10 min read
Conti Ransomware
Conti is a sophisticated Ransomware-as-a-Service (RaaS) model first detected in December 2019. Since its inception, its use has grown rapidly and has
Tag : Vulnerabilities And Threat Research
10 min read
3 min read
Microsoft & Adobe Patch Tuesday (November 2021) – Microsoft 55 Vulnerabilities with 6 Critical, 6 Zero-Days. Adobe 4 Vulnerabilities
Microsoft Patch Tuesday – November 2021 Microsoft patched 55 vulnerabilities in their November 2021 Patch Tuesday release, of which six are rated
6 min read
Qualys Response to CISA Alert: Binding Operational Directive 22-01
Start your VMDR 30-day, no-cost trial today Overview On November 3, 2021, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a
4 min read
Apache HTTP Server Path Traversal & Remote Code Execution (CVE-2021-41773 & CVE-2021-42013)
On October 4, 2021, Apache HTTP Server Project released Security advisory on a Path traversal and File disclosure vulnerability in Apache HTTP Server
1 min read
Apache Tomcat HTTP Request Smuggling Vulnerability (CVE-2021-33037)
A vulnerability (CVE-2021-33037) discovered this year in Apache Tomcat causes incorrect parsing of the HTTP transfer-encoding request header in some
1 min read
Vulnerability On-Demand Search Reporting & Easy Download options
Vulnerability reporting is different from any other aspect of a Vulnerability Management Program. The methodologies of Discover, Assess, Report and
1 min read
Apple fixes zero-day in iOS and iPadOS 15.0.2 emergency release: Detect and Prioritize Vulnerabilities using VMDR for Mobile Devices
Apple recently released iOS and iPadOS 15.0.2 as an emergency security update that addresses 1 critical zero-day vulnerabilities, which is exploited
3 min read
Microsoft & Adobe Patch Tuesday (October 2021) – Microsoft 74 Vulnerabilities with 3 Critical, 4 Zero-Days. Adobe 10 Vulnerabilities
Microsoft Patch Tuesday – October 2021 Microsoft patched 74 vulnerabilities in their October 2021 Patch Tuesday release, of which three are rated
1 min read
Tenacity 2.0 – Emulating Threat groups
Introduction The previous article: Tenacity – An Adversary Emulation Tool for Persistence, walked us through the working of Tenacity, techniques it
1 min read
QID Spotlight: Discover Azul Java Vulnerabilities
The Qualys vulnerability signatures team has released a new series of signatures (detections) for Azul Java, allowing security teams to identify Azul
1 min read
NSO Pegasus iPhone Spyware Vulnerabilities Fixed by Apple – Detect & Prioritize Using VMDR for Mobile Devices
Apple recently released iOS and iPadOS 12.5.5, 15.0, which includes a security update that addresses almost 25 vulnerabilities, including several
3 min read
Apache Struts 2 Double OGNL Evaluation Vulnerability (CVE-2020-17530)
A vulnerability (CVE-2020-17530) discovered last year in the Object Graph Navigation Language (OGNL) evaluation function of Apache Struts versions
1 min read
Detect & Prioritize NSO Pegasus iPhone Spyware Vulnerabilities Using VMDR for Mobile Devices
Apple recently released iOS and iPadOS 14.8 as a security update that addresses 2 critical zero-day vulnerabilities, which are used to deploy NSO
1 min read
Google Android September 2021 Security Patch Vulnerabilities: Discover and Take Remote Response Action Using VMDR for Mobile Devices
The recently released Android Security Bulletin for September 2021 addresses 40 vulnerabilities, out of which 7 are rated as critical
3 min read
Microsoft and Adobe Patch Tuesday (September 2021) – Microsoft 60 Vulnerabilities with 3 Critical, Adobe 61 Vulnerabilities
Microsoft Patch Tuesday – September 2021 Microsoft patched 60 vulnerabilities in their September 2021 Patch Tuesday release, and an additional 26