UK Media Coverage

The Views of the Industry on the Intel Acquisition of McAfee

Yesterday's huge announcement that Intel is to purchase McAfee for $7.7 billion was one of the biggest stories in this industry this year.

20/08/2010

Intel's Acquisition of McAfee - Did the Chip Giant Pay Too Much?

The IT security world has been buzzing about Intel's plan to acquire veteran IT security vendor McAfee in a $7.68bn deal.

20/08/2010

Adobe Releases Security Patches

Adobe releases out-of-band security update for its Reader and Acrobat products.

20/08/2010

Adobe Plugs Critical Security Holes

As promised, Adobe has fixed a number of vulnerabilities affecting its Reader and Acrobat software, along with some Flash issues.

20/08/2010

SSL Labs: Researching the Technology that Protects the Internet

In this video recorded at Black Hat USA 2010, Ivan Ristic talks about SSL Labs, a non-commercial research effort and collection of documents and tools related to SSL.

16/08/2010

Patch Tuesday Packs in Solutions to 34 Serious Microsoft Flaws

Yesterday's Patch Tuesday update from Microsoft was a packed one

11/08/2010

Patch Tuesday Puts Serious Pressure on Admins

Security experts warn that firms need to think carefully about what order they patch in

11/08/2010

What Does OS Say About Your Business

Despite Microsoft ending support of Windows XP, it is still one of the most commonly used operating systems.

09/08/2010

Microsoft Plans Bumper Patch Tuesday Security Update

Microsoft is to patch 34 vulnerabilities in 14 security bulletins, equaling the record set in October 2009 and June 2010.

09/08/2010

Microsoft Releases Security Updates

Microsoft announced that it will release 14 security updates for its operating system Windows.

08/08/2010

Microsoft Setting Record with Next Patch Tuesday

Microsoft is delivering 14 security updates next week.

06/08/2010

Microsoft Slates Record-Setting Monster Patch Tuesday Next Week

Microsoft today said it will deliver a record 14 security updates next week to patch a record-tying 34 vulnerabilities in Windows, Internet Explorer (IE), Office and Silverlight.

05/08/2010

Microsoft Sticks to Patching Policy, No Patch for XP SP2 Critical Flaw

Microsoft: No security update for XP SP2

04/08/2010

BlindElephant Leads the Way in Fingerprinting Web Applications

New open source tool from Qualys attempts to discover the version information of a range of popular web applications

02/08/2010

Qualys Launches Open Source Application Detection Solution at Black Hat

Qualys has announced the launch of an open source web application fingerprinting engine that identifies application and plug-in versions via static files.

29/07/2010

CSA Launches Security Certification for Cloud Computing

The Cloud Security Alliance (CSA) has unveiled the industry's first user certification programme for secure cloud computing.

29/07/2010

Black Hat 2010: Open Source Tool Finds Web Applications

Security firm Qualys has launched an open source, web-application fingerprinting engine to identify application and plug-in versions.

29/07/2010

Qualys Releases Open Source Web Application Fingerprinting

Qualys has released open source web application fingerprinting engine BlindElephant, which identifies application and plugin versions via static files.

28/07/2010

Qualys Unveils Browser Plug-in Checker

Qualys has launched a new tool that checks web browsers for security issues and helps users fix any problems.

20/07/2010

Free Firefox and IE Browser Security Check

ualys has released a free tool to help internet users protect their web browsers from hacking attacks.

19/07/2010

Qualys Launches Free Web Browser/Plug-in Security Checking Service

Cloud security specialist Qualys has launched an interactive and online web browser checking service.

19/07/2010

Sluggish Corporates Ill-Prepared for Death of Win XP SP2 Support

Expect attackable vulns to accumulate, warn security researchers

14/07/2010

Microsoft's July Patch Tuesday to Fix Zero-Day Vulnerabilities

Microsoft's monthly Patch Tuesday security update due for release on 13 July is small with only four bulletins.

13/07/2010

Microsoft Issues Last Security Patch for Windows XP SP2

Microsoft's upcoming 'Patch Tuesday' security update will contain a security patch for the Windows Help and Support Center vulnerability that was publicly disclosed by Google security researcher Tavis Ormandy.

09/07/2010

Analysing the Brave New Cloud World

By 2013, cloud services will be dominant, especially in SMEs. Best to start preparing for the future, says Andrew Donoghue.

29/06/2010

Microsoft Patching Tamed by Qualys Tool

Qualys has added a new reporting feature to its vulnerability management service that helps IT staff work out which Microsoft patches to apply and in what order.

22/06/2010

Qualys Rolls Out New Reporting Feature for Patch Management

Qualys has launched a new reporting feature in QualysGuard Vulnerability Management to help customers identify and implement patches to eliminate vulnerabilities in their IT environments.

21/06/2010

Qualys Adds Patching Report to Ensure Networks Remain Vulnerability Free

Qualys has added software that scans for vulnerabilities on a network and issues a report on what patches need to be applied.

21/06/2010

Qualys Patch Report Boosts Patch Management

Qualys has enhanced its QualysGuard Vulnerability Management product with additional capabilities designed to help customers efficiently remediate vulnerabilities by quickly implementing patches.

21/06/2010

Qualys Tool Eases Microsoft Patching

Qualys has added a new reporting feature to its vulnerability management service that helps IT staff work out which Microsoft patches to apply and in what order.

22/06/2010

New Vulnerability in Windows Revealed

An independent security researcher has published exploit code for a zero-day vulnerability in Windows XP and Windows 2003.

10/06/2010

New Zero-Day Vulnerability in Microsoft Windows XP and 2003 Discovered

Microsoft has warned of a new zero-day vulnerability for Windows XP/2003, just two days after its monthly Patch Tuesday.

10/06/2010

Zero-Day Flaw Hits Windows XP and 2003

A Google security engineer has identified a zero-day flaw affecting Windows XP, 2003 and possibly other Windows systems.

10/06/2010

Gartner Encourages Businesses to Start to Look to the End of Windows XP

Organisations should be planning and testing Windows 7 this year with a view to moving off Windows XP by the end of 2012.

07/06/2010

June Microsoft Patch Tuesday Will Keep Systems Admins Busy, Says Qualys

Qualys CTO discusses how the June release is a large update that will keep system administrators busy, even if they have migrated to Windows 7 already.

04/06/2010

Ten Bulletins with Six Critical Issues Set to Be Covered by Microsoft in Next Week's Patch Tuesday

Microsoft is to cover 34 vulnerabilities in ten bulletins for next week's Patch Tuesday, with six critical issues covered.

04/06/2010

Windows XP, the Operating System That Just Won't Die

Windows XP is in its death throes, or at least that is how Microsoft would like the world to see the matter, and who would blame them.

02/06/2010

Social Networking Threat Over-Hyped, Say Security Chiefs

Social networking is the most over-hyped security threat around, according to a recent poll of chief security officers.

18/05/2010

Leading CSOs Agree That Social Networking is an 'Overhyped Threat'

A meeting of 30 CSOs at last week's bi-annual CSO Interchange event in London offered practical insights on cloud security, data classification, social networking, data privacy, access control and the changing roles of IT professionals.

17/05/2010

Win XP SP2 Support to Cease in Two Months

Overtime looms for developers and sys admins alike in the run-up to Microsoft's plans to stop supporting Windows XP SP2 and Windows 2000 from 13 July.

14/05/2010

Qualys Wins the European SC Magazine Award for Best SME Security Solution

"QualysGuard Express brings us the simplicity of deployment and use while providing a continuous, very comprehensive and accurate assessment of our security and compliance posture," said Barrie Ainsworth, head of IT for Kiddicare. "Furthermore as Qualys continues to deliver additional services to its platform, we are seeing that QualysGuard is a very good longterm investment."

04/05/2010

Survey Reveals that Consumers Put Responsibility on Web Site Owners to Prevent Malware Infections

Survey Also Underscores Importance of Government Intervention to Fight Cybercrime and Devise Regulations on ISPs and Online Providers

27/04/2010

Qualys Presents Free Malware Detection Service and GO SECURE Security Seal at Infosecurity Europe

At Infosecurity Europe, Qualys®, Inc., the leading provider of on demand IT security risk and compliance management solutions, is presenting for the first time in Europe its new free service, QualysGuard® Malware Detection, that proactively scans web sites for malware infections and threats and Qualys GO SECURE, a new service that allows businesses of all sizes to test their web sites for the presence of malware, network and web application vulnerabilities, as well as SSL certificate validation.

27/04/2010

VeriSign enlists allies for ID security in the cloud

VeriSign has joined forces with several other security companies to build online identity verification products for cloud computing.
It will collaborate with Qualys, TriCipher, Ping Identity, and Conformity to combine technologies and best practices, the infrastructure security company announced on Wednesday.

22/04/2010

VeriSign Collaborates With Industry Leaders to Bring Trust to the Cloud

Vulnerability and Compliance Management. It is essential that cloud-based offerings meet enterprise requirements for managing users, applications and business processes. With IT security and compliance automation solutions from Qualys, SaaS providers can identify and mitigate risks before they pose a threat to enterprise data, applications and networks.

22/04/2010

Microsoft fixes critical drive-by media handling flaws

The flaws enable a savvy attacker to trick the verification system and impersonate a legitimate signature signed by Adobe Systems Inc. or other software vendors, said Wolfgang Kandek, chief technology officer of Redwood Shores, Calif.-based vulnerability management vendor Qualys Inc.

19/04/2010

Microsoft issues 11 security patches, five critical

IT administrators with a good inventory of their installed IT base will have an easier time evaluating which machines need patches, said Wolfgang Kandek, chief technology officer at security firm Qualys.

14/04/2010

Major patch updates from Microsoft, Adobe and Oracle leave IT administrators with a lot to cover in April

Wolfgang Kandek, CTO at Qualys, also commented that the amount of patches was a ‘big release for Microsoft, addressing a wide selection of software'. He said: “IT administrators probably will not have all of the included software packages and configurations installed in their environment and therefore will need to install only a subset of the 11 bulletins.”

14/04/2010

Microsoft, Oracle, Adobe patch nearly 100 security vulnerabilities

A busy day for IT administrators
Qualys CTO Wolfgang Kandek noted in his blog post "Microsoft's patch release for April contains 11 bulletins covering 25 vulnerabilities. The bulletins address a wide array of operating systems and software packages, IT administrators with a good inventory of their installed base will have an easier time to evaluating which machines need patches."

14/04/2010

One in 10 Systems Still Vulnerable to Conficker

Ten percent of Windows computers still have not been patched for the Conficker worm, according to new research from security vendor Qualys.

12/04/2010

Does Web 2.0 Need Web Security 2.0?

Qualys Security Research Engineer Michael Shema discusses security practices for the Web 2.0 world

09/04/2010

Adobe to Address Critical Security Issues in Adobe Reader and Acrobat Next Week

Qualys CTO advises administrators to pay attention to security fixes from Adobe

09/04/2010

Microsoft Emergency Patch Addresses IE Vulnerabilities, Zero-Day

Qualys CTO recommends customers apply the latest patch immediately

05/04/2010

Microsoft Releases Eight Bug Fixes and Warns of IE Zero-Day Vulnerability

Qualys CTO suggests IT administrators make the patch for MS Excel a priority

10/03/2010

Microsoft Readies March Patch Tuesday Fixes

Qualys CTO advises companies to install patches in order of criticality.

05/03/2010

Qualys crawls into the malware scanning biz

Friendly robots provide drive-by download alerts

02/03/2010

Qualys offers free malware detection suite

Also releases security certification product. SaaS security firm Qualys has unveiled two new malware detection products that can scan websites to determine if they are hosting malicious code.

01/03/2010

Qualys to launch malware detection and website scanning with approval seal this week

Qualys will introduce a scanning service and seal of approval along with malware detection at this week's RSA Conference.

01/03/2010

Websites offered free anti-hijack scans

Qualys service roots out bad code.

01/03/2010

Video: Time to embrace (and prepare for) the shift to the Cloud

In this interview Philippe Courtot, founder and CEO of on-demand IT security risk and compliance management company Qualys, discusses the emergence of the cloud as a disruptive, but positive technology.

11/02/2010

Windows, PowerPoint to be target of hack attacks

Despite massive Microsoft patch, bugs will be exploited soon, warns security researcher.
"Everyone is going to have [DirectShow]," said Amol Sarwate, manager of Qualys Inc.'s vulnerabilities research lab. All attackers have to do is convince users to visit malicious Web sites hosting malformed .avi-formatted movie files, he continued.

10/02/2010

Microsoft releases first heavy batch of bulletins on the second Patch Tuesday of 2010

Wolfgang Kandek, CTO of Qualys, agreed that MS10-006 and 013 were highest on its list for application, while 007 and 008 should be taken seriously. Focussing on patch MS10-012, Kandek said: “This is a bulletin for SMB that server administrators should focus on. It allows a malicious, unauthenticated party to launch a remote denial-of-service attack. In addition remote authenticated clients can execute code using another flaw addressed in the bulletin.”

10/02/2010

Bumper Patch Tuesday tackles multiple Windows flaws

Wolfgang Kandek, CTO of security scanning firm Qualys, explained that Windows 7 and Windows 2008 R2 are less affected by the vulnerabilities because of "rewrites of the TCP/IP stack and the URI handling in Windows 7 and 2008/R2", which improved the implementation of these core OS technologies. Kandek also outlined patching priorities.

10/02/2010

Priorities for administrators in Microsoft Patch Tuesday security update

"Overall highest on our list for patching are MS10-006 SMB client and MS10-013 DirectShow, which affect all versions of Windows and have a low exploitability index," said Wolfgang Kandek, chief technology officer at security firm Qualys.

10/02/2010

Industry welcomes the Microsoft out-of-band patch for Internet Explorer

Wolfgang Kandek, CTO of Qualys, said: “By the time of public disclosure of the attacks against Google and others, the fix was in essence ready and tested. It was slated for release in the February patch bulletin. Microsoft had to decide whether an out-of-band release of the patch was warranted or whether to bundle it into the February release as originally planned.

22/01/2010

IE 0-day Update - Richie Lai - Director of Vulnerability Research, Qualys

Internally we do not think of the IE 0-day that was released last week isn't something that is new or unique. Every couple of months a new exploit for a critical vulnerability is discovered in the browser space and all major browsers see their share...

20/01/2010

Microsoft announces plans to release out-of-band patch to cover heavily publicised zero-day vulnerability

Richie Lai, director of vulnerability research for Qualys, said: "Internally we do not think of the IE zero-day that was released last week isn't something that is new or unique. Every couple of months a new exploit for a critical vulnerability is discovered in the browser space and all major browsers see their share. What is new is that the affected organizations are coming forward with information on the attacks - a positive trend that we encourage and hope will continue.

20/01/2010

One patch from Microsoft, more from Adobe and Oracle

"The majority of the [Oracle] vulnerabilities are remotely exploitable without authentication and IT admins should be taking a close look at the exposure these products have in their networks," Qualys chief technology officer Wolfgang Kandek said in a statement.

15/01/2010

Does Web 2.0 need Web Security 2.0?

Web 2.0, the second wave of web development and design, is thriving, and so too are applications that take advantage of this technology. Interactive sites like LinkedIn, Twitter and even company websites are becoming ever more popular, and yet, many IT departments are unprepared for the associated new and emerging threats.

14/01/2010

Critical Adobe updates overshadow MS Patch Tuesda

PDF peril finally plugged

13/01/2010

Microsoft Starts 2010 Slowly – A Single Bulletin Containing One Vulnerability

Microsoft starts 2010 slowly – a single bulletin containing one vulnerability in the embedded OpenType Font (EOT) engine.

13/01/2010

PDF files and Adobe Reader should be security priority for 2010, says Qualys

The frequency and severity of security flaws in Adobe's Reader software make it a top priority for IT security managers in 2010, says security firm Qualys.

09/01/2010

Adobe Reader: The New Frontier For Cyberattacks

Next Tuesday, Jan. 12, is Microsoft Patch Tuesday. Beyond the usual patches from Microsoft, we will also get a critical update for a piece of software that increasingly plays a role in exploiting desktop systems – the Adobe Reader from Adobe Systems.

08/01/2010

EuroCloud aims at local SaaS know-how

EuroCloud, a SaaS and cloud services business community has been founded, led by Pierre-José Billotte, President and Founder of the French ASP Forum.1. Security SaaS provider Webroot has joined, as have companies in Europe and in the US, including Amazon Web Services, Qualys, salesforce.com, and SuccessFactors, it says.

07/01/2010