1089 matches found
How Qualys Drives PCI DSS 4.0 Compliance for File Integrity Monitoring
The Payment Card Industry Data Security Standard PCI DSS is a well-known rule for compliance by merchants and entities involved in payment card processing. The new PCI DSS 4.0 standard specifies a broad range of technical and process requirements to ensure the safety of payment cardholder data or...
Qualys Performance Tuning Series: Qualys Cloud Agent Configuration Best Practice
The following blog is part of our Qualys Performance Tuning Series. The first blog covered the topic of optimizing performance through the removal of stale assets. This series aims to provide you with comprehensive guidance on how to enhance the efficiency and effectiveness of your Qualys...
Supporting Our U.S. Federal Customers for BOD 23–02 by Mitigating the Risk From Internet-Exposed Management Interfaces
On June 13, 2023, the U.S. Cybersecurity & Infrastructure Security Agency CISA released Binding Operational Directive BOD 23-02: Mitigating the Risk from Internet-Exposed Management Interfaces. The directive requires federal civilian executive-branch agencies to adhere to two primary actions:...
Qualys Responds to CISA Alert: Binding Operational Directive 23-02
The latest Binding Operational Directive from the Cybersecurity and Infrastructure Security Agency CISA BOD 23-02 requires agencies to take steps to reduce the attack surface created by insecure or misconfigured management interfaces across certain classes of devices. While this new mandate impac...
CVSSv4 Public Preview Announcement
On June 8, 2023, at the 35th Annual FIRST Conference in Montreal, the public preview of CVSSv4 was announced. The Common Vulnerability Scoring System CVSS is an open framework for communicating the characteristics and severity of software vulnerabilities. Since its initial release in 2004, CVSS h...
Microsoft and Adobe Patch Tuesday, June 2023 Security Update Review
Microsoft has released Junes edition of Patch Tuesday! This installment of security updates addressed 94 security vulnerabilities in various products, features, and roles. Microsoft Patch Tuesday for June 2023 No zero-day vulnerabilities known to be exploited in the wild have been fixed in this...
Empower Your Security Team With Our Robust Script Library
Introduction Qualys Custom Assessment and Remediation CAR lets you leverage your same Qualys Cloud Agent for custom detection and remediation measures. Yes, the same agent you rely on for VMDR, Patch Management, Policy Compliance, EDR, or FIM can now be used for custom detection and response...
Progress MOVEit Transfer Vulnerability Being Actively Exploited
On June 2nd, CVE-2023-34362 was published against the Progress MOVEit Transfer product and was quickly added to CISA’s Known Exploited Vulnerabilities Catalog. MOVEit Transfer is a managed file transfer solution available as an on-premise solution that enables file transfer between business...
Behind the Screen: Three Vulnerabilities in RenderDoc
The Qualys Threat Research Unit TRU has discovered three vulnerabilities in RenderDoc. This blog will delve into the details of these three newly discovered vulnerabilities found within RenderDocs implementation. As part of our ongoing commitment to safeguard digital assets and strengthen...
TotalCloud Empowered with CloudView Integration
Qualys, a leading provider of cloud-based security and compliance solutions, offers Qualys TotalCloud - a unified vulnerability, threat, and posture management solution. This solution simplifies cloud infrastructure security by combining essential components such as Cloud Workload Protection, Clo...
Qualys Gateway Service now available in AWS, Azure, and Google Cloud Marketplaces
Why are customers moving to the Cloud? Cloud computing adoption has been increasing, with cloud-specific spending expected to grow at more than five times the rate of general IT spending through 2023. Many organizations are working to move their enterprise systems to the cloud, with those migrati...
New Strain of Sotdas Malware Discovered
Introduction There are numerous malicious codes that are currently active on smart devices, such as Ddosf, Dofloo, Gafgyt, MrBlack, Persirai, Sotdas, Tsunami, Triddy, Mirai, Moose, and Satori, among others. These malicious codes and their variants can intrude into and control smart devices throug...
Adopting an Effective and Easy To Implement Zero Trust Architecture
Security professionals employed by a federal agency, supplier, or regulated private sector firm are often challenged by long lists of required cybersecurity rules that can seem endless and unchanging. White House Executive Orders, FedRAMP requirements, CISA Binding Operational Directives, NIST...
New TSA Cybersecurity Emergency Action Rule Impacts Cybersecurity and Compliance
On March 7, 2023, in the wake of President Joe Biden’s National Cybersecurity Strategy announcement, the U.S. Transportation Security Administration TSA issued a cybersecurity emergency action amendment for certain regulated airport and aircraft operators. The new Action Rule can have significant...
Microsoft and Adobe Patch Tuesday, May 2023 Security Update Review
Microsoft has addressed 49 vulnerabilities in its May Patch Tuesday edition. The security advisories cover various vulnerabilities in different products, features, and roles. Lets guide you through this months Patch Tuesday details. Microsoft Patch Tuesday for May 2023 Microsoft has also addresse...
Qualys Virtual Cyber Risk Summit: That’s a Wrap!
Over the last few years, the volume of software developed and the surge in vulnerabilities has been staggering. Combine this with a shortage of cybersecurity professionals, and organizations are left with the daunting challenge of keeping up with the sheer volume of information coming at them. At...
Qualys Launches Inaugural Cyber Risk Summit to Share Expert Insights
Cybersecurity professionals from all over are making their way to RSA’s annual conference this week in search of inspiration and expert advice on bolstering their security postures. But for those who could not disrupt their schedules to make the trip, Qualys is providing IT and security...
Qualys Security Solutions Now Support Alibaba Cloud
Enterprise IT environments are getting exponentially more complex with the booming adoption of cloud computing, upping the ante for InfoSec teams, which must protect these new environments. As the foundation for modern IT innovations that propel digital transformation, public cloud platforms are...
Oracle Patch Tuesday April 2023 Security Update Review
Oracle has released the second quarterly edition of Critical Patch Update, which contains a group of patches for 433 security vulnerabilities. Some of the vulnerabilities addressed this month impact various products. These patches address vulnerabilities in Oracle code and third-party components...
Qualys Security Updates: Cloud Agent for Windows and Mac
As part of our commitment to transparency and keeping customers and the community informed, Qualys is publicly disclosing three CVEs pertaining to the Qualys Cloud Agent for Windows and one CVE on the Qualys Cloud Agent for Mac. Qualys has confirmed there is no impact on the Qualys production...
Microsoft and Adobe Patch Tuesday April 2023 Security Update Review
Microsoft released security updates to address 114 vulnerabilities in the April Patch Tuesday edition. The security advisories cover various vulnerabilities in different products, features, and roles. Lets know more about this months Patch Tuesday details. Microsoft Patch Tuesday for April 2023...
3CXDesktopApp Backdoored in a Suspected Lazarus Campaign
Introduction The attack involved a compromised version of the 3CX VoIP desktop client, which was used to target 3CXs customers. The compromised 3CX application is a private automatic branch exchange PABX software and is available for Windows, macOS, Linux, Android, IOS and Chrome. Currently, ther...
Augment Security Asset Tagging with Custom Assessment and Remediation (CAR)
Security asset tagging provides a flexible and scalable way to organize the assets in your environment based on specific requirements. It enables you to create tags and assign them to your assets, which can improve your cybersecurity maturity and reduce risks for breaches and audit failures. Qual...
Risk Fact #5: Infrastructure Misconfigurations Open the Door to Ransomware
Qualys Blog Series – Threat Research Unit Report In this last blog of our series describing the top Risk Facts discovered in the 2023 Qualys TruRisk Research Report, we go under the hood to better understand Risk Fact 5: Infrastructure misconfigurations open the door to ransomware Misconfiguratio...
Risk Fact #4: Misconfigurations Still Prevalent in Web Applications
Qualys Blog Series – Threat Research Unit Report The Open Web Application Security Project OWASP Top 10 is a list of the most common and most critical vulnerabilities that can impact a web application. Security experts rely on the OWASP Top 10 when talking about web app security. The list helps...
Risk-based Vulnerability Management Combined With A Cyber Risk Management Platform
Recent insights from IDCs recent report, Worldwide Device Vulnerability Management Forecast, 2023–2027: Evolving Beyond Scanning Feb. 2023, provide a sobering look at the future of what cybersecurity stacks may look like in a few years. As the name suggests, this report took a deep dive into the...
Risk Fact #3: Initial Access Brokers Attack What Organizations Ignore
Qualys Blog Series – Threat Research Unit Report “Divide and Conquer” is an emerging and winning strategy for cyber criminals who split responsibilities to improve execution of the attack process. Some threat actors specialize in the back end, which often is ransomware deployed at scale. The fron...
Risk Fact #2: Automation Is the Difference Between Success and Failure
Qualys Blog Series – Threat Research Unit Report Organizational leaders dread the consequences of a successful cyber-attack, which can be devastating due to data loss, reputational damage, and legal repercussions. Under the hood, security professionals are acutely focused on finding technical mea...
Risk Fact #1: Speed Is the Key to Out-Maneuvering Adversaries
Qualys Blog Series – Threat Research Unit Report The 2023 Qualys TruRisk Research Report from the Qualys Threat Research Unit TRU provides detailed research insights that are organized into five separate Risk Facts. In this blog, we look at Risk Fact 1 - Speed is the key to out-maneuvering...
ACSC Essential 8 Cybersecurity Strategies, Maturity Levels, and Best Practices
Originally published in 2017 as an evolution of the Australian Signals Directorate’s Strategies to Mitigate Cyber Security Incidents, the Australian Cyber Security Centre ACSC Essential 8 E8 consists of a set of strategies that can make it harder for threat actors to compromise a firm’s...
A New Approach to Discover, Monitor, and Reduce Your Modern Web Attack Surface
Web applications reign the internet universe, but also bring new risks that let attackers poke holes in an ever-expanding attack surface. Stolen credentials have been the historical culprit. Recent analysis saw a spike in exploits targeting web applications directly through specially-crafted...
Staying Ahead of Ransomware Threats
Ransomware attacks have become a growing threat to organizations of all sizes and sectors. Many of these attacks exploit known vulnerabilities, making organizations need to quickly identify and fix these weaknesses to prevent a potential ransomware incident. This is where the Ransomware...
The March 2023 Patch Tuesday Security Update Review
Microsoft has released its monthly security update for March 2023. This months updates addressed various vulnerabilities in different products. Lets go through this months Patch Tuesday details and discuss the security updates. Microsoft Patches for March 2023 Microsoft has addressed 101...
Qualys VMDR & Jira Integration Now Available
The increasing number of vulnerabilities poses a significant challenge for most organizations trying to effectively manage and mitigate Cyber risks. According to NVD, the number of vulnerabilities in 2022 increased by approximately 25% as compared to 2021. As we are in start of March the...
What’s Next After Log4Shell?
How To Deal With the Next Open-Source Vulnerability Using Custom Scripts A critical vulnerability in Apache’s Log4j Java-based logging utility CVE-2021-44228 was previously referred to as the “most critical vulnerability of the last decade.” In the wake of Log4Shell exploits, many security...
Automating Vulnerability Management with Qualys VMDR & ServiceNow
With a growing number of cyber-attacks and the push to stay ahead of adversaries, the Vulnerability Management lifecycle has become necessary for ensuring enterprise-grade cyber resiliency. For many organizations, there is a persistent challenge in supporting vulnerability assessment and...
Forta GoAnywhere Zero-Day Exploited By Threat Actors
On February 1st, 2023, Forta released an advisory behind an auth wall notifying their customers of a remote code execution zero-day exploit affecting their GoAnywhere Managed File Transfer MFT application. This was picked up by Brian Krebs, an investigative journalist who published this on his...
The February 2023 Patch Tuesday Security Update Review
Microsoft and Adobe have released several monthly security fixes and updates for their products. Let’s take a look at the highlights of this month’s Patch Tuesday as we review and discuss the security updates. Microsoft Patches for February 2023 Microsoft has patched 79 vulnerabilities this month...
Don’t forget about risk remediation of your macOS assets
Employees love for Macs has propelled tremendous growth for Apple. According to a recent study by Parallels, 55% of businesses use Mac devices themselves or explicitly approve of their use within the company. It is hard to believe Macs have been around for almost 4 decades. Largely introduced to...
Real-Time Defense of Multi-Cloud Environments From Malicious Attacks and Threats
Organizations today cannot detect real-time threats at runtime due to the multi-cloud infrastructure, resulting in the possibility of malicious actors exploiting the environment. It is imperative for the modern organization to have a solution to detect advanced run-time threats in real-time to...
Announcing General Availability of Qualys TotalCloud
Qualys TotalCloud is a CNAPP solution based on Qualys Cloud Platform that provides multi-cloud vulnerability detection and misconfiguration response, and today we are pleased to announce that TotalCloud is now generally available. TotalCloud Home Page Unified View of Multi-Cloud Risk Posture...
Blind SQL Injection – Content-Based, Time-Based Approaches
Blind SQL Injection Overview Blind SQL InjectionBSQL is a type of SQL Injection SQLI vulnerability, where an attacker exploits the application to extract information from the database. An application vulnerable to SQLI displays application-specific information in the response when it is exploited...
Introducing Enterprise TruRisk Management from Qualys
Since the release of Qualys VMDR 2.0 with TruRisk last year, our customers have quickly adopted it to perform cyber risk assessments across the entire enterprise. With detail-rich cyber risk visualization, customers can now pinpoint the areas of their business exposed to elevated levels of cyber...
Launching Qualys Cloud Threat Database
We are proud to announce the release of the Qualys Cloud Threat Database which correlates more than 25 different threat intelligence feeds into a single source for all Qualys products to leverage. This comprehensive vulnerability and threat intelligence database pulls from trusted sources such as...
Ransomware Targets Outdated VMware ESXi Hypervisors: Protect Your Systems Now!
Updated on February 8, 2023 at 2:40 PM Pacific Standard Time: This article has been updated with EVALUATE Vendor-Suggested Mitigation with Policy Compliance PC Updated on February 7, 2023 at 9:05 PM Pacific Standard Time: This article has been updated with the latest information on the...
macOS Patching Is Here!
In the past few years, many of our customers have seen a sharp increase in the number of Mac devices introduced to their environment. All those new Mac devices introduce new vulnerabilities that must be remediated. To keep up with the new volume of vulnerabilities, organizations had to opt-in, bu...
Is your FIM Solution Cost and Time Efficient?
Virtually every security professional and corporate executive is painfully aware of recent escalations in cybersecurity threats. No one wants to be a headline or get hit with the typical $4.5 million price tag to remediate an incident IBM Study. Almost every security team will agree that file...
CVE-2023-25136: Pre-Auth Double Free Vulnerability in OpenSSH Server 9.1
OpenSSH, the widely used open-source implementation of the Secure Shell SSH protocol, recently released version 9.2 on 2023-02-02 to address a pre-authentication vulnerability in the OpenSSH server version 9.1. This specific version of the OpenSSH server, which was released in October 2022, was...
Why FedRAMP High Authorization Can Ensure High Cybersecurity Maturity
The Federal Risk and Authorization Management Program FedRAMP is a U.S. government initiative that promotes the adoption of secure cloud services across the U.S. federal government by providing a standardized approach to security and risk assessment for cloud technologies. FedRAMP reduces...
Managing Security Configuration Risk with the Most Comprehensive Configuration Compliance Solution!
Qualys leads the industry with 850 policies, 19000 controls, 350 technologies, and 100 frameworks Remote and hybrid work, digital transformation, and customer experience initiatives require rapid and continuous technology additions and changes. This requires continual additions of and deployments...