Security news aggregator

Latest coverage for Qualys

Qualys covers vulnerability management, asset discovery, and compliance checks that help organizations identify and reduce security risks.

34 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Qualys is a cloud-based security platform used to inventory IT assets, identify software vulnerabilities, assess configuration and compliance, and scan web applications. It collects information through network scanners and endpoint agents, then centralizes findings so security teams can track exposure and remediation across servers, workstations, cloud resources, and applications.

Its security value depends on complete, accurate asset coverage: unmanaged systems, failed agents, or incomplete credentials can leave vulnerabilities undiscovered. Findings must also be validated and prioritized using factors such as exploitability, exposure, and business context; a scanner’s severity rating alone does not determine urgency. Because the platform may receive detailed asset, software, configuration, and credential-related data, access controls, role separation, and secure integration are important. Teams can use its records to support vulnerability management and compliance evidence, while incident responders may use historical asset and detection data to scope affected systems and confirm remediation.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 34

Cybersecurity researchers have disclosed multiple security vulnerabilities within the Linux kernel's AppArmor module that could be exploited by unprivileged users to circumvent kernel protections, escalate to root, and undermine container isolation guarantees

Bank Info Security 10 months, 1 week ago

Salesloft Drift Hack Claims New Victims in Tenable, Qualys

Salesloft Says Hackers Broke Into Its GitHub RepositoryCybersecurity firms Tenable and Qualys fell to attacks stemming from hacker theft of authentication tokens from a third-party tool often integrated into Salesforce. The firms disclosed their exposure to the attack that lifted access tokens from marketing-as-a-service software provider Salesloft.

Bank Info Security 1 year, 5 months ago

New Mirai Variant Targets Flaws in Cameras and Routers

Murdoc Botnet Uses Over 100 Distinct C2 Servers to Manage Infected DevicesA new variant of the Mirai malware is exploiting vulnerabilities in cameras and routers to infiltrate devices, download payloads and integrate them into an expanding botnet. Qualys tracked over 1,300 active internet protocol addresses linked to the Murdoc Botnet since its emergence in July 2024.

Over 14 Million Servers May Be Affected by Bug First Fixed Decades AgoMore than 14 million servers may be affected by a regressed vulnerability in a remote server management and file transfer tool that can allow hackers to completely take over the affected systems. The flaw is an accidental repeat of a flaw patched in 2006.

Loading more headlines...