A new RCE in OpenSMTPD’s default install, patch available
Less than a month after the patching of a critical RCE flaw in OpenSMTPD, OpenBSD’s mail server, comes another call to upgrade to the latest version, as two additional …
February 2020 Patch Tuesday: Microsoft fixes 99 vulnerabilities, Adobe 42
February 2020 Patch Tuesday is here. To mark the occasion, Microsoft has released fixes for 99 vulnerabilities – 12 critical, one of which is being exploited in the wild …
Critical RCE flaw in OpenSMTPD, patch available
Qualys researchers have discovered a critical vulnerability (CVE-2020-7247) in OpenBSD’s OpenSMTPD mail server, which can allow attackers to execute arbitrary shell commands …
January 2020 Patch Tuesday: Microsoft nukes Windows crypto flaw flagged by the NSA
As forecasted, January 2020 Patch Tuesday releases by Microsoft and Adobe are pretty light: the “star of the show” is CVE-2020-0601, a Windows flaw flagged by the …
The importance of proactive patch management
IT teams appreciate it when vendors or security researchers discover new vulnerabilities and develop patches for them. So do attackers. The same information that lets IT teams …
Operational Technology Cyber Security Alliance aims to tackle OT threats
Cyber attacks on critical and industrial infrastructure are on the rise, impacting operational reliability and business risk across all industries, including utilities, …
October 2019 Patch Tuesday: A small batch of updates from Microsoft, none from Adobe
As predicted by Ivanti’s Chris Goettl, October 2019 Patch Tuesday came with a relatively small number of Microsoft updates and, curiously enough, with no security …
Critical Exim flaw opens servers to remote code execution, patch now!
The Exim mail transfer agent (MTA) is impacted by a critical vulnerability that may allow local or unauthenticated remote attackers to execute programs with root privileges on …
Knowing what’s on your hybrid-IT environment is fundamental to security
In this Help Net Security podcast recorded at Black Hat USA 2019, Shiva Mandalam, VP of Products, Visibility and Control at Qualys, talks about the importance of visibility. …
Securing the cloud: Visibility, compliance and vulnerability management
In this Help Net Security podcast recorded at Black Hat USA 2019, Hari Srinivasan, Director of Product Management for Qualys, talks about the basics of securing your cloud. …
August 2019 Patch Tuesday: Microsoft plugs critical wormable RDP holes
It’s that time of the month again: Microsoft, Adobe and Intel have pushed out fixes for a bucketload of security issues in their various software. Microsoft’s …
Optimizing the patch management process
In this podcast recorded at Black Hat USA 2019, Jimmy Graham, Senior Director of Product Management at Qualys, discusses the importance of a tailored patch management process. …