UK Media Coverage

Thinking Continuous – A New Mindset for SCADA Security

SCADA systems are ever more open to security threats – Qualys director of engineering, Amol Sarwate, explains how to mitigate the risks. Read more

Sep 25, 2015

UK businesses warned of growing cyber risk

Today enterprises across the country are being urged to protect themselves by taking up the government's Cyber Essentials scheme. The article includes comments from Qualys CTO Wolfgang Kandek. Read more

Sep 22, 2015

Microsoft Patch Tuesday Fixes Edge Browser, Again

Microsoft delivers a wide range of fixes to a number of its products, in its Patch Tuesday update for September. Read more

Sep 9, 2015

How valuable intellectual property is being targeted by cyber criminals

Amol Sarwate of Qualys comments on asset management and securing intellectual property from cybercriminals on page 21. Read more

Sep 1, 2015

Microsoft forced to release out-of-band patch to fix IE

Qualys CTO Wolfgang Kandek comments on the Internet Explorer vulnerability that could allow hackers to take control of victims' PCs and what enterprises should do. Read more

Aug 19, 2015

Microsoft releases 'critical' out-of-band security fix for Internet Explorer

Learn more about the critical security fix Microsoft has released for IE. Read more

Aug 19, 2015

Microsoft issues an out-of-band patch for Internet Explorer

"Patch as quickly as possible," says Qualys CTO Wolfgang Kandek. Read more

Aug 19, 2015

Microsoft rushes patch as IE bug goes wild

Qualys discusses the vulnerability that "is actively being exploited in the wild", and urges users to patch their machines to defend themselves against infection. Read more

Aug 19, 2015

Is Industry 4.0 safe – or will it prove to be a hacker's delight?

Amol Sarwate, Qualys Director of Engineering, comments on how security is becoming a huge worry for the industry IoT. Read more

Aug 14, 2015

Half of Patch Tuesday bulletins cover Windows 10

Qualys CTO Wolfgang Kandek warns users of critical vulnerabilities in Microsoft Office. Read more

Aug 12, 2015

Patch Tuesday Tackles Windows 10 Fixes

Qualys CTO Wolfgang Kandek discusses the Windows 10 fixes in Patch Tuesday as well as the new browser, Microsoft Edge. Read more

Aug 12, 2015

How To Look Inside A Cloud

Forbes contributor Adrian Bridgwater discusses the tools via which we can start to look inside cloud computing ‘instances’ and assess their contents, health and performance. Read more

Aug 6, 2015

What is the 'shadow' Internet of Things – and how dangerous is it?

Are IoT devices threatening corporate networks? BYOD has been a threat to corporate IT networks for years, but the dependence of employees on tablets using the likes of Dropbox – and the general circumventing of IT rules and regs – is just the start. Read more

Jul 30, 2015

Don’t Panic: Latest OpenSSL Flaw Not a Heartbleed-Sized Bug

“Other than that, there’s certainly lots of server-type tools that might use OpenSSL for client operations. For them, this vulnerability is potentially significant, but attackers would need to exploit them on a case-by-case basis,” argued Qualys director of security engineering, Ivan Ristic. Read more

Jul 10, 2015

OpenSSL bug serious – but no Heartbleed, say experts

OpenSSL certificate verification flaw lets attackers impersonate cryptography-protected websites, email servers and virtual private networks (VPNs) Read more

Jul 10, 2015

High-severity OpenSSL vulnerability patched

According to Ivan Ristic, director of engineering at Qualys because the problem was identified very early on, the effect has been negligible. “It's a very serious issue,” he said, “but it doesn't affect a large number of users.” Read more

Jul 10, 2015

Amazon launches open source TLS implementation "s2n"

Ivan Ristic, director of engineering at Qualys, told that because TLS has to operate in many environments it has “many extensions that change how it operates but don't necessarily increase security”. Read more

Jul 2, 2015

A Critical Threat

Amol Sarwate, director of vulnerability labs at Qualys, advises implementing proper access control, making sure that necessary patching processes are in place and followed, and says that removing debug services “will help minimise risk." Read more

Jul 1, 2015

Samsung denies disabling Windows Update on its laptop models

Samsung has refuted claims that it put users at risk from hacking by disabling Windows Update on its laptops. Read more

Jun 26, 2015

Top 3 security priorities for CIOs in 2015

How CIOs should prioritise their efforts around security, from budgeting and managing delivery of service through to working with the rest of the business. Read more

Jun 23, 2015

Microsoft Respite for Admins: Just Eight Security Bulletins this Month

“The attacker needs to trick the target into opening a malicious file with Word or any other Office tool and can then take control of the target’s computer,” said Qualys CTO, Wolfgang Kandek in a blog post. Read more

Jun 10, 2015

Where are you on the five levels of TLS maturity?

TLS-based vulnerabilities like Heartbleed have caused widespread panic - but Ivan Ristic, who maintains the SSL Labs research centre for TLS and PKI at Qualys, thinks that companies can get a good grasp on their TLS security with a simple five point assessment model. Read more

Jun 8, 2015

Putting DevOps at the heart of the business – can security keep up?

Qualys CISO Jonathan Trull discusses why DevOps should be part of a wider IT operations strategy. Read more

May 29, 2015

LogJam: Latest internet vulnerability putting your confidential information at risk

First there was Heartbleed, then Poodle, Shellshock, and Freak, and now we have LogJam - the latest vulnerability to be uncovered which is threatening our online security. Read more

May 21, 2015

VENOM virtual vuln proves less poisonous than first feared

Some experts, such as Wolfgang Kandek, CTO at cloud security services firm Qualys, are inclined to disagree with Wardle’s assessment on how easy it might be to patch VENOM – if not on the severity of the bug. Read more

May 14, 2015

Does the bite live up to the hype? 10 insights into the Venom vulnerability

Wolfgang Kandek, CTO for Qualys offers his thoughts on the Venom vulnerability. Read more

May 14, 2015

Microsoft patches 30 bugs with 13 bulletins on Patch Tuesday

“It is safe to say that [attackers'] favourite attack vectors include Internet Explorer, native Windows vulnerabilities and Adobe Flash, which all receive monthly updates publishing upwards of 20 CVEs per month,” he wrote. Read more

May 13, 2015

Microsoft fixes 46 flaws in Windows, IE, Office, other products

"Patch quickly, in less than two weeks if you can," Kandek said. Read more

May 13, 2015

Microsoft fixes 46 flaws in Windows, IE, Office, other products

The priority for administrators should be MS15-043 which fixes 22 vulnerabilities in Internet Explorer, of which 14 are rated critical, said Wolfgang Kandek, the CTO of security firm Qualy. Read more

May 13, 2015

Windows 10: No More Monthly Patches

"Windows 10 follows the path first taken by the smartphone sector where iPhones, versions of Android and Windows Phones pioneered getting updates delivered to users as soon as they become available," says Wolfgang Kandek, CTO of security firm Qualys. Read more

May 6, 2015

Credit card style e-voting system could beat electoral fraud

Apprehensions exist over the potential for individuals' own computers to be hacked and compromised before, during and possibly after the voting process. Read more

May 4, 2015

Qualys's new virtual patch technology buys time in battle against zero days

If you can't wait for that critical patch to secure your system from some just-discovered bug, IT security firm Qualys may have an answer, through new security software that can secure the trouble spot until the patch arrives. Read more

Apr 22, 2015

Metrics for Upping Cyber Defences

Jonathan Trull, CISO at Qualys recommends the following tech metrics for the CISO. Read more

Apr 21, 2015

New cloud agent brings enterprises greater security and asset control

A new Cloud Agent Platform (CAP) from cloud security specialist Qualys provides organizations with a flexible solution to assess the security and compliance of their IT assets in real time, whether they're on-site, cloud-based or mobile endpoints. Read more

Apr 21, 2015

Patch Tuesday Delivers Critical Repairs To Office, Windows

Microsoft releases large security update, reflecting the growing volume of patches from all vendors in 2015. Read more

Apr 16, 2015

Microsoft release four critical patches in update

Wolfgang Kandek shares thoughts on critical vulnerabilities for April Patch Tuesday. Read more

Apr 15, 2015

Microsoft release four critical patches in batch of 11 on Update Tuesday

Read more

Apr 15, 2015

Microsoft Patch Tuesday: More headaches for IT departments

Microsoft's latest round of patches covers Internet Explorer, Windows, Office and other Microsoft products. Read more

Apr 15, 2015

NHS regional health board adopts proactive approach to data security

Spotlight on how NHS Dumfries & Galloway leverage Qualys to safeguard patient data. Read more

Mar 27, 2015

Over 700,000 home routers threaten enterprise security

Cisco researcher warns of flaws in devices ISPs give to customers. Read more

Mar 25, 2015

NHS Dumfries and Galloway spotted Heartbleed bug using Qualys cloud scanning

Case study on how NHS Dumfries and Galloway leverages Qualys. Read more

Mar 19, 2015

Microsoft Patch Tuesday Resolves FREAK Flaw

No more FREAKY business. Microsoft rushes out fix for legacy encryption flaw in Patch Tuesday update. Read more

Mar 12, 2015

FREAK, IE and Stuxnet patches delivered by Microsoft

Wolfgang Kandek, Qualys CTO weighs in on March Patch Tuesday. Read more

Mar 11, 2015

Don't let inaction come back to haunt you: patch the GHOST vulnerability now

Wolfgang Kandek offers insights into lessons learned from the GHOST vulnerability and why organizations should take immediate action to patch their Linux systems. Read more

Mar 11, 2015

Microsoft fixes FREAK vulnerability in Patch Tuesday update

Microsoft has issued critical patches for Windows, Internet Explorer and Office. Read more

Mar 10, 2015

Goodbye to Oracle? Minecraft now comes with its own Java

Wolfgang Kandek comments on Minecraft creators offering a ‘standalone’ version of Java with its loader as part of a new approach that should limit the effects of the software’s infamous insecurity on tens of millions of desktop gamers. Read more

Mar 9, 2015

Heartbleed still prevalent year after discovery

The Heartbleed bug is still prevalent among appliances and devices that rely on SSL despite almost a year passing since it was discovered, according to data collected by the security vendor Qualys. Read more

Mar 4, 2015

BMC and Qualys join forces to improve enterprise security

Integrated solution combines BMC BladeLogic and Qualys Vulnerability Management to quickly identify and remediate threats and boost collaboration between Security and IT Operations teams. Read more

Feb 26, 2015

BMC and Qualys partner to combine technologies

BMC and Qualys have launched a solution to tie vulnerability information to automated remediation actions. Read more

Feb 26, 2015

5 lessons to be learned from the Gemalto NSA/GCHQ hack

Wolfgang Kandek, CTO, Qualys, says: "CISOs can use attacks, such as the one on Gemalto, for the positive purpose of internal security planning and review. The question becomes: How would my organisation fare against such an attack? Read more

Feb 23, 2015

What is good ‘cyber hygiene’ and how do you achieve it?

Qualys CISO Jonathan Trull discusses how organizations can practice good cyber hygiene. Read more

Feb 17, 2015

Microsoft fixes Project Zero disclosures in latest Patch Tuesday release

Speaking about the vulnerabilities in Flash, Wolfgang Kandek, chief technical officer at Qualys, said: "February Patch Tuesday 2015 comes after a quite turbulent month for information security professionals. Read more

Feb 11, 2015

4 highlights from Adobe & Microsoft's Patch Tuesday

Another month has passed and Patch Tuesday is once again upon us, with both Microsoft and Adobe having recently released important patches for their product ranges. Read more

Feb 11, 2015

Patch Tuesday sees Microsoft focus on Internet Explorer updates

Microsoft's monthly Patch Tuesday brought 41 fixes for memory vulnerabilities in its Internet Explorer browser. Desktop and server editions of Windows and Office also got fixes. Read more

Feb 11, 2015

Microsoft fixes bugs exploited to hack military and financial firms

Microsoft’s February 2015 security update includes fixes for a bug exploited by attackers targeting US defence and financial services firms and a vulnerability affecting core components of Windows. Read more

Feb 11, 2015

Bug-Ridden Internet Explorer Back with a Bang … and 41 Flaws

This month’s Patch Tuesday round from Microsoft features nine bulletins fixing 56 vulnerabilities including a mammoth 41 flaws in Internet Explorer. Read more

Feb 11, 2015

Home alone with hackers: how to shift the goalposts

For too long hackers have been a step ahead of organisations and the security industry at large. Can continuous security change that? Read more

Feb 5, 2015

GHOST bug haunts Linux users

Researchers of Cloud Security firm Qualys have discovered vulnerability in Linux GNU C Library (glibc) library which can be manipulated to gain remote access of the attacked system. Read more

Jan 29, 2015

Ghostbusting in the 'critically' vulnerable Linux machine

Whose afraid of GHOSTs? Disagreement over potential risks of new Linux vulnerability, but layered defence is recommended. Read more

Jan 29, 2015

Linux 'Ghost' vulnerability uncovered

Security researchers at Qualys have discovered a Linux vulnerability, naming it 'Ghost'. Read more

Jan 29, 2015

Severe Linux GHOST Flaw Spooks Out Computer Users

The vulnerability, discovered by Qualys, a provider of cloud security and compliance solution, is in the Linux GNU C Library (glibc) and is known as GHOST (CVE-2015-0235), because it can be triggered by the gethostbyname functions. Read more

Jan 28, 2015

'Ghost' vulnerability poses high risk to Linux distributions

The flaw in the GNU C Library can be exploited remotely for full control, according to Qualys. Read more

Jan 28, 2015

Ghost in the Linux machine hits Debian, Red Hat and Ubuntu

The buffer overflow-type vulnerability was discovered by Qualys and has been classified as CVE-2015-0235. The researchers have nicknamed it Ghost as it can be triggered by GetHOST functions. Read more

Jan 28, 2015

I ain't afraid of no GHOST – securo-bods

Security researchers at cloud security firm Qualys found a critical vulnerability in Linux, specifically the GNU C Library (glib). The vulnerability – nicknamed “GHOST” – allows attackers to remotely hack into vulnerable systems without any passwords or administrator credentials. Read more

Jan 28, 2015

Linux flaw leaves web infrastructure vulnerable

A security flaw in the open source operating system Linux is allowing hackers to run malicious code on the machines which power the internet, email and other critical online services. Read more

Jan 28, 2015

Most Linux systems affected by critical vulnerability

The vulnerability could be considered as critical as Heartbleed and Shellshock because it could allow hackers to exploit it in order to execute malicious code on servers and remotely gain control of Linux machines. Read more

Jan 28, 2015

Admins Urged to Patch Linux Now as 'Ghost' Bug Emerges

Qualys CTO Wolfgang Kandek claimed in a blog post that the firm “has worked closely with Linux distribution vendors and patches are available” as of Tuesday. Read more

Jan 28, 2015

Ghost Linux bug haunting Red Hat and Ubuntu systems

An exploitable bug, codenamed Ghost, that affects numerous Linux systems has been discovered by researchers at Qualys. Read more

Jan 28, 2015

BOO! Grave remote-code exec flaw in GNU C Library haunts Linux

Security researchers have uncovered a critical bug in the GNU C Library (glibc), a key component of Linux and some other operating systems, which could render countless machines vulnerable to remote code execution attacks. Read more

Jan 27, 2015

How can I make my PC completely secure?

Use Qualys BrowserCheck or a similar website to check that all your browser plug-ins are up to date. Read more

Jan 15, 2015

Microsoft Patches Zero-Day Windows Flaws Disclosed by Google

Qualys’ Kandek noted that the Telnet vulnerability shows that even old software can still harbor new bugs. Read more

Jan 14, 2015

Microsoft release one critical patch on first “no advance notification” Tuesday

Microsoft released nine patches last night, with one rated as critical. Read more

Jan 14, 2015

Google and Microsoft fail to patch up security row

Decision to publish details of non-critical flaw in Windows 8.1 before release of fix prompts angry response from Microsoft Read more

Jan 14, 2015

Microsoft Ends Free Public Advance Security Notification Service

Qualys CTO Wolfgang Kandek discusses the new changes with Microsoft's ANS program and why there is value in that IT administrators can read about specifics, exploits and priorities. Read more

Jan 12, 2015

Microsoft's Patch Tuesday preview will no longer be made public

CTO Wolfgang Kandek comments that the security industry should continue to move in the direction of more information and explanation to help organizations better working to quickly manage vulnerabilities Read more

Jan 12, 2015

Microsoft to abandon patch advance notifications

Qualys CTO Wolfgang Kandek said that he always thought that customers were interested in the information contained in ANS, but we will see how that works out. Read more

Jan 9, 2015

Microsoft ends free Patch Tuesday security notices

Wolfgang Kandek, chief technology officer of Qualys, also spoke up in defence of the ANS information. “I have always thought that our customers were interested in the information contained in ANS, but we will see how that works out,” he said. Read more

Jan 9, 2015

Microsoft drops Patch Tuesday free advance notice of fixes

From now on if you want to see what patches Microsoft is going to issue on Patch Tuesday you'll have to pay for it. Read more

Jan 9, 2015

Online Banking with the Most Secure Endpoint Device

Qualys CTO Wolfgang Kandek discusses online banking security and how organizations can secure different endpoint devices. Read more

Jan 7, 2015

Qualys Solutions
Qualys Community
Free Trial & Tools
Free Trial

Nothing to install!

1 (800) 745 4355