From qualys.com
1 81
The Qualys Threat Research Unit (TRU) has discovered a Remote Unauthenticated Code Execution (RCE) vulnerability in OpenSSH’s server (sshd) in glibc-based Linux systems. CVE assigned to this…
on Tue, 6AM
From qualys.com
Qualys Blog | Qualys Security Blog
0 4
On Wednesday, July 3, 2024 at 2:45 AM EDT Qualys identified suspicious spam content posted to the Qualys blog. Qualys conducted an investigation to identify any compromise and/or impact due to this…
on Thu, 1AM
From qualys.com
CAA Mandated by CA/Browser Forum | Qualys Security Blog
0 0
Certification Authority Authorization (CAA), specified in RFC 6844 in 2013, is a proposal to improve the strength of the PKI ecosystem with a new control to restrict which CAs can issue certificates…
on May 27
From qualys.com
XZ Utils SSHd Backdoor | Qualys Security Blog
0 0
On March 29th, 2024, a backdoor was identified in versions 5.6.0 and 5.6.1 of XZ Utils. Under certain conditions, this backdoor may allow remote access to the targeted system.
on Mar 31
From qualys.com
Qualys TRU Discovers Important Vulnerabilities in GNU C Library’s syslog() | Qualys Security Blog
0 0
The Qualys Threat Research Unit (TRU) has recently unearthed four significant vulnerabilities in the GNU C Library, a cornerstone for countless applications in the Linux environment.
on Jan 30
From qualys.com
Hidden Risks of Amazon S3 Misconfigurations | Qualys Security Blog
0 0
Amazon Web Services (AWS) is the world’s largest cloud security provider, and it provides the ability to store massive amounts of cloud-resident data with the Amazon Simple Storage Service (S3) bucket.
on Jan 3
From qualys.com
2023 Threat Landscape Year in Review: Part One | Qualys Security Blog
0 0
As 2023 nears its end, it's time to pause and reflect. It’s time to assess what worked and what didn't, what caught our attention and caused disruption, and what went unnoticed. More importantly…
on Dec 19
From qualys.com
CVSSv4 Public Preview Announcement | Qualys Security Blog
0 0
On June 8, 2023, at the 35th Annual FIRST Conference in Montreal, the public preview of CVSSv4 was announced. The Common Vulnerability Scoring System (CVSS) is an open framework for communicating the…
on Nov 2
From qualys.com
Latest Trend in Mac Vulnerabilities and How to Efficiently Address Them | Qualys Security Blog
0 0
Usually, every September/October, Apple releases its updated OSes and, with them, a set of new CVEs. This month was no different. In fact, if we look at 2023, Qualys released on average 32 new QIDs…
on Oct 4
From qualys.com
0 1
The Qualys Threat Research Unit (TRU) has discovered a buffer overflow vulnerability in GNU C Library's dynamic loader's processing of the GLIBC_TUNABLES environment variable.
on Oct 3