USA Media Coverage
|
Snowden Case: How Low-Level Insider Could Steal from NSAEdward Snowden's ability to extract sensitive data from the NSA, working as a low-level contract consultant, comes as no surprise to the security community. Read more Jun 12, 2013 |
|---|---|
|
QualysGuard Private Cloud Platform on VCE Vblock SystemsThe fully virtualized QualysGuard software stack now comes pre-installed, pre-configured and pre-qualified on the VCE Vblock System as a fully integrated turnkey solution. Read more Jun 11, 2013 |
|
|
QualysGuard Express Lite ReleasedQualys announced QualysGuard Express Lite, a small business version of the company’s suite of integrated security and compliance solutions. Read more Jun 10, 2013 |
|
|
Automating Vendor Risk Management and Certification ProcessesQualys announced customizable questionnaires in its QualysGuard Cloud Platform and suite of integrated solutions for security and compliance. Read more Jun 10, 2013 |
Don’t Let a Disaster Leave Your Data Out in the ColdNow – while things are calm — make sure your data isn’t left to the mercy of the forces of nature. Read more Jun 10, 2013 |
|
Microsoft’s June 2013 Patch Tuesday Updates DetailedMicrosoft announced earlier today that it would release a total of five security bulletins part of this month’s Patch Tuesday cycle to patch vulnerabilities in Windows, Internet Explorer, and Office. Read more Jun 7, 2013 |
|
|
Google's New Disclosure Policy: Helpful, or Who Cares?Google shakes up the InfoSec world with a new seven-day disclosure policy. But do top security researchers think it's a good idea? Read more May 31, 2013 |
|
Google Zero-Day Disclosure Change Slammed, PraisedGoogle admits the seven-day timeline is too short for some vendors to patch, but hopes it will push companies to advise customers sooner Read more May 31, 2013 |
|
7 Things You Can Do to Make Internet Explorer More SecureHow well Internet Explorer—or any Web browser, for that matter—protects against attacks and malware greatly depends on whether you keep it up to date and have the right security settings. Read more May 31, 2013 |
|
Ruby on Rails Under AttackPatched vulnerability being exploited in the wild after many developers don't bother to patch Read more May 30, 2013 |
|
Twitter Login Verification Goes Two-FactorTwitter's two-factor system is not an application or token-based approach, but instead is strictly tied to a user's mobile phone via SMS. Read more May 24, 2013 |
Using DNS Logs as a Security Information SourceDNS log analysis is a worthwhile effort for any security team interested in detecting malicious activity. Read more May 23, 2013 |
|
|
|
Google Upgrades Encryption In Its SSL CertificatesRSA 2048-bit encryption for all Google SSL certs, root certificate Read more May 23, 2013 |
Will Twitter's Two-Factor Login Make Tweeting Safer?New login verification feature debuts but experts debate on whether it will actually make a real difference or not. Read more May 23, 2013 |
|
|
|
Mapping Compliance Proof To Risk-Based ControlsRisk-based security decisions usually yield more secure environments, but some harmonization with regulations needs to be done to prove compliance Read more May 17, 2013 |
|
|
Experts Ding DHS Vulnerability Sharing Plan as Too LimitedWithout universally availability, plan could miss smaller businesses hackers could use as an entry point to critical infrastructure companies Read more May 17, 2013 |
|
All Aboard the Patch Wagon! Next Stop: Microsoft, Adobe, MozillaCome on, those security bugs won't fix themselves Read more May 15, 2013 |
|
Microsoft Takes Care of IE Zero Day with Patch Tuesday UpdateIt’s Patch Tuesday again, and Microsoft has plenty to keep IT admins and users busy this month. Read more May 14, 2013 |
Microsoft Delivers Patch Updates for Windows Server 2012, Windows 8Microsoft issued eight important and two critical bulletins this week that address flaws across Windows Server and Microsoft Office apps. Read more May 14, 2013 |
|
|
|
Microsoft Fixes 33 VulnerabilitiesToday for Patch Tuesday, Microsoft and Adobe are both coming out with critical fixes for a number of widely installed and attacked programs. Read more May 14, 2013 |
|
|
Fixes For Microsoft, Adobe Zero Days Out For Patch TuesdayBusy patch cycle awaits administrator this month Read more May 10, 2013 |
|
|
Enjoy the Weekend, Sysadmins: Next Tues Fixes 33 Microsoft BugsIncluding IE8 remote code execution hole that pwned US nuke lab Read more May 10, 2013 |
|
|
Microsoft to Release 10 BulletinsMicrosoft has published its Advance Notification, giving us insight into what to expect next Tuesday. Read more May 10, 2013 |
|
Video interview: Web browsers responsible for majority of malware infectionsEleanor Dallaway, editor of Infosecurity magazine, sits down with Qualys’ Wolfgang Kandek at the recent Infosecurity Europe conference in London to discuss the information security threat landscape. Read more May 9, 2013 |
|
Microsoft Patch Tuesday To Include Critical Internet Explorer FixMicrosoft said it would issue critical bulletins impacting Microsoft Windows and Internet Explorer next week as part of its May Patch Tuesday round of updates. Read more May 9, 2013 |
|
|
Microsoft Plasters IE8 Hole Abused in Nuke Lab PC MeltdownSecurity stopgap follows shock US boffinry attack Read more May 9, 2013 |
No Joke: The Onion Tells How Syrian Electronic Army Hacked its TwitterPhishing attack, grabbing of Google credentials from employees exposed accounts. Read more May 9, 2013 |
|
8 Successful Entrepreneurs Give Their Younger Selves Lessons They Wish They’d Known ThenExecs and investors from Pandora, IDEO, Andreessen Horowitz, SoundCloud, and Kleiner Perkins, among other masters of disruption, share the wisdom they've gathered on the way to the top. Read more May 9, 2013 |
|
|
Security Pros Cheer Hint of Hands-Off Updates in Windows BlueApp auto-updating fits Microsoft's philosophy that silent patching is smart, say experts Read more May 7, 2013 |
|
|
Security Check List: An Ounce of Prevention is Better than a Pound of CureBasic precautions companies can take to fend off attackers. Read more Apr 30, 2013 |
|
|
Analysis of 5 Million Scans on 53 Million HostsQualys has analyzed QualysGuard Policy Compliance (PC) data from more than five million scans performed by organizations worldwide to help enterprises understand key trends as they plan their compliance strategies. Read more Apr 24, 2013 |
|
|
Qualys and FireMon Enable Real-Time Network Risk VisibilityQualys and FireMon announced the integration of QualysGuard Vulnerability Management (VM) and FireMon Security Manager with Risk Analyzer in FireMon’s upcoming 7.0 release. Read more Apr 22, 2013 |
|
|
Browsers Pose the Greatest Threat to Enterprise, Microsoft ReportsWhile the company is committed to Internet Explorer, it is experimenting with an architecture to replace the browser called Embassies Read more Apr 19, 2013 |
New Java Security Warning System Criticized as ConfusingSecurity analyst Paul Ducklin is not thrilled with the numerous combinations of alerts and warnings that now pop up with Oracle's Java security update. Read more Apr 18, 2013 |
|
Oracle Releases Massive Patch for 43 Java VulnerabilitiesOracle made available for download a critical security update for its Web-based Java programming language on Tuesday. Read more Apr 17, 2013 |
|
|
IT Supply Chain Security Standard Aims to Prevent Counterfeits, TamperingOpen Group's "Open Trusted Technology Provider Standard" backed by Cisco, IBM, NSA, DoD, others Read more Apr 17, 2013 |
|
|
Oracle Addresses 120+ Vulnerabilities in Massive April Patch UpdateOracle has published two critical security updates, along with the Oracle Critical Patch Update (CPU) – all in all fixing 42 and 120+ vulnerabilities, respectively. Read more Apr 17, 2013 |
42 Java Holes Fixed in Oracle PatchOracle released on Tuesday a critical security update for its Web-based Java programming language. Read more Apr 17, 2013 |
|
|
|
Developing Data Classification for Stronger Database SecurityExperts weigh in on tips to instituting effective data classification practices Read more Apr 17, 2013 |
|
Wireless Camera Flaws Allow Remote ExploitationFoscam wireless IP cameras contain multiple vulnerabilities that can be used to steal credentials or hack the devices to launch further attacks, warn researchers from Qualys. Read more Apr 16, 2013 |
|
|
Microsoft Eyes Ditching Browser for Secure Web AppsThe company is developing Embassies, a more secure client-side architecture using Internet addresses for external communications Read more Apr 15, 2013 |
|
|
If you Haven’t Yet, Do Not Install Patch Tuesday’s MS13-036 BulletinOne of the patches pushed out by Microsoft this Patch Tuesday has been withdrawn following reports of problems, including the infamous Blue Screen of Death Read more Apr 15, 2013 |
|
|
Hacks to Turn Your Wireless IP Surveillance Cameras Against YouThousands of wireless IP cameras are vulnerable to remote attacks. At Hack in the Box security conference, researchers showed how to exploit the devices in "To Watch or Be Watched: Turning Your Surveillance Camera Against You" and released a tool to automate attacks. Read more Apr 14, 2013 |
|
Microsoft Yanks Faulty Update from April Patch TuesdayOne of Microsoft's patches released earlier this week may cause the dreaded Blue Screen of Death on some Windows machines. Read more Apr 12, 2013 |
|
Microsoft Fixes Patch Tuesday Security Update After User ComplaintsMicrosoft had to take action to fix the April 9 security update for Windows after users complained about problems. Read more Apr 12, 2013 |
|
|
Microsoft Urges Windows 7 Users to Uninstall ‘Blue Screen of Death’ PatchYanks Tuesday fix after reports of endless reboots hit support forums Read more Apr 12, 2013 |
Another Brand of IP Cameras Vulnerabile to Remote HijackingSecurity researchers from Qualys have sounded the alarm on thousands of wireless IP cameras that could be remotely hijacked Read more Apr 12, 2013 |
|
|
|
Widely Used Wireless IP Cameras Open to Hijacking Over the Internet, Researchers SayThousands of wireless IP cameras connected to the Internet have serious security weaknesses that allow attackers to hijack them and alter their firmware, according to two researchers from security firm Qualys. Read more Apr 11, 2013 |
Critical RDP, Internet Explorer Fixes Included in Patch Tuesday UpdateMicrosoft addressed 13 vulnerabilities dealing with Remote Desktop Protocol, Internet Explorer and more in April's Patch Tuesday update. Read more Apr 9, 2013 |
|
Microsoft’s April Security Update Arrives with ‘Critical’ IE FixThis month's Microsoft security update, released today, features nine bulletins -- two rated "critical" and seven "important." Read more Apr 9, 2013 |
|
|
|
Patch Tuesday Leaves Internet Explorer Zero Day UntouchedIt’s Patch Tuesday time again. Read more Apr 9, 2013 |
|
|
Microsoft's Patch Tuesday Load for April 2013Microsoft releases nine security updates -- two for critical flaws in Internet Explorer and Remote Desktop Client. Read more Apr 9, 2013 |
|
|
Microsoft Patches 13 VulnerabilitiesSummary of April Patch Tuesday from Qualys CTO Wolfgang Kandek Read more Apr 9, 2013 |
Microsoft Says Windows Defender Needs HelpPatch Tuesday includes security fixes for 'critical' holes in IE, Windows Read more Apr 8, 2013 |
|
|
|
Microsoft Readies 9 Security Bulletins for Patch TuesdayApr 5, 2013 |
|
|
Microsoft to Slap 9 Patches on Windows Junkies on TuesdayNurse, prep the critical IE update and Windows Defender fix Read more Apr 5, 2013 |
|
|
BrowserCheck Business EditionBrowserCheck Business Edition is the easiest way to ensure browsers and plug-ins within your organization are up-to-date with the latest security patches Read more Mar 29, 2013 |
|
|
Microsoft Quietly Patches First Modern App for Windows 8, RT'Talk about bare bones,' says one security professional of the scanty information Microsoft offers Read more Mar 29, 2013 |
|
|
Too Scared to ScanFear of business disruption and downtime often leaves enterprises hesitant to scan the critical applications that hackers are most likely to target in their quest for exploitable vulnerabilities Read more Mar 27, 2013 |
RSA: 10 Security Companies to WatchThis year's RSA Security Conference 2013 is already in the rearview mirror, and I've set about collecting my thoughts on which vendors at RSA had the most interesting products or services to announce at the show. Read more Mar 25, 2013 |
|
|
|
Who Owns Application Security, Patching In Your Business?Too many organizations lack a formal security plan, leaving applications vulnerable to exploits, warns SANS Institute. Read more Mar 22, 2013 |
|
|
BrowserCheckHack attacks exploiting vulnerabilities in browsers or browser plug-ins are on the rise. A free scan with BrowserCheck will verify that your browser is fully patched against known exploits. Read more Mar 21, 2013 |
|
|
Security-Bug Rating System Gets a MakeoverThe Common Vulnerability Scoring System will be moving to its third iteration next year, aiming to make the rankings more objective and add more ratings to increase accuracy Read more Mar 19, 2013 |
|
How To Quarantine Java Like The Disease That It's BecomeA new best practice for corporate IT: Build a highly controlled quarantine, seal Java inside, and then purge it from the rest of your network like a disease. Read more Mar 18, 2013 |
|
|
10 Web Threats that could Harm your BusinessEasily overlooked vulnerabilities can put your data and business at risk Read more Mar 15, 2013 |
|
|
Security Pros Pan and Praise Microsoft’s Plans on Updating Modern Apps in Windows 8, RTExperts like the on-the-fly updating of apps, but the alerts ... not so much Read more Mar 14, 2013 |
|
|
Researchers: Java’s Security Problems Unlikely to be Resolved SoonSince the start of the year, hackers have been exploiting vulnerabilities in Java to carry out a string of attacks against companies Read more Mar 14, 2013 |
March 2013 Patch Tuesday Brings Internet Explorer8, ‘Evil Maid’ FixesAdmins will focus their attention to workstations, as Microsoft patched nine Internet Explorer vulnerabilities and three USB driver vulnerabilities in this month's Patch Tuesday update. Read more Mar 13, 2013 |
|
|
|
Microsoft Released Four Critical BulletinsIn terms of volume, the March Patch Tuesday is about average. In technical terms though we are seeing some interesting vulnerabilities that definitely rate higher-than-average. Read more Mar 12, 2013 |
|
|
Microsoft Reverses IE10’s Flash Blocking in Windows 8, RTBrowser now shows Flash by default, leverages edge over iOS, say analysts Read more Mar 12, 2013 |
Critical IE, Windows Kernel Flaws PatchedFor the second month in a row, Microsoft has released a cumulative update for Internet Explorer, patching a number of critical remote code execution vulnerabilities in the browser. Read more Mar 12, 2013 |
|
|
|
Scary Flaw Makes Your USB Ports a Major Security RiskSecurity experts are particularly concerned about a flaw rated as merely "important" that exposes your Windows PCs to major risk. Read more Mar 12, 2013 |
|
|
Microsoft Patch Tues Misses Pwn2own FlawsMicrosoft fixes "evil maid" flaw but lets others that have been publicly demonstrated remain for now. Read more Mar 12, 2013 |
|
|
Microsoft to Release Seven Bulletins Next WeekQualys CTO Wolfgang Kandek previews next week's Patch Tuesday Read more Mar 8, 2013 |
|
|
Microsoft Preps UPDATE ALL THE THINGS Security Patch BatchLatest turn of the Hamster Wheel of Pain Read more Mar 8, 2013 |
|
|
Java Security Woes to Stay With Businesses For A Long TimeOracle released an emergency patch to fix two flaws in Java 7 and Java 6 on Monday, but five new vulnerabilities were identified the same day Read more Mar 5, 2013 |
|
|
Open Public Wi-Fi: How To Stay SafeUsing open public Wi-Fi networks is dangerous business; if you're not careful, your communications are open to everyone else on the network. Read more Mar 1, 2013 |
Qualys and Verizon Join Forces to Deliver Cloud-Based IT Security and Compliance SolutionsQualys and Verizon expand their relationship to deliver new advanced cloud-based IT security and compliance management services. Read more Mar 1, 2013 |
|
|
|
Applying Big Data Approaches to Information Security ChallengeData integration and correlation a hard thing to do, say security experts at RSA Conference Read more Feb 28, 2013 |
|
Qualys Beefs Up Security Tool for Amazon Cloud UsersNew QualysGuard connector conducts vulnerability scans of virtual servers in Amazon Cloud. Read more Feb 28, 2013 |
|
RSA Conference: Age of Internet of Things is Upon UsQualys CEO discusses the challenge of hyper-connected devices and the 'internet of things' Read more Feb 27, 2013 |
|
|
New Security Tool Serves Amazon Cloud UsersQualys announced this week that QualysGuard—its cloud-based suite of security and compliance tools—now works with Amazon's popular cloud services. Read more Feb 26, 2013 |
|
Qualys Brings Vulnerability Management to Amazon EC2 and VPCQualys announced powerful new vulnerability management capabilities for Amazon EC2 and VPC customers using a QualysGuard connector leveraging Amazon APIs. Read more Feb 26, 2013 |
|
|
Qualys FreeScan Service Expanded with Vulnerability Scanning and Configuration AuditingQualys has expanded its popular FreeScan service Read more Feb 25, 2013 |
|
|
Hottest Products at RSA Conference 2013Our roundup of new security products on hand at the show. Read more Feb 25, 2013 |
|
|
Qualys Streamlines Vulnerability Scanning of Amazon Cloud InstancesQualys launches Amazon AWS API data connectors for QualysGuard Read more Feb 25, 2013 |
|
|
A New Vision of Security for the Device Tsunami2013 RSA Keynote preview by Qualys CEO Philippe Courtot Read more Feb 25, 2013 |
|
|
Using Dual Protocol for SIEMs EvasionAttackers using IPv4 and IPv6 can avoid detection by IPS, SIEMs, reputation filtering, and more Read more Feb 24, 2013 |
A Famous Angel Explain the Four Biggest Mistakes Startups MakeQualys founder and CEO Philippe Courtot shares his insights on leading companies to multimillion-dollar exits. Read more Feb 24, 2013 |
|
|
|
TraceSecurity ACloud-based IT GRC Solution to SMEs and SMBsTraceCSO delivers comprehensive visibility and accountability for improved risk and compliance profiles Read more Feb 21, 2013 |
|
|
Oracle, Apple Issue Java Security PatchesOracle updates Java 7 and issues the final-ever public update for Java 6, while Apple releases its own Java 6 update for OS X users. Read more Feb 20, 2013 |
|
|
Qualys CEO to Address Security in a Hyperconnected World at RSA Conference 2013Qualys Chairman and CEO Philippe Courtot will examine the evolution of security in a hyperconnected world in his keynote at RSA Conference 2013. Read more Feb 20, 2013 |
|
|
Apple FINALLY Fills Gaping Java Hole that Pwned its Own DevsZero-day vuln also downed Facebook staff and other Mac users Read more Feb 20, 2013 |
|
|
Apple FINALLY Fills Gaping Java Hole that Pwned its Own DevsZero-day vuln also downed Facebook staff and other Mac users Read more Feb 20, 2013 |
|
|
Apple FINALLY Fills Gaping Java Hole that Pwned its Own DevsZero-day vuln also downed Facebook staff and other Mac users Read more Feb 20, 2013 |
|
|
Qualys and iViZ Partner on Cloud-Based Web Application SecurityQualys announced its partnership with iViZ to help companies ensure and validate the security of their web applications and web sites. Read more Feb 14, 2013 |
|
|
Get Up, Shake Off the Hangover: These 57 Microsoft Hole Won’t Fix ThemselvesThis month's fat security Patch Tuesday has landed Read more Feb 13, 2013 |
|
|
Microsoft Patch Tuesday Addresses 57 Security VulnerabilitiesThe most critical of a total of 12 security bulletins impacts Microsoft Internet Explorer and Windows. Other flaws affect Microsoft Exchange Server and .NET framework. Read more Feb 12, 2013 |
Microsoft Releases Massive Patch for 57 VulnerabilitiesFebruary's Microsoft Security Update arrived today with a larger-than-usual 12 bulletins -- five rated "critical" and seven "important." Read more Feb 12, 2013 |
|
|
|
Microsoft Fixes Critical Exchange Server, Internet Explorer FlawsMicrosoft (NSDQ:MSFT) Tuesday addressed a serious graphics zero-day vulnerability and a bevy of critical vulnerabilities in Internet Explorer in its latest round of security patches. Read more Feb 12, 2013 |
|
|
Is SSL Secure?Lucky13 SSL exploit reveals hidden risk in the pervasive security technology. Read more Feb 11, 2013 |
|
|
Every Single Internet Explorer at Risk of Drive-By Hacks Until Patch TuesdayFIFTY-SEVEN gaping holes closed this month Read more Feb 8, 2013 |
|
|
Internet Explorer Flaws Fixed by Microsoft Patch Tuesday UpdatesIE vulnerabilities offered hackers a one-two punch, expert says. Read more Feb 8, 2013 |
Lucky 13 – A New Attack Against SSL/TLSA flaw discovered in the design of the SSL protocol Read more Feb 7, 2013 |
|
|
|
Twitter Resets 250,000 User Passwords. Time for 2-Factor AuthenticationLate Friday Twitter revealed that it had stopped a sophisticated attack against its users -- but not before approximately 250,000 user accounts were compromised. Read more Feb 5, 2013 |
|
|
Researchers Devise New Attack Techniques Against SSLThe new 'Lucky Thirteen' attacks can be used to decrypt SSL/TLS and DTLS data if certain conditions are met Read more Feb 5, 2013 |
|
The Secret to IT Security is Right in Front of YouThere is a popular notion that buying bigger and more expensive security products will keep companies safe from computer-based attacks. Why, then, if companies are investing billions in security, aren’t attacks actually going down? Read more Feb 4, 2013 |
|
|
Lesson Leaned in Cyberattack on The New York TimesThere is no one technology to combat a sophisticated attack like the one against the media company -- so think layers, say security experts Read more Feb 1, 2013 |
|
|
Privacy Tips for Social Networking, Apps and GeolocationConfiguring and managing the privacy settings for the Internet services that we use. Read more Jan 29, 2013 |
|
|
How to Prevent ‘Zombie Accounts’ from Haunting Your Digital IdentityThere are other zombies that don’t get the attention they deserve—the zombie accounts you have lingering around the Internet. Read more Jan 24, 2013 |
|
|
Oracle Delivers 86 Security FixesOracle has had two major updates in the last 2 days. On Sunday, Jan. 13 a new version of Java 7 was released that addresses the 0-day vulnerability that has been exploited in the wild. Read more Jan 16, 2013 |
|
|
Microsoft Flights Out Emergency Patch for Latest Gaping IE HoleMicrosoft has announced plans to release an out-of-band patch today tackling a critical zero-day hole in Internet Explorer. Read more Jan 14, 2013 |
Out-of-Bank IE Patch Released as More Sites AttackedInternet Explorer users, exposed to a zero-day vulnerability in the browser and a faulty temporary Fix It from Microsoft, finally got some relief today when the company, as promised, released an out-of-band patch. Read more Jan 14, 2013 |
|
|
|
Microsoft Issues Emergency Internet Explorer UpdateMicrosoft (NSDQ:MSFT) has issued a critical security update fixing a serious zero-day vulnerability in Internet Explorer used in a series of attacks targeting the browser. Read more Jan 14, 2013 |
Microsoft to Patch Critical Flaw in Windows 8 During Monthly Patch Tuesday UpdateMicrosoft (Nasdaq: MSFT) is patching a critical flaw in its newly introduced Windows 8 operating system during its monthly Patch Tuesday security update this week. Read more Jan 7, 2013 |
|
|
|
Can SSL Certificate Authority Security be Improved?According to Mozilla, Microsoft and Google, TURKTRUST issued a pair of incorrect subsidiary certificate authorities. The subsidiary CAs then issued illegitimate SSL certificates for *.google.com Read more Jan 7, 2013 |
|
|
Errant Google Domain Traced to CA’s MistakesTurns out the phony Google.com digital certificate that sounded alarms among browser vendors and security experts yesterday came out of a series of missteps by the Turkish certificate authority (CA) and may only have affected users at a Turkish government agency. Read more Jan 4, 2013 |
Patch for IE Zero Day Won't Be Among Microsoft Security Updates Next WeekMicrosoft plans to release a pair of critical bulletins on Tuesday for its first round of 2013 monthly security updates, but still has no announcement regarding a patch for the zero day vulnerability and exploit in Internet Explorer reported over the Christmas holiday. Read more Jan 3, 2013 |
