Search

See Resources

USA Media Coverage

2016

Mar
OpenSSH Patches Information Leak Flaw

OpenSSH released a patch for a vulnerability that could expose files to theft and manipulation and affects all versions of OpenSSH prior to 7.2p2 with X11Forwarding enabled. The vulnerability was found by Qualys researchers, who said attackers would have to use a malicious server in order to force a client to give up the key.

Cloud Cyber Security: Why it Pays to Work with Your Provider

The information held by cloud providers is encouraging criminals to increasingly develop malware and attack techniques designed to exploit weaknesses in the technology. Qualys CTO Wolfgang Kandek recommends ensuring your cloud security platform is up to date with configuration management and patching.

Adobe Issues Patch for 23 Flash Flaws

Adobe released a critical update for Flash Player that addresses 23 vulnerabilities which was discovered by a researcher at Kaspersky Labs. A successful exploit of one of the vulnerabilities, CVE-2016-1010, gives the attacker Remote Code Execution on the target machine.

Cloud Computing: Security and Evolution

In this podcast from RSA 2016, Qualys CTO Wolfgang Kandek talks about the evolution of the cloud computing architecture, the problems it solves and how we can secure it.

Adobe, Microsoft Push Critical Updates

Microsoft today pushed out 13 security updates to fix at least 39 separate vulnerabilities in its various Windows operating systems and software.

Hacking a connected car is this easy

Since competitive pressures often mean that car makers bring new functionality to their products before they're fully tested, new vulnerabilities are likely to be generated with each new feature.

DROWN Flaw Illustrates Dangers of Intentionally Weak Crypto

The DROWN vulnerability results from export-grade ciphersuites mandated by the US government.

Qualys Delivers Scalable, Cloud-Based Patching

Qualys' new OEM partnership with HEAT Software delivers a cloud-based patch management offering to its global customers.

New Service Helps Organizations Visualize and Prioritize Security Threats BetaNews

Qualys ThreatPROTECT provides customers with an interactive dashboard to help them understand security threats at-a-glance.

Qualys extends Cloud Agent Platform to support Linux and Mac OS

Qualys Cloud Agent Platform, now available on Linux and Mac OS, enables organizations to inventory all their IT assets, get the visibility needed to secure them against cyber attacks on a continuous basis and take action with Qualys’ new patching capabilities.

Qualys Launches Threat Intelligence Solution

Qualys ThreatPROTECT lets customers visualize, prioritize and take action to minimize exposure from vulnerabilities related to the threats that matter most to their environments.

SSL ‘DROWNs’ In Yet Another Serious Security Flaw

A recently discovered OpenSSL security hole enables SSL v2, long deprecated, to be used to attack modern web sites. The attack, dubbed DROWN, is estimated to be able to kill off at least one-third of all HTTPS servers.

HTTPS DROWN flaw: Security bods' hearts sink as tatty protocols wash away web crypto

The discovery of a HTTPS encryption vulnerability, dubbed DROWN, again proves that supporting tired old protocols weakens modern crypto systems.

Jan
Oracle Unleashes 248 Security Updates in First Patch Release of 2016

Wolfgang Kandek, chief technical officer at security firm Qualys, warned that it is more important than ever for organisations to be aware of the applications they run and to keep all software up to date.

Oracle Releases Record Number of Security Patches

Oracle released its first quarterly Critical Patch Update of 2016. The update consists of 248 updates and provides fixes for E-business suite, Java SE and Database Server, and includes a number of critical updates to reduce the risk of attack.

Adobe, Microsoft Push Reader, Windows Fixes

Microsoft and Adobe releases patches for Patch Tuesday January 2016, and Microsoft announced the retirement of several versions of Internet Explorer.

Microsoft Silverlight patch might be a Hacking Team zero day

A Microsoft Silverlight patch becomes more important as researchers claim it may be a Hacking Team zero day that has been known for years.

Evil OpenSSH servers can steal your private login keys to other systems – patch now

Malicious OpenSSH servers can silently steal people's private SSH keys as they try to login, it emerged today, according to analysis released by Qualys.

Bug that can leak crypto keys just fixed in widely used OpenSSH

A critical bug that can leak secret cryptographic keys has just just been fixed in OpenSSH, one of the more widely used implementations of the secure shell (SSH) protocol.

Top Survival Tips For IE End-Of-Life

If an immediate upgrade to the latest version is not an option for all your machines running Internet Explorer, here's how to mitigate your risk.

How Will ITSM Play its Part Fighting the IT Security Threat?

How threats of terrorism have changed the IT landscape making IT security no longer just a business integrity issue, but also a political issue.

Contact sales or call us at +1 800 745 4355 or try our Global Contacts
Subscription Packages
Qualys Solutions
Qualys Community
Company
Free Trial & Tools
Popular Topics