Critical RCE flaw in OpenSMTPD, patch available
Qualys researchers have discovered a critical vulnerability (CVE-2020-7247) in OpenBSD’s OpenSMTPD mail server, which can allow attackers to execute arbitrary shell commands …
January 2020 Patch Tuesday: Microsoft nukes Windows crypto flaw flagged by the NSA
As forecasted, January 2020 Patch Tuesday releases by Microsoft and Adobe are pretty light: the “star of the show” is CVE-2020-0601, a Windows flaw flagged by the …
The importance of proactive patch management
IT teams appreciate it when vendors or security researchers discover new vulnerabilities and develop patches for them. So do attackers. The same information that lets IT teams …
Operational Technology Cyber Security Alliance aims to tackle OT threats
Cyber attacks on critical and industrial infrastructure are on the rise, impacting operational reliability and business risk across all industries, including utilities, …
October 2019 Patch Tuesday: A small batch of updates from Microsoft, none from Adobe
As predicted by Ivanti’s Chris Goettl, October 2019 Patch Tuesday came with a relatively small number of Microsoft updates and, curiously enough, with no security …
Critical Exim flaw opens servers to remote code execution, patch now!
The Exim mail transfer agent (MTA) is impacted by a critical vulnerability that may allow local or unauthenticated remote attackers to execute programs with root privileges on …
Knowing what’s on your hybrid-IT environment is fundamental to security
In this Help Net Security podcast recorded at Black Hat USA 2019, Shiva Mandalam, VP of Products, Visibility and Control at Qualys, talks about the importance of visibility. …
Securing the cloud: Visibility, compliance and vulnerability management
In this Help Net Security podcast recorded at Black Hat USA 2019, Hari Srinivasan, Director of Product Management for Qualys, talks about the basics of securing your cloud. …
August 2019 Patch Tuesday: Microsoft plugs critical wormable RDP holes
It’s that time of the month again: Microsoft, Adobe and Intel have pushed out fixes for a bucketload of security issues in their various software. Microsoft’s …
Optimizing the patch management process
In this podcast recorded at Black Hat USA 2019, Jimmy Graham, Senior Director of Product Management at Qualys, discusses the importance of a tailored patch management process. …
Photo gallery: Black Hat USA 2019, part two
Black Hat USA 2019 is underway in Las Vegas. Here are a few photos from the Business Hall and the Arsenal. Featured companies: Bugcrowd, Sumo Logic, Devo Technology, Akamai, …
Photo gallery: Black Hat USA 2019
Black Hat USA 2019 is underway in Las Vegas. Here are a few photos from the Business Hall and the Arsenal. Featured companies: Qualys, Anomali, Vectra, Irdeto, ReliaQuest, F5 …
Featured news
Resources
Don't miss
- Social data puts user passwords at risk in unexpected ways
- New observational auditing framework takes aim at machine learning privacy leaks
- Why password management defines PCI DSS success
- Hottest cybersecurity open-source tools of the month: November 2025
- Gainsight breach: Salesforce details attack window, issues investigation guidance