Reply to post: So, Qualys

Qualys hit with ransomware: Customer invoices leaked on extortionists' Tor blog

Anonymous Coward

So, Qualys

is the company that thinks its scanner should have unrestricted root access to the systems it scans. So, you know, it can check them for vulnerabilities, including, in due course if not already, a 'vulnerability' invented by some bad actor who has got control of Qualys, the 'checking' for which will conveniently cause a compromise on the systems being checked. On all the systems being checked, everywhere. Which is probably every *nix system in every bank.

Because that will never happen, right? Qualys is so secure you should just trust them with root access to all your systems because that will be just fine. And, well, if it did happen it wouldn't be very bad: does it matter so much if all the money is sucked out of your bank account? Of everyone's bank account?

Well, either the world just dodged a bullet, or it didn't but we don't know yet. Either way I hope Qualys just dies.

(I'm kind of annoyed that I was about 10% of the way through a blog posting on this though: couldn't they have waited so I could have said 'I told you so' at least?)

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021