Qualys Community

1066 posts

Thwarting SQL Injection: Defense in Depth

SQL as a language is vulnerable to injection attacks because it allows mixing of instructions and data, which attackers can conveniently exploit to achieve their nefarious objectives.

The root cause behind successful SQL injection attacks is the execution of user-supplied data as SQL instructions. This classic cartoon illustrates the perils of trusting user inputs, and how they can lead to a successful SQLi attack:

From the webcomic xkcd:

Did you really name your son Robert'); DROP TABLE Students;--

Continue reading …

Improved Suite Detection in the Next SSL Labs Release

In one of the future SSL Labs releases we will change how we detect supported protocol suites. Even though there will be no change to the grading algorithm because of this, our detection of obsolete and insecure suites will improve slightly, and that will worsen the grade of a small number of sites. We will publish this new version on October 1st or later.

Continue reading …

How Policy Compliance Plays a Mitigation Role to Protect Your System

Vulnerabilities can be serious threats. Once found, system administrators try everything to restore security, such as patching and mitigating. Patching is always the first choice since it’s normally the definitive way to resolve the vulnerability. However, system administrators will sometimes need to mitigate, especially in two cases:

Case 1. A patch has not been released by the vendor.
Case 2. Patching the vulnerability isn’t a high priority in the customer’s environment but still needs to be addressed.

Many vulnerabilities can be mitigated by changing a specific configuration setting in the OS or application. In this blog post, I use HTTPoxy as an example of how Qualys Policy Compliance can play an important role in this type of mitigation by identifying and reporting on all your systems that don’t have the desired configuration.

Continue reading …

Mystery Magic Bytes From The Equation Leak

Days ago, a mysterious online group called Shadow Brokers claims to have stolen US “cyber weapons” from a hacking team called Equation Group.  These “cyber weapons” contain about a dozen vulnerabilities which are believed to be exploits used by the National Security Agency (NSA). In this blog, I will analyze the shellcode from the Cisco exploit and show its behind-the-scenes behavior.

Continue reading …

Qualys Cloud Platform 2.16 New Features

A new release of the Qualys Cloud Platform (AssetView 2.16, Cloud Agent Platform 1.7.0) includes several new features for AssetView, ThreatPROTECT and Cloud Agent.
Continue reading …

Equation Group Hack: Cisco ASA and FortiGate Vulnerabilities

cisco-asa-fortinet

By now you must have heard about the Equation group hack, Shadow Brokers, NSA ANT catalog and an entire gamut of information. Here I will update on what we have confirmed and how it affects your patching effort.

Continue reading …

Qualys Cloud Platform 2.15 New Features

A new release of the Qualys Cloud Platform (AssetView 2.15, Cloud Agent Platform 1.6.0) includes several new features for AssetView and support for additional operating systems for Cloud Agent.

Continue reading …

Microsoft Patch Tuesday August 2016

Its August 2016 Patch Tuesday and Microsoft has released nine security bulletins that affect a host of components including desktop operating systems, browsers, fonts  and servers. Five updates are rated as critical while four are rated as important.

Continue reading …

WAS 4.9 Introduces Global Exclusion Lists and Scan Comparison Feature

We are pleased to announce Qualys Web Application Scanning 4.9 (WAS) featuring customized global exclusion lists and enhanced reporting with a new, quick and easy scan comparison feature to help you meet your web application scanning needs and meet your business objectives even quicker.

Continue reading …