS an...
May 2020 Patch Tuesday – 111 Vulns, 16 Critical, SharePoint, VS Code, Adobe Patches
Continuing the trend of large Microsoft Patch Tuesdays, this month’s addresses 111 vulnerabilities with 16 of them labeled as Critical. The 16 Critical vulnerabilities cover SharePoint, Browsers, Scripting Engines, Media Foundation, Microsoft Graphics, Microsoft Color Management, and the VS Code...
Qualys Community Migration to Salesforce Platform
Update June 9: The Qualys Community discussion forums upgrade is complete. Please visit the new discussions at . If you have an existing Qualys Community account login to https://discussions.qualys.com/, you have received a password reset email because a password reset is required for access to...
Qualys Cloud Platform 10.1.0 New Features
The upcoming release of the Qualys Cloud Platform VM, PC, version 10.1.0, includes several new features and enhancements in Qualys Cloud Platform and Qualys Policy Compliance. This release will also add support for new technologies in Qualys Policy Compliance for OCA. 10.1.0 is scheduled to go li...
Policy Compliance Library Updates, April 2020
Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from OS an...
Qualys Response to Rapid7’s False Claims on VMDR
As remote working is becoming the need of the hour, IT and Security teams are working tirelessly to ensure continuity of services and deliver on all aspects of the business. To help our customers in these challenging times, we launched a 60-day no-cost ‘Remote Endpoint Protection’ service for...
April 2020 Patch Tuesday – 113 Vulns, 19 Critical, Zero-Day Patches, SharePoint, Adobe ColdFusion
This month’s Microsoft Patch Tuesday addresses 113 vulnerabilities with 19 of them labeled as Critical. The 19 Critical vulnerabilities cover Adobe Font Manager Library 0-day, SharePoint, Hyper-V, Scripting Engines, Media Foundation, Microsoft Graphics, Windows Codecs, and Dynamics Business...
Secure Remote Endpoints from Vulnerabilities in Video Conferencing & Productivity Applications like Zoom
With millions working, learning and collaborating remotely due to COVID-19 challenges, there's an explosion of remote endpoints running Zoom and other collaboration and productivity applications such as Outlook, Teams, Webex, Slack, Office 365 and more. As remote endpoints are accessing...
New Features in Qualys Vulnerability Management and Policy Compliance
Today we are excited to announce several new features, workflows, and new technology support in Qualys Vulnerability Management and Policy Compliance. These new features will be deployed as a part of QWEB 10.0 and Portal 3.0 release versions. Vulnerability Management Launch and Schedule scans...
Real-Time Alerting and Incident Management for Unauthorized Changes
The security landscape is constantly changing, and you need to adopt proactive measures to stay ahead of security breaches by being extremely vigilant about every little change in your environment. In our previous blog, we discussed how you can leverage the ready-to-use monitoring profiles in you...
Qualys Cloud Platform 3.0 New Features
This release of the Qualys Cloud Platform version 3.0 includes updates and new features for Vulnerability Management, highlights as follows. Vulnerability Management The following features apply to all subscriptions that are currently using the Vulnerability Management Dashboard beta. With this...
Secure ElasticSearch, Kafka & Other Microservices with Qualys Cloud Platform
In this era of Digital Transformation, microservices are rapidly gaining popularity within continuously deployed systems. Organizations have moved away from the rigid monolithic architectures to more flexible ones that are based on microservices. Lots of organizations handling large amounts of...
Automatically Discover, Prioritize and Remediate Windows Adobe Type Manager Library Remote Code Execution Vulnerability (ADV200006) using Qualys VMDR®
On March 23, Microsoft released zero day advisory ADV200006 to address two critical remote code execution vulnerabilities in Adobe Type Manager Library that affects multiple versions of Windows and Windows Server. The vulnerabilities exist within the way that Windows parses OpenType fonts. For...
How to Install the Qualys Cloud Agent for Remote Workforce
The Qualys Cloud Agent can be automatically deployed using any third-party software deployment tools including Microsoft SCCM, Microsoft Intune, Microsoft GPO, HCL BigFix, Dell KACE, and others. For remote or roaming users, deploying packages using software deployment tools requires that the targ...
Microsoft Released Out-of-Band Advisory – Windows Adobe Type Manager Library Remote Code Execution Vulnerability (ADV200006)
Today, Microsoft released an out-of-band security advisory ADV200006 to address two critical remote code execution vulnerabilities in Adobe Type Manager Library. Microsoft is also aware of limited, targeted attacks that attempt to leverage this vulnerability. The Vulnerability Microsoft Windows...
Cyber Criminals using Coronavirus Fears to Spread Information-Stealing Malware
Cyber criminals have been leveraging trending cultural and viral news items that drive interest from millions of individuals as mechanisms to target and distribute malware easily and effectively. In the past, cyber criminals have used topics including international sports championships, celebrity...
Qualys Cloud Platform: Continuity of Service in Response to COVID-19
I would like to share Qualys' response to the heightening coronavirus COVID-19 outbreak and outline the steps we are taking to ensure continuity of service for our customers and also ensure the health and well-being of our employees. Qualys has a comprehensive business continuity and emergency...
Automatically Discover, Prioritize and Remediate Microsoft SMBv3 RCE Vulnerability (CVE-2020-0796) using Qualys VMDR
This month’s Patch Tuesday, Microsoft disclosed a critical “wormable” remote code execution RCE vulnerability in Microsoft Server Message Block 3.1.1 SMBv3 protocol. The exploitation of this vulnerability opens systems up to a 'wormable' attack, which means it would be easy to move from victim to...
Automated and Scalable Audit Workflows with Qualys Security Assessment Questionnaire
Risk and compliance management is a multi-faceted domain with concentrated endeavors towards reducing unacceptable risk potential that could disrupt business, or otherwise negatively impact business performance. IT GRC Governance, Risk and Compliance comprises many tasks related to business and I...