UK Media Coverage
Qualys crawls into the malware scanning biz
Friendly robots provide drive-by download alerts
02/03/2010
Qualys offers free malware detection suite
Also releases security certification product. SaaS security firm Qualys has unveiled two new malware detection products that can scan websites to determine if they are hosting malicious code.
01/03/2010
Qualys to launch malware detection and website scanning with approval seal this week
Qualys will introduce a scanning service and seal of approval along with malware detection at this week's RSA Conference.
01/03/2010
Video: Time to embrace (and prepare for) the shift to the Cloud
In this interview Philippe Courtot, founder and CEO of on-demand IT security risk and compliance management company Qualys, discusses the emergence of the cloud as a disruptive, but positive technology.
11/02/2010
Windows, PowerPoint to be target of hack attacks
Despite massive Microsoft patch, bugs will be exploited soon, warns security researcher.
"Everyone is going to have [DirectShow]," said Amol Sarwate, manager of Qualys Inc.'s vulnerabilities research lab. All attackers have to do is convince users to visit malicious Web sites hosting malformed .avi-formatted movie files, he continued.
10/02/2010
Microsoft releases first heavy batch of bulletins on the second Patch Tuesday of 2010
Wolfgang Kandek, CTO of Qualys, agreed that MS10-006 and 013 were highest on its list for application, while 007 and 008 should be taken seriously. Focussing on patch MS10-012, Kandek said: “This is a bulletin for SMB that server administrators should focus on. It allows a malicious, unauthenticated party to launch a remote denial-of-service attack. In addition remote authenticated clients can execute code using another flaw addressed in the bulletin.”
10/02/2010
Bumper Patch Tuesday tackles multiple Windows flaws
Wolfgang Kandek, CTO of security scanning firm Qualys, explained that Windows 7 and Windows 2008 R2 are less affected by the vulnerabilities because of "rewrites of the TCP/IP stack and the URI handling in Windows 7 and 2008/R2", which improved the implementation of these core OS technologies. Kandek also outlined patching priorities.
10/02/2010
Priorities for administrators in Microsoft Patch Tuesday security update
"Overall highest on our list for patching are MS10-006 SMB client and MS10-013 DirectShow, which affect all versions of Windows and have a low exploitability index," said Wolfgang Kandek, chief technology officer at security firm Qualys.
10/02/2010
Industry welcomes the Microsoft out-of-band patch for Internet Explorer
Wolfgang Kandek, CTO of Qualys, said: “By the time of public disclosure of the attacks against Google and others, the fix was in essence ready and tested. It was slated for release in the February patch bulletin. Microsoft had to decide whether an out-of-band release of the patch was warranted or whether to bundle it into the February release as originally planned.
22/01/2010
IE 0-day Update - Richie Lai - Director of Vulnerability Research, Qualys
Internally we do not think of the IE 0-day that was released last week isn't something that is new or unique. Every couple of months a new exploit for a critical vulnerability is discovered in the browser space and all major browsers see their share...
20/01/2010
Microsoft announces plans to release out-of-band patch to cover heavily publicised zero-day vulnerability
Richie Lai, director of vulnerability research for Qualys, said: "Internally we do not think of the IE zero-day that was released last week isn't something that is new or unique. Every couple of months a new exploit for a critical vulnerability is discovered in the browser space and all major browsers see their share. What is new is that the affected organizations are coming forward with information on the attacks - a positive trend that we encourage and hope will continue.
20/01/2010
One patch from Microsoft, more from Adobe and Oracle
"The majority of the [Oracle] vulnerabilities are remotely exploitable without authentication and IT admins should be taking a close look at the exposure these products have in their networks," Qualys chief technology officer Wolfgang Kandek said in a statement.
15/01/2010
Does Web 2.0 need Web Security 2.0?
Web 2.0, the second wave of web development and design, is thriving, and so too are applications that take advantage of this technology. Interactive sites like LinkedIn, Twitter and even company websites are becoming ever more popular, and yet, many IT departments are unprepared for the associated new and emerging threats.
14/01/2010
Microsoft Starts 2010 Slowly – A Single Bulletin Containing One Vulnerability
Microsoft starts 2010 slowly – a single bulletin containing one vulnerability in the embedded OpenType Font (EOT) engine.
13/01/2010
PDF files and Adobe Reader should be security priority for 2010, says Qualys
The frequency and severity of security flaws in Adobe's Reader software make it a top priority for IT security managers in 2010, says security firm Qualys.
09/01/2010
Adobe Reader: The New Frontier For Cyberattacks
Next Tuesday, Jan. 12, is Microsoft Patch Tuesday. Beyond the usual patches from Microsoft, we will also get a critical update for a piece of software that increasingly plays a role in exploiting desktop systems – the Adobe Reader from Adobe Systems.
08/01/2010
EuroCloud aims at local SaaS know-how
EuroCloud, a SaaS and cloud services business community has been founded, led by Pierre-José Billotte, President and Founder of the French ASP Forum.1. Security SaaS provider Webroot has joined, as have companies in Europe and in the US, including Amazon Web Services, Qualys, salesforce.com, and SuccessFactors, it says.
07/01/2010
