This release of the Qualys Cloud Platform version 2.35 includes updates and new features for AssetView, Cloud Agent, Security Assessment Questionnaire, and Web Application Scanning, highlights as follows. (Note: this post has been edited after publishing to remove the Azure Cloud Connector, which will be available in a subsequent release.)
This release of the Qualys Cloud Platform version 2.34.1 includes updates and new features for Cloud Agent & AWS EC2 Connector, AssetView, CloudView, and Security Assessment Questionnaire, highlights as follows.
This release of the Qualys Cloud Platform version 2.34 includes updates and new features for Cloud Agent, EC2 Connector, Continuous Monitoring, Security Assessment Questionnaire, Web Application Scanning, and Web Application Firewall, highlights as follows.
In this blog series, we’re discussing solid security practices that are key for General Data Protection Regulation (GDPR) compliance, and today we’ll address another crucial one: Indication of compromise (IOC).
In a nutshell, IOC can help customers who are dealing with unauthorized access to customer personal data by an external threat actor or adversary.
This makes IOC particularly relevant to GDPR’s stringent requirements for providing integrity, control, accountability and protection of EU residents’ personal data.
Read on to learn why IOC is critical for complying with GDPR, which went into effect in May, and how Qualys can help you.
This release of the Qualys Cloud Platform version 2.33 includes the release for CertView, plus updates and new features for AssetView, Cloud Agent, EC2 Connector, Security Assessment Questionnaire, Web Application Scanning, and Web Application Firewall, highlights as follows. (This posting has been edited to include an update to WAS that is available in a patch release.)
Operating since 2015, a threat group dubbed Orangeworm has been newly attributed to hacking and infiltrating healthcare groups around the world. Companies specifically targeted include hospitals, healthcare providers, pharmaceuticals, IT services firms serving the healthcare industry, and more. (Healthcare Informatics Institute describes this in more detail.)
The victims are specific, targeted, and global with 17% of victims in the US, 7% in India, 7% in Saudi Arabia, 5% in Philippines, 5% in Germany, Hungary and United Kingdom, with seventeen other countries each with 2% of infections. Analysts are still investigating the campaign tactics, techniques, and procedures (TTPs) of the Orangeworm group to determine their objectives whether espionage of the medical systems themselves, to steal patient data, or potential future sabotage or ransom.
In this ongoing blog series on preparing for complying with the EU’s General Data Protection Regulation (GDPR), we’ve explained the importance of having solid, foundational security practices like asset management and threat prioritization. Today, we’ll discuss how another such practice can help organizations stay on the right side of GDPR: Indication of Compromise (IOC).
In a nutshell, IOC can help customers who are dealing with unauthorized access to customer personal data by an external threat actor or adversary. This makes IOC particularly relevant to GDPR’s stringent requirements for data integrity, control, accountability and protection.
To comply with GDPR, which goes into effect on May 25, companies worldwide — not just in the EU — must know what personal data of EU residents they have, where it’s stored, with whom they’re sharing it, how they’re protecting it, and what they’re using it for.
This release of the Qualys Cloud Platform version 2.32 includes updates and new features for AssetView, EC2 Connector, File Integrity Monitoring, Indication of Compromise, Security Assessment Questionnaire, Web Application Scanning, and Web Application Firewall, highlights as follows. (Post updated 3/23 to include new FIM features for this release.)
This release of the Qualys Cloud Platform version 2.31 includes updates and new features for AssetView, Cloud Agent, EC2 Connector, Web Application Scanning, Web Application Firewall, and Security Assessment Questionnaire, highlights as follows.
Dark Reading is reporting on a new banking trojan called ‘Silence’ that mimics techniques similar to the Carbanak hacker group targeting banks and financial institutions. The attack vector is similar – target individuals using spear-phish emails to trick them into running a malicious attachment which will connect to download a dropper to further infect the user’s machine. This attack does not use an exploit against a vulnerability, but rather takes advantage of social engineering to fool the user into executing the malicious payload and infecting their machine.
Silence is interesting in that the trojan’s capabilities include a screen grabber that will take multiple screenshots of the user’s active monitor and upload the real-time stream to a command and control server for monitoring by the adversary. This technique allows the threat actor to identify which users have access to specific banking applications, systems, and accounts that they can use for financial gain.