QSC 2022: Qualys’ Threat Research Unit (TRU) – Our Shield Is Your Shield Day two of QSC profiled the special launch of the Qualys Threat Research Unit, TRU. Taking the... 2022-11-11 09:28:25 | 阅读: 23 | 收藏 | blog.qualys.com tru software smith threats

November 2022 Patch Tuesday | Microsoft Releases 65 Unique Vulnerabilities with 10 Critical. Microsoft has fixed 65 vulnerabilities (aka flaws) in the November 2022 update, including ten... 2022-11-9 05:0:0 | 阅读: 47 | 收藏 | blog.qualys.com microsoft qualys security windows

Get Your Patch Tuesday Vulnerabilities Patched on Tuesday Every IT person is familiar with Patch Tuesdays. It’s the time of the month where IT needs to... 2022-11-9 01:12:21 | 阅读: 17 | 收藏 | blog.qualys.com tuesday qualys weaponized microsoft

OpenSSL Vulnerability Recap Last week a CRITICAL vulnerability in OpenSSL was pre-announced to give organizations a head st... 2022-11-4 01:0:0 | 阅读: 38 | 收藏 | blog.qualys.com qualys heartbleed security adoption

Qualys Research Alert: Prepare for a Critical Vulnerability in OpenSSL 3.0 On Tuesday, Nov. 1, the OpenSSL project will release a new version of OpenSSL (version 3.0.7) t... 2022-10-31 22:15:52 | 阅读: 51 | 收藏 | blog.qualys.com qualys 617 qid csam identify

Chrome Zero Day – Just Before the Weekend (again) As we head into the weekend, Google has released an emergency security update for the Chrome de... 2022-10-29 03:40:19 | 阅读: 26 | 收藏 | blog.qualys.com chrome 3rd qualys confusion

Qualys Research Team: Threat Thursdays, October 2022 Welcome to the third edition of the Qualys Research Team’s “Threat Research Thursday”, where we... 2022-10-28 08:58:53 | 阅读: 34 | 收藏 | blog.qualys.com qualys microsoft exchange windbg

Text4Shell: Detect, Prioritize and Remediate The Risk Across On-premise, Cloud, Container Environment Using Qualys Platform On 2022-10-13, Apache Security Team disclosed a critical vulnerability with CVE-2022-42889 affe... 2022-10-28 01:59:44 | 阅读: 110 | 收藏 | blog.qualys.com qualys text4shell security 42889

Leeloo Multipath: Authorization bypass and symlink attack in multipathd (CVE-2022-41974 and CVE-2022-41973) The Qualys Research Team has discovered two vulnerabilities in multipathd, the most important o... 2022-10-26 09:57:0 | 阅读: 57 | 收藏 | blog.qualys.com multipath qualys suse leeloo

CVE-2022-42889: Detect Text4Shell via Qualys Container Security A new critical vulnerability CVE-2022-42889 (Text4Shell) in Apache Commons Text library was rep... 2022-10-26 05:55:5 | 阅读: 88 | 收藏 | blog.qualys.com security qualys text4shell sensors

Creating Awareness of External JavaScript Libraries in Web Applications Qualys Web Application Scanning (WAS) routinely reviews and solicits customer feedback regardin... 2022-10-13 00:31:38 | 阅读: 19 | 收藏 | blog.qualys.com qid loaded sri qualys 150545

JSON Web Token (JWT) Weaknesses JSON Web Tokens, or JWTs, are an encoded set of claims commonly seen in REST APIs and Single pa... 2022-10-12 05:45:33 | 阅读: 42 | 收藏 | blog.qualys.com jwts payload claims symmetric qid

JSON Web Token (JWT) Weaknesses JSON Web Tokens, or JWTs, are an encoded set of claims commonly seen in REST APIs and Single pa... 2022-10-12 05:45:33 | 阅读: 27 | 收藏 | blog.qualys.com jwts claims symmetric payload qid

October 2022 Patch Tuesday | Microsoft Releases 84 Vulnerabilities with 13 Critical, plus 12 Microsoft Edge (Chromium-Based) Microsoft has fixed 84 vulnerabilities (aka flaws) in the October 2022 update, including 13 vu... 2022-10-12 04:0:0 | 阅读: 26 | 收藏 | blog.qualys.com microsoft qualys security exploited

In-Depth Look Into Data-Driven Science Behind Qualys TruRisk Last updated on: November 16, 2022 Vulnerability Management is a foundational component of any... 2022-10-10 22:32:29 | 阅读: 17 | 收藏 | blog.qualys.com trurisk qualys asset scores

In-Depth Look Into Data-Driven Science Behind Qualys TruRisk Vulnerability Management is a foundational component of any cybersecurity program for the imple... 2022-10-10 22:32:29 | 阅读: 28 | 收藏 | blog.qualys.com qualys trurisk asset scores

NSA Alert: Topmost CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors On October 6, 2022, the United States National Security Agency (NSA) released a cybersecurity a... 2022-10-8 04:3:1 | 阅读: 39 | 收藏 | blog.qualys.com remote prc sponsored network

WhatsApp Fixed Critical Vulnerabilities That Could Let an Attacker Hack Devices Remotely – Automatically Discover and Remediate Using VMDR Mobile WhatsApp has recently fixed critical and high-severity vulnerabilities affecting WhatsApp for A... 2022-10-3 17:19:8 | 阅读: 24 | 收藏 | blog.qualys.com vmdr qualys remote qql

Qualys Response to ProxyNotShell Microsoft Exchange Server Zero-Day Threat Using Qualys Cloud Platform On September 29, 2022, active attacks against Microsoft Exchange were reported by Vietnamese cy... 2022-10-1 07:25:55 | 阅读: 37 | 收藏 | blog.qualys.com exchange qualys microsoft

Qualys Threat Research Thursday Welcome to the second edition of the Qualys Research Team’s “Threat Research Thursday”, where w... 2022-9-29 22:32:0 | 阅读: 27 | 收藏 | blog.qualys.com qualys remediate tuesday