1089 matches found
Q&A: Conducting Cloud-Based Vendor Risk Audits With Qualys SAQ
Third-party security assessments drastically reduce your organization’s risk of suffering a data breach. When carried out properly, these assessments identify poor InfoSec and privacy practices among your vendors, partners, contractors, and other third parties with access to your IT systems and...
July Patch Tuesday: 19 Critical Vulnerabilities from Microsoft, plus Critical Adobe Patches
Today Microsoft released patches covering 54 vulnerabilities as part of July’s Patch Tuesday update, with 26 of them affecting Windows. Patches covering 19 of these vulnerabilities are labeled as Critical, all of which can result in Remote Code execution. According to Microsoft, none of these...
Countdown to GDPR: Prioritize Vulnerability Remediation
The EU’s GDPR General Data Protection Regulation demands that organizations stringently protect EU residents’ data they hold, share and process, which requires having solid InfoSec practices, including threat prioritization. No, there is no specific mention of prioritization of vulnerability...
SSL Labs Grading Redesign (Preview 1)
We’re excited to share with you the first preview of our next-generation grading. This is something that’s long overdue but, due to lack of available time, we managed to keep up patching the first-generation grading to keep up with the times. Now, finally, we’re taking the next necessary steps to...
Save Time by Streamlining Vendor Risk Assessments in the Cloud
As your organization enthusiastically adopts cloud and mobile services from multiple new vendors, are your already-busy security and compliance teams scrambling to assess the risks of using these new providers’ products? Are you still using a manual process for conducting these vendor evaluations...
Countdown to GDPR: Get 20/20 Visibility Into Your IT Assets
Anyone questioning the importance of IT asset visibility in an organization’s security and compliance postures ought to review the EU’s General Data Protection Regulation GDPR, which goes into effect next year. With the severe requirements the GDPR places on how a business handles the personal da...
Petya Ransomware: What You Need to Know
On Tuesday, a variant of the ransomware "Petya" began propagating in several countries across Europe. This new variant leverages the EternalBlue exploit used in WannaCry, and also takes advantage of misconfigured permissions to spread throughout the network. EternalBlue is a leaked exploit...
Qualys Cloud Suite 8.10.1 New Features
This new patch release of the Qualys Cloud Suite, version 8.10.1, includes updates to password management, user roles & permissions, and User Defined Control improvements in Qualys Policy Compliance PC. Feature Highlights Qualys Cloud Platform Platform Password Improvements - In this release, we...
Qualys Cloud Platform 2.28 New Features
This release of the Qualys Cloud Platform version 2.28 includes updates and new features for Cloud Agent, AssetView, ThreatPROTECT, Security Assessment Questionnaire and Web Application Scanning, highlights as follows: Cloud Agent Cloud Agent AIX Beta – beta release of Qualys Cloud Agent supporti...
Countdown to GDPR — Reduce your Risk
First discussed in the 1990s and turned into law last year, the EU’s General Data Protection Regulation GDPR finally goes into effect in May 2018, imposing strict requirements on millions of businesses and subjecting violators to severe penalties. The complex regulation is of concern not just to...
Qualys Cloud Platform 2.27 New Features
This release of the Qualys Cloud Platform version 2.27 includes updates and new features for Cloud Agent and AssetView as follows: Highlights Platform / Cloud Agent API Host Asset Management API – updated to query on and return additional Cloud Agent attributes. The new attribute fields are not...
Visualizing the Stack Clash Vulnerability with Dashboards
Security teams should apply vendor patches immediately to protect their Linux, OpenBSD, NetBSD, FreeBSD and Solaris infrastructure from The Stack Clash vulnerability also see the security advisory. To help in that effort, this blog post describes a new built-in Qualys AssetView dashboard to...
The Stack Clash
What is the Stack Clash? The Stack Clash is a vulnerability in the memory management of several operating systems. It affects Linux, OpenBSD, NetBSD, FreeBSD and Solaris, on i386 and amd64. It can be exploited by attackers to corrupt memory and execute arbitrary code. Qualys researchers discovere...
Microsoft Fixes 94 Security Issues in Massive June Update
Today Microsoft released patches to fix 94 vulnerabilities out of which 27 fix remote code execution issues which can allow an attackers to remotely take control of victim machines. This is a massive update and fixes more than double the number of vulnerabilities as compared to the last two month...
Dynamic Questionnaire: Accelerate Quick and Efficient Responses with Question Gating
As you roll out Security Assessment Questionnaire to your vendors and internal stakeholders, it is necessary to avoid lengthy questionnaires containing many sections with questions that are not relevant to their area of work. It is important that respondents don’t get overwhelmed and spend a lot ...
Lessons Learned from SQL Injection Fix in Joomla 3.7.0
The Joomla community recently patched a SQL injection vulnerability introduced in Joomla 3.7.0. The article reporting this vulnerability explains how to identify the vulnerability which was discovered via static code analysis and how to craft an attack, e.g...
Samba Vulnerability CVE-2017-7494
On Wednesday, the Samba Team patched a vulnerability that exists in all versions of Samba including and after version 3.5.0. Exploitation of this vulnerability could result in remote code execution on the affected host. Samba is used to provide SMB and CIFS services for Linux systems, and is...
Digging Into WannaCry Details: Answers to Your Burning Questions
Jimmy Graham, Director of Product Management, Qualys Threat Protection & AssetView The WannaCry ransomware attack spread so quickly and has been so disruptive that IT departments can’t get enough information about what caused it, how it can be remediated and what can be done to protect their...
No More Tears: WannaCry Highlights Importance of Prompt Vulnerability Detection, Remediation
It didn’t have to happen. That’s the simple yet profound lesson from WannaCry’s ransomware rampage that has infected 300,000-plus systems in more than 150 countries, disrupting critical operations across industries, including healthcare, government, transportation and finance. If vulnerable syste...
Visualizing WannaCry & Shadow Brokers with Dashboards
To assess infections from WannaCry ransomware and threat exposure from the Shadow Brokers vulnerabilities across an entire IT environment, it's helpful to visualize your exposure via dynamic dashboards. Using Qualys AssetView and ThreatPROTECT, I created a single-pane incident response dashboard...
Better Trusted Scanning with Qualys-CyberArk Integration
To manage privileged credentials, especially across multiple systems in complex environments, many organizations use privileged account security solutions. Qualys has integrated with such solutions for a long time, and has recently upgraded its CyberArk integration to include CyberArk Application...
For GDPR Readiness, You Need Visibility into Your IT Assets
The looming deadline for complying with the EU’s General Data Protection Regulation GDPR is shining the spotlight on a foundational InfoSec best practice: A comprehensive IT asset inventory. The reason: GDPR places strict requirements on the way a business handles the personally identifiable...
Qualys Cloud Suite 8.10 New Features
This new release of the Qualys Cloud Suite, version 8.10, includes new capabilities and improvements to for VM, PC and shared platform improvements: Authentication Vault integration with BeyondTrust Mandate-Based reporting for Policy Compliance to simplify reporting against multiple mandates and...
How to Rapidly Identify Assets at Risk to WannaCry Ransomware and ETERNALBLUE Exploit
In what may be the first public weaponizing of April's Shadow Brokers dump of NSA exploits, a ransomware attack has crippled IT systems globally and disrupted operations at major organizations, including patient services at UK hospitals. About 80,000 infections have been detected in about 100...
Qualys Policy Compliance Notification: Policy Library Update
Qualys’ library of built-in policies makes it easy to comply with commonly adhered to security standards and regulations. Qualys provides a wide range of policies, including many that have been certified by CIS as well as ones based on security guidelines from vendors such as Microsoft and VMware...
Intel AMT Vulnerability
Last week, Intel published a security advisory INTEL-SA-00075 regarding a new vulnerability in Intel Active Management Technology AMT, Intel Standard Manageability ISM, and Intel Small Business Technology SBT. The firmware versions impacted are 6.x, 7.x, 8.x 9.x, 10.x, 11.0, 11.5, and 11.6. In...
Adobe Fixes Half a Dozen Flash Vulnerabilities and More
Flash has been the top target for exploit kits and we have observed that defender behavior, i.e. how fast patches are applied along with other factors in the threat landscape could have led to a decline in the number of Flash vulnerabilities being weaponized in exploit kits. In 2016, the time to...
Microsoft Fixes Malware Protection Engine and Several 0-Day Vulnerabilities, and Deprecates SHA-1
Hours before today’s Patch Tuesday release on the eve of May 8, Microsoft released an emergency updated to fix a vulnerability in their Malware Protection Engine. This critical vulnerability allows an attacker to take complete control of the victim's machine by just sending an e-mail attachment...
Virtual Patching: A Lifesaver for Web App Security
Here’s a common scenario organizations increasingly face: Too many web apps with too many vulnerabilities and no chance for immediate remediation. In the interim, the organization is left exposed to potentially devastating breaches, at a time when web apps have become one of cyber attackers’...
Qualys Support for Reserve Bank of India (RBI) Cyber Security Guidelines
Reserve Bank of India RBI, India's central banking and monetary authority, points out that the number, frequency, and impact of cyber incidents on Indian banks has increased substantially. Like their peers globally, Indian banks are committed to maintaining customer trust, protecting financial...
Shadow Brokers Fix for IBM Lotus Domino Released
IBM has released a patch for Lotus Domino to plug a security flaw which was disclosed in the latest Shadow Broker revelations. Lotus Domino includes an IMAP server. IMAP or Internet Message Access Protocol is an Internet standard protocol used by e-mail clients to retrieve e-mail messages from th...
Qualys Cloud Platform 2.26 New Features
This release of the Qualys Cloud Platform version 2.26 includes updates and new features for Cloud Agent, AssetView, Security Assessment Questionnaire and Web Application Scanning as follows: Highlights Cloud Agent Platform View Module Activation Job Status – adds a button in Agent Management tab...
Oracle Plugs Struts and Shadow Brokers hole along with 299 Total Vulnerabilities
Today Oracle released a total of 299 new security fixes across all product families. It is important to note that it fixed 25 instances of the infamous Apache Struts vulnerability which could allow a remote attacker to take complete control of the server running Struts. The struts fix was applied...
PCI DSS v3.2 & Migrating from SSL and Early TLS v1.1
SSL & Early TLS vulnerabilities such as QID 38628 “SSL/TLS Server supports TLSv1.0”\ will be marked as a Fail for PCI as of May 1, 2017 in accordance with the PCI DSS v3.2. For existing implementations, merchants will be able to submit a PCI False Positive / Exception Request and provide proof of...
The Shadow Brokers Release Zero Day Exploit Tools
On Friday, a hacker group known as The Shadow Brokers publicly released a large number of functional exploit tools. Several of these tools make use of zero-day vulnerabilities, most of which are in Microsoft Windows. Exploiting these vulnerabilities in many cases leads to remote code execution an...
April 2017 Patch Tuesday Video Highlights
Microsoft Fixes 45 Vulnerabilities with new Security Update Guide and says goodbye to Security Bulletins. Adobe Fixes Flash, PDF reader and Photoshop...
Microsoft Fixes 45 Vulnerabilities with new Security Update Guide – says goodbye to Security Bulletins
Today is the first month since 1998 in which Microsoft stopped releasing security bulletins with the familiar MSxx-xxx format and replaced it with the new security update guide. We talked about this change earlier in a few blog posts and finally today it’s time to say good bye to security bulleti...
Adobe Fixes Flash, PDF reader and Photoshop in April
Adobe released five security bulletins today following a pre-notification which was released on Thursday of last week. Highest priority goes to the Flash update APSB17-10 as flash has been the top choice for malware and exploit kits. If left un-patched, the vulnerabilities allow attackers to take...
IT Asset Inventory Systems and CMDBs: A Marriage Made in InfoSec Heaven
A key capability of an IT asset inventory system is being able to exchange data with CMDBs Configuration Management Databases. In fact, a common misconception is that organizations with CMDBs don’t need an IT asset inventory system because their functions overlap. While they have similar roles,...