Security News

Drupal's first patch for the 'Drupalgeddon 2' apparently proved insufficient, prompting a timed release of another patch on Wednesday.

In this podcast recorded at RSA Conference 2018, Tim White, Director of Product Management, Policy Compliance at Qualys, discusses how expanding vulnerability and risk management programs can...

LinkedIn recently patched a vulnerability that could have been exploited by malicious websites to harvest data from users’ profiles, including private information. read more

The flaw takes advantage of Wi-Fi syncing in iTunes, but requires a developer image to work properly.

The Drupal vulnerability (CVE-2018-7600), dubbed Drupalgeddon2 that could allow attackers to completely take over vulnerable websites has now been exploited in the wild to deliver malware...

Nearly all of the vulnerabilities detected in web apps were of a critical nature, with financial services sites the most at risk, according to a Positive Technologies report.

Vulnerability management has two major components: discovering vulnerabilities, and mitigating those vulnerabilities. The first component is pointless without the second component. So, for...

Attempts to exploit a recently patched vulnerability in the Drupal content management system (CMS) were spotted by researchers shortly after someone published a proof-of-concept (PoC) exploit. read more

Illumio announced new global vulnerability mapping capabilities on its Adaptive Security Platform. Vulnerability and threat data from the Qualys Cloud Platform is integrated with Illumio...

A patched vulnerability in San Francisco’s public safety warning siren system suggests other radio-based platforms could also be hacked.