Qualys Technology Archives

NSA Announces Sandworm Actors Exploiting Exim MTA Vulnerability (CVE-2019-10149)

Animesh Jain | May 29, 2020 | Qualys Technology, The Laws of Vulnerabilities

The Exim MTA vulnerability, initially reported by Qualys in May 2019, is currently being exploited in the wild. Recently, the US National Security Agency (NSA) announced that Sandworm actors (Russian hacker group) ...

The Laws of Vulnerabilities – Qualys Blog

Secure Remote Endpoints from Vulnerabilities in Video Conferencing & Productivity Applications like Zoom

Shailesh Athalye | April 6, 2020 | asset inventory, configuration, patch management, Qualys Technology, Remote Endpoint Protection, remote endpoints, securityhygiene, The Laws of Vulnerabilities, Vulnerability Management, Zoom

With millions working, learning and collaborating remotely due to COVID-19 challenges, there’s an explosion of remote endpoints running Zoom and other collaboration and productivity applications such as Outlook, Teams, Webex, Slack, Office ...

The Laws of Vulnerabilities – Qualys Blog

Identifying Let’s Encrypt Revoked Certificates

Asif Karel | March 6, 2020 | Apache, CertView, dashboard, Detection, qid, Qualys Technology, Security Labs, The Laws of Vulnerabilities, vulnerability

Let’s Encrypt is a free, automated, open certificate authority (CA) run for the public’s benefit as a service from the Internet Security Research Group (ISRG). It provides free digital certificates to enable ...

The Laws of Vulnerabilities – Qualys Blog

Automatically Discover, Prioritize and Remediate Apache Tomcat AJP File Inclusion Vulnerability (CVE-2020-1938) using Qualys VMDR

Animesh Jain | March 5, 2020 | AJP, Apache Tomcat, asset inventory, cve-2020-1938, patch management, policy compliance, Qualys Technology, The Laws of Vulnerabilities, threat protection, Tomcat, VMDR, Vulnerability Management

A severe vulnerability exists in Apache Tomcat’s Apache JServ Protocol. The Chinese cyber security company Chaitin Tech discovered the vulnerability, which is named “Ghostcat” and is tracked using CVE-2020-1938. The security issue ...

The Laws of Vulnerabilities – Qualys Blog

Citrix ADC and Gateway Remote Code Execution Vulnerability (CVE-2019-19781)

Animesh Jain | January 8, 2020 | assetview, Citrix, dashboard, Qualys Technology, rpt, Security Labs, The Laws of Vulnerabilities, tp, vm, vulnerability

Citrix released a security advisory (CVE-2019-19781) for a remote code execution vulnerability in Citrix Application Delivery Controller (ADC) and Citrix Gateway products. The vulnerability allows an unauthenticated remote attacker to execute arbitrary ...

The Laws of Vulnerabilities – Qualys Blog

Qualys Technology

NSA Announces Sandworm Actors Exploiting Exim MTA Vulnerability (CVE-2019-10149)

Secure Remote Endpoints from Vulnerabilities in Video Conferencing & Productivity Applications like Zoom

Identifying Let’s Encrypt Revoked Certificates

Automatically Discover, Prioritize and Remediate Apache Tomcat AJP File Inclusion Vulnerability (CVE-2020-1938) using Qualys VMDR

Citrix ADC and Gateway Remote Code Execution Vulnerability (CVE-2019-19781)

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On