Category: Qualys
Unified Dashboard for Enhanced Security Visualization
Qualys has introduced a new app named Unified Dashboard (UD) to enrich your dashboarding experience. Unified Dashboard (UD) brings information from all Qualys applications into a single place for visualization. UD adds a powerful new
September 2020 Patch Tuesday – 129 Vulnerabilities, 23 Critical, SharePoint, Exchange, Windows Codecs, Adobe Vulns
This month’s Microsoft Patch Tuesday addresses 129 vulnerabilities with 23 of them labeled as Critical. The 23 Critical vulnerabilities cover SharePoint, Exchange, Dynamics 365, Windows Codecs, and several other workstation vulnerabilities.
Detect FritzFrog and Other Malware Infections with Inventory Data
Recently, Guardicore researchers discovered a new type of malware called “FritzFrog,” which targets multiple industry verticals, including government, finance, and healthcare. It employs brute-forcing SSH credentials as an initial attack vector,
Meow Attack: A Reminder for Organizations to Identify and Secure Their Databases
Thousands of unsecured internet-facing databases have fallen prey to the “Meow” attack and have been permanently destroyed. Meow attacks replace the original index with a newly created one with the suffix “-meow”. With no ransomware demands or
Automated Discovery and Assessment of PaaS Databases with Lambda Service for Qualys Policy Compliance
In the last several years, Platform as a Service (PaaS) solutions have evolved and matured. As organizations have focused on digital transformation, there has been a major shift towards adopting PaaS solutions driven by benefits including
August 2020 Patch Tuesday – 120 Vulnerabilities, 17 Critical, Media Foundation, Windows Codecs, Workstation, Adobe
This month’s Microsoft Patch Tuesday addresses 120 vulnerabilities with 17 of them labeled as Critical. The 17 Critical vulnerabilities cover Media Foundation, .NET Framework, Browsers, Scripting Engines, Office, Outlook, Windows Codecs and
Continuous Monitoring and Beyond
As security professionals, we struggle with the high volume of data we need to sort through while trying to parse out the critical alerts that are important for us to take immediate action upon. Being at the forefront of innovation for the past
GRUB2 Boothole Buffer Overflow Vulnerability (CVE-2020-10713) – Automatically Discover, Prioritize and Remediate Using Qualys VMDR®
On July 29, 2020, Eclypsium researchers disclosed a high-risk vulnerability in GRUB2 (GRand Unified Bootloader version 2) affecting billions of Linux and Windows systems, even when secure boot is enabled. CVE-2020-10713 is assigned to this
Automatically Discover, Prioritize and Remediate Windows DNS Vulnerability (CVE-2020-1350) Using Qualys VMDR®
On July 14, 2020, Microsoft issued a new security advisory on Microsoft Windows Patch Day – addressing CVE-2020-1350, also known as SigRed – a remote code execution vulnerability in Windows Domain Name System (DNS) servers. The security issue
F5 BIG-IP Remote Code Execution Vulnerability (CVE-2020-5902)
F5 Networks recently released updates for the critical RCE vulnerability (CVE-2020-5902) that affects its BIG-IP products. The vulnerability that has been actively exploited in the wild allows attackers to read files, execute code or takeLoad More