All Posts

461 posts

Policy Compliance Library Updates, February 2020

Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from OS and application vendors and other industry best practices.

In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library every month.

The February release includes 8 CIS Benchmark policies, 4 Qualys Security Configuration and Compliance policies, and 1 mandate [MARS-Ev2] policy. Apart from adding a new technology support, it also provides updates to several existing policies in the Qualys Content Library.

Qualys’ Certification Page at CIS at CIS has been updated.

Continue reading …

Detections Released for ESU Updates on EOL Windows 7, 2008 and 2008 R2

For the February 2020 Patch Tuesday, Microsoft released security updates for Windows 7, 2008 and 2008 R2 systems which are already end of life. Qualys released Patch Tuesday detections (QIDs) which check for these new ESU patches as well.

Continue reading …

Intuitive and Ready-to-Use Monitoring Profiles for Compliance Regulations

Detecting changes from a baseline established for files and file paths and receiving instant alerts about them is crucial to ensure security within a monitored environment. File tampering is an indicator of illicit activity, and authorized users must be alerted whenever changes in a critical file or file path occur. Hence, organizations must integrate file change monitoring into their continuous efforts towards maintaining safety and hygiene in the cyber security space, especially in environments where their IT systems contain highly sensitive data.

Continue reading …

New EOL QIDs for Microsoft Windows 7 and 2008/R2

Qualys Vulnerability Signature, version 2.4.815-2, will include EOL QIDs (detections for end-of-life software) for Windows 7, Windows 2008, and Windows 2008 R2. Customers will be able to scan the QIDs shown below using Qualys Vulnerability Management (VM):

QID 105859  – EOL/Obsolete Operating System: Microsoft Windows 2008 R2 Detected
QID 105858  – EOL/Obsolete Operating System: Microsoft Windows 2008 Detected
QID 105793  – EOL/Obsolete Operating System: Microsoft Windows 7 Detected

Continue reading …

Actionable Searching and Data Download with Vulnerability Management Dashboards

Qualys is introducing the ability to download data from your vulnerability management dashboards. With Qualys Vulnerability Management Dashboards, you can use Qualys Query Language (QQL) to query the data in your subscription and build vulnerability- and asset-centric dashboards that show your exposure to individual vulnerabilities or groups of vulnerabilities or vulnerabilities with specific attributes, like new patch available found within the last 30 days.

With the new download feature, you can now download this data into a CSV file for additional manipulation outside the platform.

Continue reading …

Qualys Cloud Platform 2.43 New Features

This release of the Qualys Cloud Platform version 2.43 includes updates and new features for Web Application Scanning, highlights as follows.

Continue reading …

WordPress Database Reset Plugin Vulnerability (CVE-2020-7047, CVE-2020-7048)

A vulnerability recently disclosed by Wordfence and published as CVE-2020-7047 and CVE-2020-7048 allows an attacker to take over vulnerable WordPress-based websites.

Functionality in the WP Database Reset plugin introduced the vulnerability, which allows any unauthenticated user to reset any table in the database to its initial state when it was installed, deleting all the content in the database.

Continue reading …

Detect Unauthorized Processes Making Changes in Your Environment with Qualys File Integrity Monitoring

With the average cost of a data breach exceeding $3.5 million as per Cost of a Data Breach Report, almost all organizations these days adopt stringent policies in order to safeguard their confidential business and customer information. Strong RBAC-driven systems have certainly made it difficult for attackers to gain unauthorized access. However, malicious programs masked as genuine ones can compromise your environment, sneak their way into your databases, and can even allow unauthorized parties to access and/or view information.

Continue reading …

LibMiner: Container-Based Cryptocurrency Miner Targeting Unprotected Redis Servers

Qualys is actively tracking threats which target containers. In our recent analysis, we have identified a few docker instances executing a malware which we term as “LibMiner”. This malware has the capability to deploy and execute Cryptominer. It uses a unique technique for lateral movement across the containers as well as Linux systems, executing on unprotected Redis servers and initiating mining on them. The malware has the ability to protect its termination, thus making it impossible to gain control over it. This blog post uncovers the unique techniques and tactics used by LibMiner.

Continue reading …

Policy Compliance Library Updates, January 2020

Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from OS and application vendors and other industry best practices.Policy Library

In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library every month.

The January release includes 5 CIS Benchmark policies, 4 Qualys Security Configuration and Compliance policies, and 1 DISA STIG policy. Apart from adding a new technology support, it also provides updates to several existing policies in the Qualys Content Library.

Qualys’ Certification Page at CIS has been updated.

Continue reading …