Security News

Qualys Flags Gaping Security Holes in Exim Mail Server
2021-05-04 19:31

Security researchers document 21 major security vulnerabilities in Exim and warn that users are exposed to remote code execution flaws. Security researchers at Qualys have discovered multiple gaping security holes in Exim, a widely deployed mail server that has been targeted in the past by advanced nation state-based threat actors.

Qualys says Accellion hackers did not breach production systems
2021-04-02 16:28

Cybersecurity firm Qualys said today that the attackers who breached its Accellion FTA server didn't infiltrate the company's production and corporate environments. "Qualys also noted that the investigation found that the company's"existing security rules would not have allowed any such access between the Accellion FTA server and Qualys' corporate and production environment.

Extortion Gang Breaches Cybersecurity Firm Qualys Using Accellion Exploit
2021-03-07 23:30

Enterprise cloud security firm Qualys has become the latest victim to join a long list of entities to have suffered a data breach after zero-day vulnerabilities in its Accellion File Transfer Appliance server were exploited to steal sensitive business documents. As proof of access to the data, the cybercriminals behind the recent hacks targeting Accellion FTA servers have shared screenshots of files belonging to the company's customers on a publicly accessible data leak website operated by the CLOP ransomware gang.

Qualys Confirms Unauthorized Access to Data via Accellion Hack
2021-03-04 11:19

Initially, the website would list data exfiltrated during ransomware attacks, but as of late it has been flooded with data stolen from various organizations that were relying on the Accellion FTA file transfer software. "The exploited vulnerabilities were of critical severity because they were subject to exploitation via unauthenticated remote code execution," Accellion noted in a report detailing Mandiant's investigation into the incident.

Qualys hit with ransomware: Customer invoices leaked on extortionists' Tor blog
2021-03-03 17:00

Files appearing to originate from Qualys were dumped online this afternoon on the Tor blog of the Clop criminal extortionists. Ransomware gang specialist Brett Callow, of infosec biz Emsisoft, told The Register: "Entities that have had dealings with Qualys should be on high alert."

Cybersecurity firm Qualys is the latest victim of Accellion hacks
2021-03-03 16:39

Cybersecurity firm Qualys is likely the latest victim to have suffered a data breach after a zero-day vulnerability in their Accellion FTA server was exploited to steal hosted files. Yesterday, the Clop ransomware gang posted screenshots of files allegedly belonging to the cybersecurity firm Qualys.

Cybersecurity firm Qualys likely latest victim of Accellion hacks
2021-03-03 16:39

Cybersecurity firm Qualys is likely the latest victim to have suffered a data breach after a zero-day vulnerability in their Accellion FTA server was exploited to steal hosted files. Yesterday, the Clop ransomware gang posted screenshots of files allegedly belonging to the cybersecurity firm Qualys.

Qualys expands VMDR to mobile devices with support for Android and iOS/iPadOS
2021-02-12 01:15

Qualys announced it is expanding Qualys VMDR to mobile devices with support for Android and iOS/iPadOS delivering an end-to-end solution for mobile device security. Qualys' all-in-one VMDR provides in-depth mobile device visibility, data security insights, proactive posture monitoring, and automated response for all iOS and Android devices and installed apps - just like VMDR does for on premises, endpoints, clouds, containers, OT and IoT assets.

Qualys establishes new Cloud Platform in the UAE
2020-12-09 07:40

Qualys announced the establishment of a new Cloud Platform in the UAE. With nine locations across the globe, Qualys is expanding its highly scalable Cloud Platform that powers Qualys' suite of integrated IT, security, and compliance cloud apps including its latest VMDR and Multi-Vector EDR solutions. Uniquely, the Qualys Cloud Platform provides real-time visibility across the entire hybrid environment from on premises, endpoints, mobile, containers, cloud(s) and OT and IoT environments via an array of sensors and connectors that bring the telemetry required to provide continuous 2-second visibility across all IT assets.

Qualys CloudView app to power Armor Anywhere cloud security posture management capabilities
2020-11-18 01:00

Qualys announced that Armor is integrating the Qualys CloudView app, which includes Cloud Inventory and Cloud Security Assessment, into Armor Anywhere, a cloud security platform. Armor Anywhere with Cloud Security Posture Management lets clients continuously inventory and assess the security and compliance of their public cloud services as per industry standard benchmarks and regulatory mandates.