Lucene search
K
QualysblogRecent

1089 matches found

Qualys Blog
Qualys Blog
added 2020/03/07 12:58 a.m.80 views

Identifying Let’s Encrypt Revoked Certificates

Let's Encrypt is a free, automated, open certificate authority CA run for the public's benefit as a service from the Internet Security Research Group ISRG. It provides free digital certificates to enable HTTPS SSL/TLS for websites via user-friendly means. Earlier this week, Let's Encrypt announce...

1AI score
Exploits0
Qualys Blog
Qualys Blog
added 2020/03/06 5:42 a.m.34 views

Qualys Cloud Platform 2.44 New Features

This release of the Qualys Cloud Platform version 2.44 includes updates and new features for Cloud Agent and Web Application Scanning, highlights as follows. Cloud Agent User Interface "License Overview" changing to "Activation Overview" on Dashboard – The references to License have been changed ...

7.5AI score
Exploits0
Qualys Blog
Qualys Blog
added 2020/03/06 1:11 a.m.180 views

Automatically Discover, Prioritize and Remediate Apache Tomcat AJP File Inclusion Vulnerability (CVE-2020-1938) using Qualys VMDR

A severe vulnerability exists in Apache Tomcat’s Apache JServ Protocol. The Chinese cyber security company Chaitin Tech discovered the vulnerability, which is named "Ghostcat" and is tracked using CVE-2020-1938. The security issue has received a critical severity rating score of 9.8 based on CVSS...

7.5CVSS10AI score0.9927EPSS
Exploits45
Qualys Blog
Qualys Blog
added 2020/02/20 2:59 p.m.41 views

Policy Compliance Library Updates, February 2020

Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from OS an...

1.6AI score
Exploits0
Qualys Blog
Qualys Blog
added 2020/02/14 1:9 a.m.57 views

Detections Released for ESU Updates on EOL Windows 7, 2008 and 2008 R2

For the February 2020 Patch Tuesday, Microsoft released security updates for Windows 7, 2008 and 2008 R2 systems which are already end of life. Qualys released Patch Tuesday detections QIDs which check for these new ESU patches as well. Update: Qualys released IG QID 45424 to identify the presenc...

1AI score
Exploits0
Qualys Blog
Qualys Blog
added 2020/02/12 3:0 p.m.31 views

Intuitive and Ready-to-Use Monitoring Profiles for Compliance Regulations

Detecting changes from a baseline established for files and file paths and receiving instant alerts about them is crucial to ensure security within a monitored environment. File tampering is an indicator of illicit activity, and authorized users must be alerted whenever changes in a critical file...

0.1AI score
Exploits0
Qualys Blog
Qualys Blog
added 2020/02/11 7:47 p.m.653 views

February 2020 Patch Tuesday – 99 Vulns, 12 Critical, Patch for IE 0-Day, Exchange Vuln, Adobe Vulns

This month’s Microsoft Patch Tuesday addresses 99 vulnerabilities with 12 of them labeled as Critical. Of the 12 Critical vulns, 7 are for browser and scripting engines, 2 are for Remote Desktop Client, and the remaining 3 are for LNK files, Media Foundation, and Windows. The IE 0-day disclosed i...

9.3CVSS2AI score0.99965EPSS
Exploits47
Qualys Blog
Qualys Blog
added 2020/02/10 7:8 p.m.32 views

Top 5 Reasons to Attend Qualys Security Conference 2020 San Francisco

Are you interested in exploring the profound impact of digital transformation on the security industry, and how that impact affects practitioners? Are you planning to be in San Francisco during RSA Conference week? If yes, join us at Qualys Security Conference 2020 San Francisco on February 25!...

6.9AI score
Exploits0
Qualys Blog
Qualys Blog
added 2020/02/07 7:38 p.m.240 views

New EOL QIDs for Microsoft Windows 7 and 2008/R2

Qualys Vulnerability Signature, version 2.4.815-2, will include EOL QIDs detections for end-of-life software for Windows 7, Windows 2008, and Windows 2008 R2. Customers will be able to scan the QIDs shown below using Qualys Vulnerability Management VM: QID 105859 - EOL/Obsolete Operating System:...

1.6AI score
Exploits0
Qualys Blog
Qualys Blog
added 2020/02/04 3:22 p.m.80 views

Actionable Searching and Data Download with Vulnerability Management Dashboards

Qualys is introducing the ability to download data from your vulnerability management dashboards. With Qualys Vulnerability Management Dashboards, you can use Qualys Query Language QQL to query the data in your subscription and build vulnerability- and asset-centric dashboards that show your...

0.4AI score
Exploits0
Qualys Blog
Qualys Blog
added 2020/01/29 5:4 p.m.216 views

OpenBSD OpenSMTPD Remote Code Execution Vulnerability (CVE-2020-7247)

Qualys Research Labs discovered a vulnerability in OpenBSD's OpenSMTPD mail server that allows an attacker to execute arbitrary shell commands with elevated privileges. OpenBSD developers have confirmed the vulnerability and also quickly provided a patch. Proof-of-concept exploits are published i...

10CVSS0.6AI score0.98946EPSS
Exploits27
Qualys Blog
Qualys Blog
added 2020/01/28 1:20 a.m.51 views

Qualys Cloud Platform 2.43 New Features

This release of the Qualys Cloud Platform version 2.43 includes updates and new features for Web Application Scanning, highlights as follows. Web Application Scanning Editable QID Severity – The severity of WAS QIDs can now be changed to better match your organization's internal policies...

7.1AI score
Exploits0
Qualys Blog
Qualys Blog
added 2020/01/24 4:0 p.m.110 views

WordPress Database Reset Plugin Vulnerability (CVE-2020-7047, CVE-2020-7048)

A vulnerability recently disclosed by Wordfence and published as CVE-2020-7047 and CVE-2020-7048 allows an attacker to take over vulnerable WordPress-based websites. Functionality in the WP Database Reset plugin introduced the vulnerability, which allows any unauthenticated user to reset any tabl...

6.5CVSS9.2AI score0.22928EPSS
Exploits4
Qualys Blog
Qualys Blog
added 2020/01/23 4:0 p.m.26 views

Detect Unauthorized Processes Making Changes in Your Environment with Qualys File Integrity Monitoring

With the average cost of a data breach exceeding $3.5 million as per Cost of a Data Breach Report, almost all organizations these days adopt stringent policies in order to safeguard their confidential business and customer information. Strong RBAC-driven systems have certainly made it difficult f...

0.3AI score
Exploits0
Qualys Blog
Qualys Blog
added 2020/01/17 4:10 p.m.57 views

LibMiner: Container-Based Cryptocurrency Miner Targeting Unprotected Redis Servers

Qualys is actively tracking threats which target containers. In our recent analysis, we have identified a few docker instances executing a malware which we term as “LibMiner”. This malware has the capability to deploy and execute Cryptominer. It uses a unique technique for lateral movement across...

0.8AI score
Exploits0
Qualys Blog
Qualys Blog
added 2020/01/15 4:55 p.m.46 views

Policy Compliance Library Updates, January 2020

Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from OS an...

0.2AI score
Exploits0
Qualys Blog
Qualys Blog
added 2020/01/15 4:0 p.m.1967 views

Introducing Periscope: Out-of-Band Vulnerability Detection Mechanism in Qualys WAS

Web applications and REST APIs can be susceptible to a certain class of vulnerabilities that can't be detected by a traditional HTTP request-response interaction. These vulnerabilities are challenging to find but provide a way for attackers to target otherwise inaccessible, internal systems. An...

7.5CVSS9.9AI score0.99964EPSS
Exploits35
Qualys Blog
Qualys Blog
added 2020/01/14 10:57 p.m.660 views

Microsoft Windows CryptoAPI Spoofing Vulnerability (CVE-2020-0601) – How to Detect and Remediate

Update January 31, 2020: Client testing is now available at clienttest.ssllabs.com. Update January 15, 2020: Detection dashboard now available. Today, Microsoft released patch for CVE-2020-0601, aka Curveball, a vulnerability in windows "crypt32.dll" component that could allow attackers to perfor...

5.8CVSS0.4AI score0.89436EPSS
Exploits14
Qualys Blog
Qualys Blog
added 2020/01/14 7:34 p.m.194 views

January 2020 Patch Tuesday – 50 Vulns, 8 Critical, Adobe Vulns

This month’s Microsoft Patch Tuesday addresses 50 vulnerabilities with only 8 of them labeled as Critical. Of the 8 Critical vulns, one is for browser and scripting engines, 3 are for .NET Framework and one for ASP.NET. In addition, Microsoft has patched 3 critical RCEs in Remote Desktop Gateway...

10CVSS1.4AI score0.89436EPSS
Exploits23
Qualys Blog
Qualys Blog
added 2020/01/09 12:12 a.m.4411 views

Citrix ADC and Gateway Remote Code Execution Vulnerability (CVE-2019-19781)

Update January 17, 2020: A new detection in Qualys Web Application Scanning was added. See "Detecting with Qualys WAS" below. Citrix released a security advisory CVE-2019-19781 for a remote code execution vulnerability in Citrix Application Delivery Controller ADC and Citrix Gateway products. The...

7.5CVSS10AI score0.99999EPSS
Exploits48
Qualys Blog
Qualys Blog
added 2020/01/08 3:49 p.m.29 views

The New Year Calls for a Change in the OT Industry’s State of Security

In 2014, a Western European steel mill suffered serious damage from a phishing attack that penetrated its IT and Operational Technology OT networks the software and hardware dedicated to monitoring and controlling physical devices where attackers gained control of plant equipment. In 2018, 74% of...

1AI score
Exploits0
Qualys Blog
Qualys Blog
added 2020/01/06 4:0 p.m.61 views

Securing Databases with Qualys Policy Compliance

Data is the most valuable asset that an organization holds, and the most common target for malicious attackers. According to Forbes, in the first six months of 2019, data breach incidents exposed an astounding 4.1 billion records worldwide. Hackers successfully attacked government agencies as wel...

0.1AI score
Exploits0
Qualys Blog
Qualys Blog
added 2019/12/27 6:1 p.m.3743 views

Top 19+ Vulnerability CVEs in Santa’s Dashboard Tracking

A recent report identified 19+ vulnerabilities that should be mitigated by end of year 2019. These are a range of top vulnerabilities attacked and leveraged by Advance Persistent Threat APT actors from all parts of the world. The list below shows those top 19 vulnerabilities, and it should be no...

10CVSS0.3AI score0.99999EPSS
Exploits494
Qualys Blog
Qualys Blog
added 2019/12/20 4:0 p.m.229 views

Blue is a color we love but can’t Keep!

Recent reports this year revealed nearly 1 million computer systems are still vulnerable and exposed to BlueKeep in the wild. These systems are still easy targets for an unauthenticated attacker or malware to execute code leveraging this patchable vulnerability. Because so many systems are still...

10CVSS1.3AI score0.99999EPSS
Exploits123
Qualys Blog
Qualys Blog
added 2019/12/19 11:41 p.m.35 views

Policy Compliance Library Updates, December 2019

Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from OS an...

0.1AI score
Exploits0
Qualys Blog
Qualys Blog
added 2019/12/19 4:20 p.m.50 views

Qualys FIM Profile Library Updates, December 2019

The library of out-of-the-box profiles in Qualys File Integrity Monitoring FIM, with their preconfigured content, provide a scalable solution to detect and identify critical changes, incidents, and risks resulting from normal as well as malicious events. With the help of these profiles, users can...

7.3AI score
Exploits0
Qualys Blog
Qualys Blog
added 2019/12/17 4:0 p.m.26 views

Announcing New Customer Support Portal and Unified Search

Qualys is rolling out new unified search and an improved online customer support experience, along with Support content integrated directly into Qualys Community. It's coming in January 2020. These new features are part of our efforts to enable customer success with an integrated community...

6.9AI score
Exploits0
Qualys Blog
Qualys Blog
added 2019/12/12 12:49 a.m.261 views

OpenBSD Local Privilege Escalation Vulnerability (CVE-2019-19726)

Qualys Research Labs discovered a local privilege escalation vulnerability in OpenBSD's dynamic loader. The vulnerability could allow local users or malicious software to gain full root privileges. OpenBSD developers have confirmed the vulnerability and released security patches in less than 3...

7.5CVSS1.4AI score0.03522EPSS
Exploits14
Qualys Blog
Qualys Blog
added 2019/12/11 3:12 p.m.70 views

CVE-2019-11016: Open Redirect Vulnerability

Earlier this year the Qualys Web Application Scanning team discovered and reported an open redirect vulnerability CVE-2019-11016 in Elgg, an open source rapid development framework for socially aware web applications, which the Elgg team promptly fixed. Versions of the Elgg framework before 1.12....

5.8CVSS6.1AI score0.01188EPSS
Exploits0
Qualys Blog
Qualys Blog
added 2019/12/10 7:4 p.m.66 views

December 2019 Patch Tuesday – 36 Vulns, 7 Critical, Actively Attacked Win32k vuln, Adobe vulns

This month's Patch Tuesday is rather light and addresses 36 vulnerabilities, with only 7 labeled as Critical. Five of the seven Critical vulns are in Git for Visual Studio. The others are for Hyper-V and Win32k. Also, there is one actively attacked "Important" vuln in Win32k. Adobe released patch...

9.3CVSS1.8AI score0.74438EPSS
Exploits10
Qualys Blog
Qualys Blog
added 2019/12/05 2:34 a.m.124 views

OpenBSD Multiple Authentication Vulnerabilities

Multiple authentication vulnerabilities in OpenBSD have been disclosed by Qualys Research Labs. The vulnerabilities are assigned following CVEs: CVE-2019-19522, CVE-2019-19521, CVE-2019-19520, CVE-2019-19519. OpenBSD developers have confirmed the vulnerabilities and also provided a quick response...

7.5CVSS0.7AI score0.02736EPSS
Exploits8
Qualys Blog
Qualys Blog
added 2019/12/04 5:7 a.m.60 views

Qualys Cloud Platform 2.42 New Features

This release of the Qualys Cloud Platform version 2.42 includes updates and new features for Web Application Scanning, highlights as follows. Web Application Scanning Additional XSS Payloads – A new option is available to have additional XSS payloads used in a standard vulnerability scan...

0.2AI score
Exploits0
Qualys Blog
Qualys Blog
added 2019/12/03 9:2 p.m.30 views

Streamlining and Automating Compliance

There are seemingly countless regulatory and industry frameworks out there that organizations have to navigate and comply with. SOX Sarbanes-Oxley, PCI-DSS Payment Card Industry Data Security Standard, GDPR General Data Protection Regulation, HIPAA Health Insurance Portability and Accountability...

0.1AI score
Exploits0
Qualys Blog
Qualys Blog
added 2019/11/28 3:0 p.m.77 views

Qualys Cloud Platform 8.22 New Features (VM, PC)

Update December 11, 2019: See additional details about this release. The 8.22.0 release adds several new features in Qualys Cloud Platform, adds a new API in Policy Compliance and support for 2 new technologies for OCA. Feature Highlights Qualys Cloud Platform Support for DNS tracking – You can n...

7.1AI score
Exploits0
Qualys Blog
Qualys Blog
added 2019/11/25 9:30 p.m.25 views

Policy Compliance Library Updates, November 2019

Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from OS an...

Exploits0
Qualys Blog
Qualys Blog
added 2019/11/21 12:1 a.m.49 views

The Power and Future of the Qualys Cloud Platform

Qualys Security Conference 2019 kicked off this morning at the Bellagio hotel in Las Vegas. The event actually began on Monday with training sessions over the first two days, but this morning hundreds of attendees filled a conference room to listen to keynote presentations about the state of...

7.2AI score
Exploits0
Qualys Blog
Qualys Blog
added 2019/11/12 7:28 p.m.493 views

November 2019 Patch Tuesday – 74 vulns, 13 Critical, Actively Attacked IE vuln, Hyper-V escapes, Adobe

This month’s Microsoft Patch Tuesday addresses 74 vulnerabilities with 13 of them labeled as Critical. Of the 13 Critical vulns, 5 are for browsers and scripting engines. Out of the 8 remaining Critical vulns, 4 are potential hypervisor escapes in Hyper-V, as well as vulnerabilities in Microsoft...

9CVSS1.6AI score0.72626EPSS
Exploits3
Qualys Blog
Qualys Blog
added 2019/11/11 6:20 p.m.78 views

Qualys Cloud Platform 8.21.7 New Features

Update November 27, 2019: The features referenced in this blog post will be released in Qualys Cloud Platform release 8.22. Update November 19, 2019: The features referenced in this blog post will be released in the next Qualys Cloud Platform release scheduled for December 2019, and will be...

0.1AI score
Exploits0
Qualys Blog
Qualys Blog
added 2019/11/04 9:50 p.m.303 views

BlueKeep Attacks Observed Months after Initial Release

The BlueKeep vulnerability, initially released in May 2019, is currently being exploited in the wild. Cybersecurity researchers have spotted initial attacks of Bluekeep RDP vulnerability. Here's a reminder about BlueKeep and instructions for using Qualys to identify attacks and remediate this...

10CVSS1.3AI score0.99999EPSS
Exploits123
Qualys Blog
Qualys Blog
added 2019/11/04 9:46 a.m.66 views

Policy Compliance Library Updates, October 2019

Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from OS an...

0.1AI score
Exploits0
Qualys Blog
Qualys Blog
added 2019/10/31 5:30 p.m.84 views

Qualys Cloud Platform 8.21.6 New Features

Update Nov 19, 2019: This blog post was updated with additional detail about the new features in 8.21.6. The 8.21.6 release adds several new features in Qualys Cloud Platform, Policy Compliance, and Vulnerability Management. Apart from various other new features, this release adds support for App...

0.4AI score
Exploits0
Qualys Blog
Qualys Blog
added 2019/10/31 3:0 p.m.32 views

5 Reasons to Attend Qualys Security Conference 2019

Qualys is a leader in cybersecurity and one of the more recognizable and respected names in the industry. It should be. The company has been around for 20 years, and it continues to innovate and push the envelope. Later this month, Qualys will take over Bellagio Hotel in Las Vegas for the Qualys...

7.2AI score
Exploits0
Qualys Blog
Qualys Blog
added 2019/10/30 7:40 p.m.5454 views

PHP Remote Code Execution Vulnerability (CVE-2019-11043)

Certain versions of PHP 7 running on NGINX with php-fpm enabled can be vulnerable to the remote code execution vulnerability CVE-2019-11043. Given the simplicity of the exploit, all web servers using the vulnerable version of PHP should be upgraded to non-vulnerable PHP versions as soon as...

7.5CVSS9.8AI score0.9947EPSS
Exploits54
Qualys Blog
Qualys Blog
added 2019/10/21 2:37 p.m.63 views

New & Improved Qualys WAS Burp Extension Now Available

Last year we released the initial version of the Qualys WAS Burp extension to positive reviews. Customers welcomed the ability to send Burp-identified issues into Qualys Web Application Scanning WAS for centralized viewing and reporting of automated scanner findings plus manual pen-test issues fr...

7.4AI score
Exploits0
Qualys Blog
Qualys Blog
added 2019/10/17 2:0 p.m.60 views

Graboid: Revenge of the Worms

This week saw news of self-propagating worms in the container landscape to perform unsanctioned computation tasks such as cryptojacking. This blog post is intended for Qualys customers and partners to understand how such container attacks work, provide security best practice recommendations &...

10CVSS9.6AI score0.06263EPSS
Exploits2
Qualys Blog
Qualys Blog
added 2019/10/11 10:59 p.m.139 views

Qualys Vulnerability Signature Release 2.4.722-4 Oracle DB New Feature

The release of the Qualys Vulnerability Signature, version 2.4.722-4, includes changes for Oracle Database signatures. The 2.4.722-4 release is live as of October 11, 2019. Feature Highlights Oracle Database Signatures 2019 With the 2.4.722-4 release, Qualys Vulnerability Management extends its...

0.3AI score
Exploits0
Qualys Blog
Qualys Blog
added 2019/10/08 6:18 p.m.177 views

October 2019 Patch Tuesday – 59 vulns, 9 Critical, Azure App Service, Remote Desktop Client, PoC for Windows Error Reporting

This month’s Microsoft Patch Tuesday addresses 59 vulnerabilities with only 9 of them labeled as Critical. Of the 9 Critical vulns, 7 of them are for browsers and scripting engines. The remaining 2 are for Azure App Service and Remote Desktop Client. In addition, PoC code has been published for a...

10CVSS0.6AI score0.17833EPSS
Exploits2
Qualys Blog
Qualys Blog
added 2019/10/07 2:0 p.m.177 views

Enhanced API Scanning with Postman Support in Qualys WAS

Due to the fast-growing usage of REST APIs, having a way to test them for vulnerabilities in an automated, reliable way is more important than ever. Automated testing of APIs is a little trickier than for web applications. You can't simply enter a starting URL for the scanner and click "Go"...

7.3AI score
Exploits0
Qualys Blog
Qualys Blog
added 2019/09/26 5:23 p.m.65 views

Qualys Cloud Platform 2.41 New Features

This release of the Qualys Cloud Platform version 2.41 includes updates and new features for new Gov clouds in AssetView / CloudView and Web Application Scanning, highlights as follows. AssetView Microsoft Azure Gov Cloud Connector – Added connector support for Microsoft Azure Gov Clouds, includi...

7.1AI score
Exploits0
Qualys Blog
Qualys Blog
added 2019/09/24 8:13 p.m.463 views

Microsoft Released Out-of-Band Security Updates – How to Detect and Remediate

Microsoft released an out-of-band update yesterday that fixes two critical vulnerabilities - The Internet Explorer remote code execution vulnerability CVE-2019-1367 and Microsoft Defender Denial of Service Vulnerability CVE-2019-1255. According to the Microsoft advisory CVE-2019-1367, the Interne...

7.6CVSS8.1AI score0.52729EPSS
Exploits0
Total number of security vulnerabilities1089