UK Media Coverage
The Views of the Industry on the Intel Acquisition of McAfee
Yesterday's huge announcement that Intel is to purchase McAfee for $7.7 billion was one of the biggest stories in this industry this year.
20/08/2010
Intel's Acquisition of McAfee - Did the Chip Giant Pay Too Much?
The IT security world has been buzzing about Intel's plan to acquire veteran IT security vendor McAfee in a $7.68bn deal.
20/08/2010
Adobe Releases Security Patches
Adobe releases out-of-band security update for its Reader and Acrobat products.
20/08/2010
Adobe Plugs Critical Security Holes
As promised, Adobe has fixed a number of vulnerabilities affecting its Reader and Acrobat software, along with some Flash issues.
20/08/2010
SSL Labs: Researching the Technology that Protects the Internet
In this video recorded at Black Hat USA 2010, Ivan Ristic talks about SSL Labs, a non-commercial research effort and collection of documents and tools related to SSL.
16/08/2010
Patch Tuesday Packs in Solutions to 34 Serious Microsoft Flaws
Yesterday's Patch Tuesday update from Microsoft was a packed one
11/08/2010
Patch Tuesday Puts Serious Pressure on Admins
Security experts warn that firms need to think carefully about what order they patch in
11/08/2010
What Does OS Say About Your Business
Despite Microsoft ending support of Windows XP, it is still one of the most commonly used operating systems.
09/08/2010
Microsoft Plans Bumper Patch Tuesday Security Update
Microsoft is to patch 34 vulnerabilities in 14 security bulletins, equaling the record set in October 2009 and June 2010.
09/08/2010
Microsoft Releases Security Updates
Microsoft announced that it will release 14 security updates for its operating system Windows.
08/08/2010
Microsoft Setting Record with Next Patch Tuesday
Microsoft is delivering 14 security updates next week.
06/08/2010
Microsoft Slates Record-Setting Monster Patch Tuesday Next Week
Microsoft today said it will deliver a record 14 security updates next week to patch a record-tying 34 vulnerabilities in Windows, Internet Explorer (IE), Office and Silverlight.
05/08/2010
Microsoft Sticks to Patching Policy, No Patch for XP SP2 Critical Flaw
Microsoft: No security update for XP SP2
04/08/2010
BlindElephant Leads the Way in Fingerprinting Web Applications
New open source tool from Qualys attempts to discover the version information of a range of popular web applications
02/08/2010
Qualys Launches Open Source Application Detection Solution at Black Hat
Qualys has announced the launch of an open source web application fingerprinting engine that identifies application and plug-in versions via static files.
29/07/2010
CSA Launches Security Certification for Cloud Computing
The Cloud Security Alliance (CSA) has unveiled the industry's first user certification programme for secure cloud computing.
29/07/2010
Black Hat 2010: Open Source Tool Finds Web Applications
Security firm Qualys has launched an open source, web-application fingerprinting engine to identify application and plug-in versions.
29/07/2010
Qualys Releases Open Source Web Application Fingerprinting
Qualys has released open source web application fingerprinting engine BlindElephant, which identifies application and plugin versions via static files.
28/07/2010
Qualys Unveils Browser Plug-in Checker
Qualys has launched a new tool that checks web browsers for security issues and helps users fix any problems.
20/07/2010
Free Firefox and IE Browser Security Check
ualys has released a free tool to help internet users protect their web browsers from hacking attacks.
19/07/2010
Qualys Launches Free Web Browser/Plug-in Security Checking Service
Cloud security specialist Qualys has launched an interactive and online web browser checking service.
19/07/2010
Sluggish Corporates Ill-Prepared for Death of Win XP SP2 Support
Expect attackable vulns to accumulate, warn security researchers
14/07/2010
Microsoft's July Patch Tuesday to Fix Zero-Day Vulnerabilities
Microsoft's monthly Patch Tuesday security update due for release on 13 July is small with only four bulletins.
13/07/2010
Microsoft Issues Last Security Patch for Windows XP SP2
Microsoft's upcoming 'Patch Tuesday' security update will contain a security patch for the Windows Help and Support Center vulnerability that was publicly disclosed by Google security researcher Tavis Ormandy.
09/07/2010
Analysing the Brave New Cloud World
By 2013, cloud services will be dominant, especially in SMEs. Best to start preparing for the future, says Andrew Donoghue.
29/06/2010
Microsoft Patching Tamed by Qualys Tool
Qualys has added a new reporting feature to its vulnerability management service that helps IT staff work out which Microsoft patches to apply and in what order.
22/06/2010
Qualys Rolls Out New Reporting Feature for Patch Management
Qualys has launched a new reporting feature in QualysGuard Vulnerability Management to help customers identify and implement patches to eliminate vulnerabilities in their IT environments.
21/06/2010
Qualys Adds Patching Report to Ensure Networks Remain Vulnerability Free
Qualys has added software that scans for vulnerabilities on a network and issues a report on what patches need to be applied.
21/06/2010
Qualys Patch Report Boosts Patch Management
Qualys has enhanced its QualysGuard Vulnerability Management product with additional capabilities designed to help customers efficiently remediate vulnerabilities by quickly implementing patches.
21/06/2010
Qualys Tool Eases Microsoft Patching
Qualys has added a new reporting feature to its vulnerability management service that helps IT staff work out which Microsoft patches to apply and in what order.
22/06/2010
New Vulnerability in Windows Revealed
An independent security researcher has published exploit code for a zero-day vulnerability in Windows XP and Windows 2003.
10/06/2010
New Zero-Day Vulnerability in Microsoft Windows XP and 2003 Discovered
Microsoft has warned of a new zero-day vulnerability for Windows XP/2003, just two days after its monthly Patch Tuesday.
10/06/2010
Zero-Day Flaw Hits Windows XP and 2003
A Google security engineer has identified a zero-day flaw affecting Windows XP, 2003 and possibly other Windows systems.
10/06/2010
Gartner Encourages Businesses to Start to Look to the End of Windows XP
Organisations should be planning and testing Windows 7 this year with a view to moving off Windows XP by the end of 2012.
07/06/2010
June Microsoft Patch Tuesday Will Keep Systems Admins Busy, Says Qualys
Qualys CTO discusses how the June release is a large update that will keep system administrators busy, even if they have migrated to Windows 7 already.
04/06/2010
Ten Bulletins with Six Critical Issues Set to Be Covered by Microsoft in Next Week's Patch Tuesday
Microsoft is to cover 34 vulnerabilities in ten bulletins for next week's Patch Tuesday, with six critical issues covered.
04/06/2010
Windows XP, the Operating System That Just Won't Die
Windows XP is in its death throes, or at least that is how Microsoft would like the world to see the matter, and who would blame them.
02/06/2010
Social Networking Threat Over-Hyped, Say Security Chiefs
Social networking is the most over-hyped security threat around, according to a recent poll of chief security officers.
18/05/2010
Leading CSOs Agree That Social Networking is an 'Overhyped Threat'
A meeting of 30 CSOs at last week's bi-annual CSO Interchange event in London offered practical insights on cloud security, data classification, social networking, data privacy, access control and the changing roles of IT professionals.
17/05/2010
Win XP SP2 Support to Cease in Two Months
Overtime looms for developers and sys admins alike in the run-up to Microsoft's plans to stop supporting Windows XP SP2 and Windows 2000 from 13 July.
14/05/2010
Qualys Wins the European SC Magazine Award for Best SME Security Solution
"QualysGuard Express brings us the simplicity of deployment and use while providing a continuous, very comprehensive and accurate assessment of our security and compliance posture," said Barrie Ainsworth, head of IT for Kiddicare. "Furthermore as Qualys continues to deliver additional services to its platform, we are seeing that QualysGuard is a very good longterm investment."
04/05/2010
Survey Reveals that Consumers Put Responsibility on Web Site Owners to Prevent Malware Infections
Survey Also Underscores Importance of Government Intervention to Fight Cybercrime and Devise Regulations on ISPs and Online Providers
27/04/2010
Qualys Presents Free Malware Detection Service and GO SECURE Security Seal at Infosecurity Europe
At Infosecurity Europe, Qualys®, Inc., the leading provider of on demand IT security risk and compliance management solutions, is presenting for the first time in Europe its new free service, QualysGuard® Malware Detection, that proactively scans web sites for malware infections and threats and Qualys GO SECURE, a new service that allows businesses of all sizes to test their web sites for the presence of malware, network and web application vulnerabilities, as well as SSL certificate validation.
27/04/2010
VeriSign enlists allies for ID security in the cloud
VeriSign has joined forces with several other security companies to build online identity verification products for cloud computing.
It will collaborate with Qualys, TriCipher, Ping Identity, and Conformity to combine technologies and best practices, the infrastructure security company announced on Wednesday.
22/04/2010
VeriSign Collaborates With Industry Leaders to Bring Trust to the Cloud
Vulnerability and Compliance Management. It is essential that cloud-based offerings meet enterprise requirements for managing users, applications and business processes. With IT security and compliance automation solutions from Qualys, SaaS providers can identify and mitigate risks before they pose a threat to enterprise data, applications and networks.
22/04/2010
Microsoft fixes critical drive-by media handling flaws
The flaws enable a savvy attacker to trick the verification system and impersonate a legitimate signature signed by Adobe Systems Inc. or other software vendors, said Wolfgang Kandek, chief technology officer of Redwood Shores, Calif.-based vulnerability management vendor Qualys Inc.
19/04/2010
Microsoft issues 11 security patches, five critical
IT administrators with a good inventory of their installed IT base will have an easier time evaluating which machines need patches, said Wolfgang Kandek, chief technology officer at security firm Qualys.
14/04/2010
Major patch updates from Microsoft, Adobe and Oracle leave IT administrators with a lot to cover in April
Wolfgang Kandek, CTO at Qualys, also commented that the amount of patches was a ‘big release for Microsoft, addressing a wide selection of software'. He said: “IT administrators probably will not have all of the included software packages and configurations installed in their environment and therefore will need to install only a subset of the 11 bulletins.”
14/04/2010
Microsoft, Oracle, Adobe patch nearly 100 security vulnerabilities
A busy day for IT administrators
Qualys CTO Wolfgang Kandek noted in his blog post "Microsoft's patch release for April contains 11 bulletins covering 25 vulnerabilities. The bulletins address a wide array of operating systems and software packages, IT administrators with a good inventory of their installed base will have an easier time to evaluating which machines need patches."
14/04/2010
One in 10 Systems Still Vulnerable to Conficker
Ten percent of Windows computers still have not been patched for the Conficker worm, according to new research from security vendor Qualys.
12/04/2010
Does Web 2.0 Need Web Security 2.0?
Qualys Security Research Engineer Michael Shema discusses security practices for the Web 2.0 world
09/04/2010
Adobe to Address Critical Security Issues in Adobe Reader and Acrobat Next Week
Qualys CTO advises administrators to pay attention to security fixes from Adobe
09/04/2010
Microsoft Emergency Patch Addresses IE Vulnerabilities, Zero-Day
Qualys CTO recommends customers apply the latest patch immediately
05/04/2010
Microsoft Releases Eight Bug Fixes and Warns of IE Zero-Day Vulnerability
Qualys CTO suggests IT administrators make the patch for MS Excel a priority
10/03/2010
Microsoft Readies March Patch Tuesday Fixes
Qualys CTO advises companies to install patches in order of criticality.
05/03/2010
Qualys crawls into the malware scanning biz
Friendly robots provide drive-by download alerts
02/03/2010
Qualys offers free malware detection suite
Also releases security certification product. SaaS security firm Qualys has unveiled two new malware detection products that can scan websites to determine if they are hosting malicious code.
01/03/2010
Qualys to launch malware detection and website scanning with approval seal this week
Qualys will introduce a scanning service and seal of approval along with malware detection at this week's RSA Conference.
01/03/2010
Video: Time to embrace (and prepare for) the shift to the Cloud
In this interview Philippe Courtot, founder and CEO of on-demand IT security risk and compliance management company Qualys, discusses the emergence of the cloud as a disruptive, but positive technology.
11/02/2010
Windows, PowerPoint to be target of hack attacks
Despite massive Microsoft patch, bugs will be exploited soon, warns security researcher.
"Everyone is going to have [DirectShow]," said Amol Sarwate, manager of Qualys Inc.'s vulnerabilities research lab. All attackers have to do is convince users to visit malicious Web sites hosting malformed .avi-formatted movie files, he continued.
10/02/2010
Microsoft releases first heavy batch of bulletins on the second Patch Tuesday of 2010
Wolfgang Kandek, CTO of Qualys, agreed that MS10-006 and 013 were highest on its list for application, while 007 and 008 should be taken seriously. Focussing on patch MS10-012, Kandek said: “This is a bulletin for SMB that server administrators should focus on. It allows a malicious, unauthenticated party to launch a remote denial-of-service attack. In addition remote authenticated clients can execute code using another flaw addressed in the bulletin.”
10/02/2010
Bumper Patch Tuesday tackles multiple Windows flaws
Wolfgang Kandek, CTO of security scanning firm Qualys, explained that Windows 7 and Windows 2008 R2 are less affected by the vulnerabilities because of "rewrites of the TCP/IP stack and the URI handling in Windows 7 and 2008/R2", which improved the implementation of these core OS technologies. Kandek also outlined patching priorities.
10/02/2010
Priorities for administrators in Microsoft Patch Tuesday security update
"Overall highest on our list for patching are MS10-006 SMB client and MS10-013 DirectShow, which affect all versions of Windows and have a low exploitability index," said Wolfgang Kandek, chief technology officer at security firm Qualys.
10/02/2010
Industry welcomes the Microsoft out-of-band patch for Internet Explorer
Wolfgang Kandek, CTO of Qualys, said: “By the time of public disclosure of the attacks against Google and others, the fix was in essence ready and tested. It was slated for release in the February patch bulletin. Microsoft had to decide whether an out-of-band release of the patch was warranted or whether to bundle it into the February release as originally planned.
22/01/2010
IE 0-day Update - Richie Lai - Director of Vulnerability Research, Qualys
Internally we do not think of the IE 0-day that was released last week isn't something that is new or unique. Every couple of months a new exploit for a critical vulnerability is discovered in the browser space and all major browsers see their share...
20/01/2010
Microsoft announces plans to release out-of-band patch to cover heavily publicised zero-day vulnerability
Richie Lai, director of vulnerability research for Qualys, said: "Internally we do not think of the IE zero-day that was released last week isn't something that is new or unique. Every couple of months a new exploit for a critical vulnerability is discovered in the browser space and all major browsers see their share. What is new is that the affected organizations are coming forward with information on the attacks - a positive trend that we encourage and hope will continue.
20/01/2010
One patch from Microsoft, more from Adobe and Oracle
"The majority of the [Oracle] vulnerabilities are remotely exploitable without authentication and IT admins should be taking a close look at the exposure these products have in their networks," Qualys chief technology officer Wolfgang Kandek said in a statement.
15/01/2010
Does Web 2.0 need Web Security 2.0?
Web 2.0, the second wave of web development and design, is thriving, and so too are applications that take advantage of this technology. Interactive sites like LinkedIn, Twitter and even company websites are becoming ever more popular, and yet, many IT departments are unprepared for the associated new and emerging threats.
14/01/2010
Microsoft Starts 2010 Slowly – A Single Bulletin Containing One Vulnerability
Microsoft starts 2010 slowly – a single bulletin containing one vulnerability in the embedded OpenType Font (EOT) engine.
13/01/2010
PDF files and Adobe Reader should be security priority for 2010, says Qualys
The frequency and severity of security flaws in Adobe's Reader software make it a top priority for IT security managers in 2010, says security firm Qualys.
09/01/2010
Adobe Reader: The New Frontier For Cyberattacks
Next Tuesday, Jan. 12, is Microsoft Patch Tuesday. Beyond the usual patches from Microsoft, we will also get a critical update for a piece of software that increasingly plays a role in exploiting desktop systems – the Adobe Reader from Adobe Systems.
08/01/2010
EuroCloud aims at local SaaS know-how
EuroCloud, a SaaS and cloud services business community has been founded, led by Pierre-José Billotte, President and Founder of the French ASP Forum.1. Security SaaS provider Webroot has joined, as have companies in Europe and in the US, including Amazon Web Services, Qualys, salesforce.com, and SuccessFactors, it says.
07/01/2010
