Category: Qualys
EDR Is Dead. Long Live Multi-Vector EDR.
News of EDR’s demise has been greatly exaggerated. Fact is: older approaches to EDR have to move over. There’s a new solution now: Multi-Vector EDR. This blog reviews the highlights […]Implications of Windows Subsystem for Linux for Adversaries & Defenders (Part 1)
This post is the first of a multi-part blog series that will explore and highlight the different risks that Windows Subsystem for Linux (WSL) poses to an enterprise IT environment. […]Infographic: Log4Shell Vulnerability Impact by the Numbers
The full scope of risk presented by the Log4Shell vulnerability is something unprecedented, spanning every type of organization across every industry. Hard to find but easy to exploit, Log4Shell immediately […]Casdoor SQL Injection (CVE-2022-24124)
On Jan 22, 2022, a high severity SQL Injection vulnerability was reported in Casdoor which affected versions before 1.13.1 release. The vulnerability is tracked as CVE-2022-24124 with CVSS V3 7.5 […]AvosLocker Ransomware Behavior Examined on Windows & Linux
AvosLocker is a ransomware group that was identified in 2021, specifically targeting Windows machines. Now a new variant of AvosLocker malware is also targeting Linux environments. In this blog, we […]Russia-Ukraine Crisis: How to Strengthen Your Security Posture to Protect against Cyber Attack, based on CISA Guidelines
CISA has created Shields-Up as a response to the Russian invasion of Ukraine. Qualys is responding with additional security, monitoring and governance measures. This blog details how and what our […]Oh Snap! More Lemmings: Local Privilege Escalation Vulnerability Discovered in snap-confine (CVE-2021-44731)
The Qualys Research Team has discovered multiple vulnerabilities in the snap-confine function on Linux operating systems, the most important of which can be exploited to escalate privilege to gain root […]Microsoft & Adobe Patch Tuesday (February 2022) – Microsoft 70 Vulnerabilities with 0 Critical; Adobe 17 Vulnerabilities with 5 Critical
Microsoft Patch Tuesday – February 2022 Microsoft addresses 70 vulnerabilities in their February 2022 Patch Tuesday release. While none of the vulnerabilities in this month’s Microsoft release cycle have been […]Managing CISA Known Exploited Vulnerabilities with Qualys VMDR
CISA recently released a directive recommending urgent and prioritized remediation of actively exploited vulnerabilities. Both government agencies and corporations should heed this advice. This blog outlines how Qualys Vulnerability Management,Simplifying Cloud Asset Identification in a Multi-Cloud Environment
Enterprises struggle to get an accurate asset inventory in multi-cloud or hybrid cloud environments. Qualys enhances the metadata for cloud assets while simplifying the collection process. This blog explains how […]Load More