1089 matches found
Microsoft and Adobe Patch Tuesday, July 2024 Security Update Review
Julys Patch Tuesday brings a midsummer wave of updates, addressing critical vulnerabilities and enhancing security across the Microsoft ecosystem. Lets discover the highlights from Microsofts Patch Tuesday updates for July 2024. Microsoft Patch Tuesday for July 2024 Microsoft Patch Tuesdays July...
Understanding the Hidden Cyber Risk from Tech Debt (EoL/EoS)
End-of-life EoL and end-of-support EoS hardware, software, and operating systems exist in every single technology environment, and they are an exponential multiplier of cyber risk. By definition, vulnerabilities with EoL/EoS technology are unpatchable. In some cases, IT teams can pay for extended...
Measuring, Communicating, and Eliminating Risk With TruRisk™ in Qualys Web Application Scanning (WAS)
In an era where cyber threats loom larger and more complex than ever, organizations demand not just defense but intelligent, cohesive strategies for managing cyber risks. With the Enterprise TruRisk Platform, Qualys reaffirmed its commitment to these needs by focusing its cybersecurity solutions ...
Qualys Blog
On Wednesday, July 3, 2024 at 2:45 AM EDT Qualys identified suspicious spam content posted to the Qualys blog. Qualys conducted an investigation to identify any compromise and/or impact due to this unauthorized spam blog post and found no indication that the incident had any impact on customer...
Генерал-бас заключения банкнот во онлайн-казино
Содержание Лучший генералбас обналичить аржаны Бардепот Видимо-невидимо Временные рамки Если вы возымели доход от онлайновый-казино, вам бог велел быстро его выгнать. Посему вдолдонитесь, что вы выбрали алгорифм узкопотребительского банкинга, обеспечивающего беглое распределение. Самые быстрые...
regreSSHion: Remote Unauthenticated Code Execution Vulnerability in OpenSSH server
The Qualys Threat Research Unit TRU has discovered a Remote Unauthenticated Code Execution RCE vulnerability in OpenSSH’s server sshd in glibc-based Linux systems. CVE assigned to this vulnerability is CVE-2024-6387. The vulnerability, which is a signal handler race condition in OpenSSHs server...
Polyfill.io Supply Chain Attack
The polyfill.js is a popular open-source library that helps older browsers support functionality in newer browsers. Thousands of sites embed it using the cdn.polyfill.io domain. In February 2024, a Chinese company Funnull bought the domain and the GitHub account. The company has modified...
Decoding OWASP – A Security Engineer’s Roadmap to Application Security
In a time where over 60% of data breaches are linked to software vulnerabilities and a single overlooked software vulnerability can expose sensitive data, the imperative of robust application security cannot be overstated. The 2023 IBM Security Cost of a Data Breach Report highlights that...
Essential Strategies to Secure Your Web Applications and APIs in a Modern Application Development World
In today’s interconnected digital world, the role of web applications and APIs has become central to business operations, acting as gateways to vast amounts of valuable data and services. However, their widespread use and accessibility make them prime targets for cybercriminals, posing substantia...
Secure Your Containerized Environments with Qualys Containerized Scanner Appliance (QCSA)
IT has undergone a series of significant shifts over the years, from physical infrastructure to virtual, and how infrastructure was managed and maintained. This shift led IT through the digital transformation era, introducing various types of clouds and “As-a-Service” models. Although...
TotalCloud Insights: Protect Your AWS Environment by Managing Access Keys Securely
Introduction With the average cost of a data breach coming in at $4.45M in 2023, safeguarding sensitive information and maintaining the security of cloud environments is more critical than ever. Instances of compromised access keys, not exclusive to AWS Amazon Web Services but prevalent across...
Microsoft and Adobe Patch Tuesday, June 2024 Security Update Review
Microsofts June Patch Tuesday is here, bringing fixes for vulnerabilities impacting its multiple products. This months release highlights the ongoing battle against cybersecurity threats, from critical updates to important fixes. Lets dive into the crucial insights from Microsofts Patch Tuesday...
Check Point Security Gateway Information Disclosure Vulnerability (CVE-2024-24919)
Check Point Security Gateway is a secure web gateway that is an on-premises or cloud-delivered network security service. Check Point enforces network security policies, including firewall, VPN, and intrusion prevention capabilities. Check Point published a zero-day advisory on May 28, 2024,...
TotalCloud Insights: Securing Your Data—The Power of Encryption in Preventing Threats
Introduction Did you know there is a 90% failure rate for encryption-related controls of MySQL Server in Microsoft Azure? The issue isnt confined to Azure; in Google Cloud Platform GCP environments there is a 98% failure rate of encryption-related controls for both compute engine and storage...
PCI DSS 4.0: Get Audit-Ready for the New Requirements
The Payment Card Industry Data Security Standard PCI DSS originated in 2004 and is managed by the PCI Security Standards Council to ensure security for the global payment industry. This mandate applies to all entities worldwide that store, process, or transmit payment cardholder data or sensitive...
2024 Cybersecurity Trends: What’s Observable Already?
2024 has already witnessed a staggering number of cyber incidents, with over 29.5 billion records breached across 4,645 publicly disclosed incidents in January alone, according to the IT Governance Security Spotlight. Moreover, CVEs are growing significantly year over year, with 13% growth from...
TotalCloud Insights: Uncovering the Hidden Dangers in Google Cloud Dataproc
Summary The Apache Hadoop Distributed File System HDFS can be vulnerable to data compromise when a Compute Engine cluster is in a public-facing virtual private cloud VPC or shares the VPC with other Compute Engine instances. Google Cloud Platform GCP provides a default VPC called default. This VP...
Qualys Enterprise TruRisk™ Platform Extends FIM with Real-Time Monitoring of Unauthorized Access to Sensitive Data and Configuration Change Detection on Network Devices
Introducing FIM 4.0 with File Access Monitoring FAM and Agentless FIM to ensure compliance with the new PCI 4.0 File Integrity Monitoring FIM solutions are essential for virtually any organization to help identify suspicious activities across critical system files and registries, diagnose changes...
How the Qualys Enterprise TruRisk™ Platform Supports CISA Vulnrichment
Introduction In todays interconnected digital landscape, cybersecurity threats pose significant risks to organizations across various sectors. Recognizing the need for a structured approach to identify, prioritize, and address vulnerabilities, the Cybersecurity and Infrastructure Security Agency...
TotalCloud Container Security Best Practices
Qualys Container Security CS, an integral part of TotalCloud 2.0, provides a comprehensive view of the security posture of containerized applications. Operationalizing a new technology tool in an enterprise often presents its own challenges. This blog seeks to help the operations team familiarize...
Microsoft and Adobe Patch Tuesday, May 2024 Security Update Review
Microsoft has released its May edition of Patch Tuesday. Lets take a deep dive into the crucial insights from Microsofts Patch Tuesday updates for May 2024. Microsoft Patch Tuesday for May 2024 Microsoft Patch Tuesdays May 2024 edition addressed 67 vulnerabilities, including one critical and 59...
Get Weekends Back: Put Chrome CVEs like CVE-2024-5274 on Auto-Patching
On May 9th, Google released an emergency update for its Chrome browser to patch a critical zero-day vulnerability, CVE-2024-4671. The "use after free" vulnerability affects the Visuals component of Chrome, which is responsible for rendering and displaying content. CVE-2024-4671 was identified and...
TotalCloud Insights: A Wake-Up Call on Cloud Database Security Failure Rates
In part 1 of this two-part blog, we explored how to safeguard cloud databases from SQL Server threats and lateral movement risks. In this second part, we turn our focus to a comparative analysis of database security across three major cloud service providers CSPs, AWS, Azure, and GCP, as well as...
Elevating Security: Qualys Unveils First Solution for Scanning AWS Bottlerocket in Amazon EKS and Amazon ECS
With this new offering, Qualys establishes itself as the first and only vendor solution with the unique ability to scan AWS Bottlerocket instances directly using the Qualys Cloud Agent and TotalCloud Agent-less Snapshot-Based Scan. This innovative capability empowers organizations to...
How to Create Collaboration and Shared Goals with IT and Security Teams
In today’s ITSM landscape, merging IT operations and security practices is no longer “ideal”, but imperative. According to a recent Gartner® Board of Directors Survey 1, 88% of respondents indicated that their organization perceives cybersecurity as a business risk. This was up from 58% in 2016,...
Assess, Remediate, and Prevent the Top 10 MITRE ATT&CK Techniques for Ransomware, Mapped to Misconfigurations
In cybersecurity, the battle against ransomware is a pivotal challenge for organizations worldwide. Attackers are consistently refining their methods, highlighting the critical need for businesses to remain proactive in their defense strategies. To effectively address this threat, it is essential...
Qualys Is Proud to Sign CISA’s Secure by Design Pledge
Cybersecurity leaders in the U.S. are very familiar with the Cybersecurity and Infrastructure Security Agency CISA and their important work to keep the internet, our country, and its citizens safe from cyber threats. As part of their efforts, CISA has identified secure by design software as a key...
Introducing CyberSecurity Asset Management 3.0 with Expanded Discovery and Cyber Risk Assessment
Qualys is re-defining attack surface management with CyberSecurity Asset Management CSAM 3.0, expanding the most comprehensive attack surface coverage on the market to include patent-pending EASM discovery and scan, passive sensing for unmanaged/untrusted devices built in to the Qualys agent, and...
Agentless FIM for Detecting Network Configuration Changes
Dealing with multiple network administrators making frequent configuration changes with a monitoring solution that provides insights into device change without causing resource constraints. The performance and capabilities of a network device are entirely dependent upon its configuration settings...
Qualys Launches MSSP Portal to Empower Managed Security Service Providers
In the words of Sun Tzu, In the midst of chaos, there is also opportunity. This aptly captures the essence of todays cybersecurity landscape. Managed Security Service Providers MSSPs stand at the forefront, turning chaos into opportunity by securing digital assets across the entire infrastructure...
Verizon’s 2024 DBIR Unpacked: From Ransomware Evolution to Supply Chain Vulnerabilities
As we delve into cybersecuritys complex and evolving landscape, the Verizon 2024 Data Breach Investigations Report DBIR offers crucial insights into the mechanisms and motives behind the latest wave of cyberattacks. Qualys is once again proud to contribute to the report, helping to dissect these...
CrushFTP Zero-Day Exploitation Due to CVE-2024-4040
Vulnerability Scope & Details CrushFTP disclosed a zero-day vulnerability in their software on April 19, 2024. The vulnerability is published on CVE-2024-4040. Affected versions: 9.x versions before 10.7.1 11.1.0 The CVSS score is 9.8. The vulnerability allows remote attackers to bypass the VFS...
ArcaneDoor Unlocked: Tackling State-Sponsored Cyber Espionage in Network Perimeters
Cisco recently uncovered a sophisticated cyber espionage campaign, ArcaneDoor, targeting perimeter network devices used by government and critical infrastructure sectors. This campaign involves state-sponsored actors exploiting two zero-day vulnerabilities CVE-2024-20353 and CVE-2024-20359 aimed...
Unveiling the Hidden Power of the CMDB in Cybersecurity
In the ever-evolving landscape of cybersecurity, where attacks grow increasingly sophisticated, organizations must leverage every tool at their disposal to stay one step ahead. While CISOs and SecOps teams often focus on disciplines such as vulnerability detection, attack surface management, and...
Staying Five Steps Ahead of Cyber Risk
Organizations are continuously seeking effective strategies to protect their digital environments. With over 26,000 vulnerabilities discovered last year, Qualys Vulnerability Management, Detection, and Response VMDR offers a comprehensive solution designed to meet the needs of both security and I...
Empowering Small Businesses in the Digital Age: A Must-Read Guide to Web Application & API Security
Small and medium-sized businesses have increasingly become reliant on web applications - whether they are developed or procured, to drive their operations, engage customers, and scale their businesses. The increasing reliance on online operations is underscored by 84% of businesses using digital...
WordPress LayerSlider Plugin: SQL Injection Vulnerability
On March 25th, 2024, a critical security vulnerability was discovered in the LayerSlider plugin for WordPress, marked as CVE-2024-2879. The plugins have more than 10 lakh active installations. This flaw, rated with a CVSS score of 7.5 out of 10.0, is identified as an SQL injection vulnerability...
TotalCloud Insights: Safeguarding Your Cloud Database from SQL Server Threats and Lateral Movement Risks
Introduction In todays tech-driven world, cloud computing has completely changed how businesses store and manage their data. It offers many advantages, like flexibility, scalability, and cost savings, making it a go-to choice for organizations of all sizes. Keeping your data secure, especially in...
Oracle Patch Update, April 2024 Security Update Review
Oracle released its second quarterly edition of Critical Patch Update, which contains patches for 441 security vulnerabilities. Some of the vulnerabilities addressed in this update impact more than one product. These patches address vulnerabilities in various product families, including third-par...
How Qualys Supports the National Cyber Security Centre (NCSC)’s Vulnerability Management Guidance
NCSC details the importance of having asset management and remediation as key requirements of a successful VM program. “A vulnerability management process shouldn’t exist in isolation. It is a cross-cutting effort and involves not just those working in IT operations, but also security and risk...
Navigating the EU NIS2 Directive
How Qualys Cybersecurity Solutions Ensure Compliance The European Union’s revised Network and Information Security NIS2 Directive is a comprehensive cybersecurity regulation aimed at bolstering the resilience of critical entities and essential services across the EU. As organizations grapple with...
WordPress Remote Code Execution via Plugin Upload (CVE-2024-31210)
WordPress is a widely used open publishing platform for the web. A security vulnerability was discovered that allows administrator-level users on single-site installations and Super Admin-level users on Multisite installations to execute arbitrary PHP code. This vulnerability affects WordPress...
De-risk the Software Supply Chain by Expanding Unparalleled Detection Coverage With Qualys VMDR and Software Composition Analysis
QIDs/CVEs When it comes to cybersecurity, speed is key in getting an edge over attackers. But when you consider that vulnerabilities weaponize 24 days faster than then they are remediated on average, cybersecurity stakeholders have a lot of catching up to do. While there are many ways defenders c...
Qualys Endpoint Detection & Response Validated by Top Independent Testing Labs
Qualys is proud to announce that our Endpoint Detection & Response solution has earned top certifications from two of the most respected independent anti-virus testing organizations - SE Labs and AV-Test. These prestigious validations underscore Qualys mission to deliver best-in-class malware...
Real-time File Access Monitoring (FAM) with Qualys FIM
What is File Access Monitoring FAM? FAM is a security practice that involves tracking and logging access to sensitive files. FAM should be included with any File Integrity Monitoring FIM solution to trigger alerts when critical host files not intended for regular use are accessed. Importance of F...
How to Reduce Your Risk with Proactive VM Strategies
Current cybersecurity challenges demand more than just reactive measures. A significant hurdle many organizations face is the effective remediation of vulnerabilities within their IT infrastructure. Recognizing this, security teams are increasingly turning to sophisticated vulnerability managemen...
Microsoft and Adobe Patch Tuesday, April 2024 Security Update Review
Welcome to another insightful dive into Microsofts Patch Tuesday! This months security updates address a vast number of vulnerabilities in multiple popular products, features, and roles. We invite you to join us to review and discuss the details of these security updates and patches. Microsoft...
Navigating SQL Injection Vulnerabilities with DAST for Modern AppSec
The digital landscape is continuously evolving, and with it, the strategies for safeguarding our applications against vulnerabilities. In a recent advisory, CISA & the FBI have highlighted the critical importance of conducting thorough reviews of code and supply chains. The aim is to unearth any...
Key Insights from the NCSC’s Vulnerability Management Guidance
In a world increasingly surrounded by cyber threats, the UKs National Cyber Security Centre NCSC offers vital guidance on Vulnerability Management, providing clear and actionable advice for tackling cyber threats. Their recommendations are essential for organizations to understand and mitigate...
XZ Utils SSHd Backdoor
On March 29th, 2024, security researcher Andres Freund discovered a backdoor in XZ Utils versions 5.6.0 and 5.6.1. Under certain conditions, this backdoor may allow remote access to the targeted system. This disclosure was posted to the Openwall mailing list. The security researcher mentions that...