Browser scan unveils an abundance of critical vulnerabilities
Through our Qualys BrowserCheck online tool we have collected data from over 1.4 million user computer scans and their respective browsers. From this research, we have found …
New Microsoft 0-day vulnerability under attack
Microsoft has released security advisory KB2896666 informing of a vulnerability (CVE-2013-3906) in the TIFF graphics format that is seeing limited attacks in the Middle East …
Free eBook: OpenSSL Cookbook
If your job has something to do with security, web development, or system administration, you can’t avoid having to deal with OpenSSL on at least some level. This book …
Microsoft to unveil eight bulletins on Tuesday
October is turning out to be a busy month for patches. Next week is Patch Tuesday, and both Adobe and Microsoft have published their advance notices, with one and eight …
BrowserCheck gets automated daily scanning and Mac support
Qualys released a new version of Qualys BrowserCheck, the free service that helps people keep their browsers and plug-ins up-to-date to protect against harmful online content …
Is BEAST still a threat?
Yesterday I changed the SSL Labs rating criteria to stop penalizing sites that do not implement server-side mitigations for the BEAST attack. That means that we now consider …
Defending against the BREACH attack
When Juliano and Thai disclosed the CRIME attack last year, it was clear that the same attack technique could be applied to any other compressed data, and compressed response …
Qualys announces WAF Beta for Amazon EC2
Qualys will release the beta of its new cloud WAF solution as an Amazon Machine Image (AMI) and as a VMware virtual image for on-premise deployments starting August 1. …
Don’t get pwned at Black Hat, DEF CON
I am not a paranoid person and most industry conferences I go to don’t generate any worries about security. You go and participate, but otherwise operate normally, …
SSL Labs: Deploying forward secrecy
With revelations about mass surveillance in the news everywhere, an obscure feature of SSL/TLS called forward secrecy has suddenly become very interesting. So what is it, and …
QualysGuard Private Cloud Platform on VCE Vblock Systems
Qualys announced that the QualysGuard Private Cloud Platform has been integrated with VCE Vblock Systems, helping them secure their networks from cyber attacks and automate …
QualysGuard Express Lite released
Qualys announced QualysGuard Express Lite, a small business version of the company’s suite of integrated security and compliance solutions. The new cloud offering …
Featured news
Resources
Don't miss
- Mastering the cybersecurity tightrope of protection, detection, and response
- PRevent: Open-source tool to detect malicious code in pull requests
- Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand
- Hackers pose as employers to steal crypto, login credentials
- Unknown and unsecured: The risks of poor asset visibility