Microsoft fixes critical wormable Windows flaw (CVE-2025-47981) https://www.helpnetsecurity.com/2025/07/09/microsoft-fixes-critical-wormable-windows-flaw-cve-2025-47981/ #MicrosoftEdge #WindowsServer #PatchTuesday #SharePoint #TrendMicro #Don'tmiss #Hotstuff #MSOffice #Tenable #Windows #Ivanti #Qualys #News
Innovator Spotlight: Qualys – Source: www.cyberdefensemagazine.com https://ciso2ciso.com/innovator-spotlight-qualys-source-www-cyberdefensemagazine-com/ #rssfeedpostgeneratorecho #cybersecurityplatform #compliancevisibility #cyberdefensemagazine #cyberdefensemagazine #executivereporting #Securityleadership #CyberSecurityNews #governancetools #auditreadiness #CISOStrategy #policyaudit #cyberrisk #Spotlight #Qualys
#Patches kommen:
Zwei Lücken verleihen #Angreifern #Root-Rechte unter #Linux
Durch Verkettung der beiden Lücken lassen sich #Linux-Systeme vollständig kompromittieren. Admins sollten so bald wie möglich patchen.
#Sicherheitsforscher von #Qualys haben zwei gefährliche #Sicherheitslücken aufgedeckt, mit denen Angreifer auf #Linux-Systemen einen #Root-Zugriff erlangen können.
Chaining two LPEs to get “root”: Most Linux distros vulnerable (CVE-2025-6018, CVE-2025-6019) https://www.helpnetsecurity.com/2025/06/18/chaining-two-lpes-to-get-root-most-linux-distros-vulnerable-cve-2025-6018-cve-2025-6019/ #vulnerability #Don'tmiss #Hotstuff #openSUSE #Debian #Fedora #Qualys #Ubuntu #Linux #News
#Qualys TRU Uncovers Chained LPE: SUSE 15 PAM to Full Root via libblockdev/udisks
Neue #Linux #Sicherheitslücken: #Race #Conditions bedrohen sensible Daten.
Zwei neu entdeckte Schwachstellen gefährden aktuell bestimmte #Linux- #Distributionen. Die #Sicherheitsforscher von #Qualys haben Race Conditions in den Komponenten apport und systemd-coredump identifiziert. Sie wurden unter den CVE-Nummern CVE-2025-5054 und CVE-2025-4598 veröffentlicht und ermöglichen es lokalen Angreifern, auf Speicherabzüge privilegierter Prozesse zuzugreifen.
Photos: Infosecurity Europe 2025, part 2 https://www.helpnetsecurity.com/2025/06/04/infosecurity-europe-2025-photo/ #BytesSoftwareServices #RootshellSecurity #VeeamSoftware #ManageEngine #PushSecurity #Bitdefender #conferences #DarkInvader #AbnormalAI #AttackIQ #iStorage #Sonatype #Garner #Qualys #News
Linux Crash Reporting Flaws (CVE-2025-5054, 4598) Expose Password Hashes https://hackread.com/linux-crash-reporting-flaws-expose-password-hashes/ #systemdcoredump #Cybersecurity #Vulnerability #Security #Password #Apport #Hashes #Qualys #Linux
Closing security gaps in multi-cloud and SaaS environments https://www.helpnetsecurity.com/2025/05/20/kunal-modasiya-qualys-cloud-saas-security-strategy/ #cloudsecurity #collaboration #cybersecurity #Don'tmiss #Features #Hotstuff #strategy #Qualys #cloud #News #SaaS
Infosec products of the month: February 2025 https://www.helpnetsecurity.com/2025/02/28/infosec-products-of-the-month-february-2025/ #PaloAltoNetworks #LegitSecurity #VeeamSoftware #SealSecurity #SafeBreach #1Password #Dynatrace #Privacera #Fortinet #Netwrix #Trustmi #Pangea #Qualys #Satori #Socure #Armor #BigID #News #Nymi
Critical OpenSSH Vulnerabilities Expose Users to MITM and DoS Attacks – Source:hackread.com https://ciso2ciso.com/critical-openssh-vulnerabilities-expose-users-to-mitm-and-dos-attacks-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #cybersecurity #Vulnerability #Hackread #security #OpenSSH #Qualys #MITM #DoS
Critical OpenSSH Vulnerabilities Expose Users to MITM and DoS Attacks https://hackread.com/critical-openssh-flaws-expose-users-mitm-dos-attacks/ #Cybersecurity #Vulnerability #Security #OpenSSH #Qualys #MITM #DoS
New infosec products of the week: February 7, 2025 https://www.helpnetsecurity.com/2025/02/07/new-infosec-products-of-the-week-february-7-2025/ #SafeBreach #Dynatrace #Qualys #Satori #News #Nymi
DeepSeek AI Model Riddled With Security Vulnerabilities – Source: securityboulevard.com https://ciso2ciso.com/deepseek-ai-model-riddled-with-security-vulnerabilities-source-securityboulevard-com/ #AIandMachineLearninginSecurity #SecurityBoulevard(Original) #rssfeedpostgeneratorecho #AIandMLinSecurity #CyberSecurityNews #SecurityBoulevard #SocialFacebook #SocialLinkedIn #Cybersecurity #Spotlight #DeepSeek #SocialX #OpenAI #Qualys #genai #News #LLM #AI
Qualys TotalAppSec enables organizations to address risks across web applications and APIs https://www.helpnetsecurity.com/2025/02/03/qualys-totalappsec/ #Industrynews #Qualys
Local Privilege Escalations in needrestarthttps://www.openwall.com/lists/oss-security/2024/11/19/1
We discovered three fundamental vulnerabilities in needrestart (three
LPEs, Local Privilege Escalations, from any unprivileged user to full
root), which are exploitable without user interaction on #Ubuntu Server
(through unattended-upgrades)
QScanner: Linux command-line utility for scanning container images, conducting SCA https://www.helpnetsecurity.com/2024/11/27/qscanner-linux-scanning-container-images/ #containers #Don'tmiss #Hotstuff #scanning #Qualys #Linux #News
#needrestart 3.8 was released:
https://github.com/liske/needrestart/releases/tag/v3.8
This coordinated release contains 4 security fixes for local privilege escalations found by the Qualys Security Advisory team: https://www.qualys.com/2024/11/19/needrestart/needrestart.txt
An local attacker can trick needrestart to execute arbitrary code as root. Debian and Ubuntu already shipping security updates.
You should apply these updates in a timely manner. These issues can be mitigated by disabling the interpreter heuristic.
Infosec products of the month: October 2024 https://www.helpnetsecurity.com/2024/11/01/infosec-products-of-the-month-october-2024/ #NucleusSecurity #LegitSecurity #VeeamSoftware #SAFESecurity #DataTheorem #GitGuardian #BreachLock #SECURITIai #Commvault #Dashlane #ExtraHop #Frontegg #Action1 #Metomic #Nametag #Sectigo #XMCyber #Balbix #Fastly #Ivanti #Kusari #Qualys #Rubrik #Edgio #Jumio #News #Neon #Okta #IBM
New infosec products of the week: October 11, 2024 https://www.helpnetsecurity.com/2024/10/11/new-infosec-products-of-the-week-october-11-2024/ #DataTheorem #BreachLock #Commvault #Dashlane #Frontegg #Action1 #Qualys #Edgio #News
