Category: Qualys
Ease Your Cybersecurity Maturity Model Certification Journey With Qualys
The Cybersecurity Maturity Model Certification (CMMC) is a cybersecurity training, certification, and assessment program from the United States Department of Defense (DoD). CMMC is designed to provide increased assurance to […]QSC 2022: That’s a Wrap!
Over the years, the threat landscape has exploded, and bad actors have become increasingly sophisticated, making the demand for cloud security platforms – that save security teams time and increase […]OpenSSL Vulnerability Recap
Last week a CRITICAL vulnerability in OpenSSL was pre-announced to give organizations a head start in coming up with a playbook for how to address the highest severity OpenSSL vulnerability […]Qualys Research Alert: Prepare for a Critical Vulnerability in OpenSSL 3.0
On Tuesday, November 1, 2022, the OpenSSL project will release a new version of OpenSSL version 3.0.7 that will patch an as-yet-undisclosed vulnerability in current versions of OpenSSL. OpenSSL rates […]CISA BOD 23-01: Meeting and Exceeding CISA Requirements with Qualys
The latest Binding Operational Directive from the Cybersecurity and Infrastructure Security Agency (CISA) BOD 23-01 requires agencies to implement an essential cybersecurity practice within the next 6 months. While this […]In-Depth Look Into Data-Driven Science Behind Qualys TruRisk
Vulnerability Management is a foundational component of any cybersecurity program for the implementation of appropriate security controls and the management of cyber risk. Earlier this year Qualys introduced the latest […]WhatsApp Fixed Critical Vulnerabilities that Could Let an Attacker Hack Devices Remotely – Automatically Discover and Remediate Using VMDR Mobile
WhatsApp has recently fixed critical and high-severity vulnerabilities affecting WhatsApp for Android, WhatsApp Business for Android, WhatsApp for iOS, and WhatsApp Business for iOS. Exploiting these vulnerabilities would be the […]Why Organizations Struggle with Patch Management (and What to Do about It)
The cybersecurity attack surface continues to grow exponentially. Modern technologies are being deployed on-premises and in the cloud as part of digital transformation journeys. Meanwhile, the current practice of identifying, […]September 2022 Patch Tuesday | Microsoft Releases 63 Vulnerabilities with 5 Critical, plus 16 Microsoft Edge (Chromium-Based); Adobe Releases 7 Advisories, 63 Vulnerabilities with 35 Critical.
Microsoft has fixed 63 vulnerabilities (aka flaws) in the September 2022 update, including five (5) vulnerabilities classified as Critical as they allow Remote Code Execution (RCE). This month’s Patch Tuesday fixes […]Let Smart Automation Reduce the Risk of Zero-Day Attacks on Third-Party Applications
Last week, Google released yet another zero-day patch for its Chrome browser to fix a high-severity flaw that was already being exploited. That vulnerability (CVE-2022-3075) is the sixth actively exploited […]Load More