Yealink has thanked Positive Technologies for discovering the critical vulnerability BDU:2024-00482 in its Yealink Meeting Server videoconferencing system. Yealink is a prominent VoIP provider and is among five major online conferencing vendors. Its products are used in 140 countries. The vendor was notified of the threat per the responsible disclosure policy and released a software patch.Read More…

Qualys has announced it acquired the assets of Blue Hexagon. This brings AI/machine learning (AI/ML) to the Qualys Cloud Platform to help convert petabytes of highly integrated data into meaningful insights for customers. This acquisition will enable Qualys to leverage its powerful Cloud Platform and its more than 10 trillionRead More…

The Trellix Threat Labs Vulnerability Research team has released research detailing an unauthenticated remote code execution vulnerability, filed under CVE-2022-32548, affecting multiple routers from DrayTek, a Taiwanese company that manufactures Small Office and Home Office (SOHO) routers. The attack can be performed without user interaction if the device’s management interfaceRead More…

Qualys today unveiled Qualys Vulnerability Management, Detection and Response (VMDR) 2.0. The new cloud-based solution gives unprecedented insights into an organization’s unique risk posture along with the ability to use drag and drop workflows to orchestrate responses.Read More…