Day: 5 November 2021

GRIMM Private Vulnerability Disclosure Program

GRIMM, a cybersecurity organisation led by industry experts, announced they performed dedicated vulnerability research into Nagios and discovered a number of vulnerabilities that would enable attackers to gain Remote Code Execution (RCE) as root on Nagios management servers, which provides great potential for later lateral movement. This research stems from GRIMM’s Private Vulnerability Disclosure (PVD) …

GRIMM Private Vulnerability Disclosure Program Read More »

Qualys CloudView adds security for infrastructure

Qualys, a provider of disruptive cloud-based IT, security and compliance solutions, has announced it is adding Infrastructure as Code (IaC) scanning to its CloudView app. This will enable detection and remediation of misconfigurations early in the development cycle, removing risk in the production environment. As noted in the (ISC)2 2021 Cloud Security Report , security …

Qualys CloudView adds security for infrastructure Read More »