BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:
VMware Hardening Guidelines-img3

How to Audit VMware ESX and ESXi Servers Against the VMware Hardening Guidelines with Retina CS

Posted February 27, 2015    BeyondTrust Research Team

Retina CS Enterprise Vulnerability Management has included advanced VMware auditing capabilities for some time, including virtual machine discovery and scanning through a cloud connection, plus the ability to scan ESX and ESXi hosts using SSH. However, in response to recent security concerns associated with SSH, VMware has disabled SSH by default in its more recent…

Categories:
Vulnerability Management
Tags:
, , , ,
dave-shackleford-headshot

Privileged Passwords: The Bane of Security Professionals Everywhere

Posted February 19, 2015    Dave Shackleford

Passwords have been with us since ancient times. Known as “watchwords”, ancient Roman military guards would pass a wooden tablet with a daily secret word engraved from one shift to the next, with each guard position marking the tablet to indicate it had been received. The military has been using passwords, counter-passwords, and even sound…

Categories:
Privileged Account Management
Tags:
, , ,
Privileged Account Management Process

In Vulnerability Management, Process is King

Posted February 18, 2015    Morey Haber

You have a vulnerability scanner, but where’s your process? Most organizations are rightly concerned about possible vulnerabilities in their systems, applications, networked devices, and other digital assets and infrastructure components. Identifying vulnerabilities is indeed important, and most security professionals have some kind of scanning solution in place. But what is most essential to understand is…

Categories:
Vulnerability Management
Tags:
, , , , ,
bank theft img

The Vulnerabilities and Privileges of Carbanak Bank Thieves

Posted February 17, 2015    BeyondTrust Research Team

Recently Kaspersky released analysis of a series of significant breaches against financial institutions by a group they have dubbed Carbanak. The attacks go back over 2 years and estimates are that potentially $1 billion dollars in total were stolen from more than 100 financial institutions. In some cases the attackers were active in victim organizations between…

Categories:
Privileged Account Management, Security Research, Vulnerability Management
Tags:
, , ,
12

Fuzzing for MS15-010

Posted February 17, 2015    BeyondTrust Research Team

Intro This past Patch Tuesday Microsoft released MS15-010: Vulnerabilities in Windows Kernel-Mode Driver Could Allow Remote Code Execution.  This patch addressed multiple privately reported vulnerabilities in win32k.sys and one publicly disclosed vulnerability in cng.sys. Win32k.sys Diff The first notable thing we noticed was that several handlers for TrueType instructions, @irtp_*, were touched.  While we did…

Categories:
Network Security, Security Research
Tags:
, ,
patch-tuesday

February 2015 Patch Tuesday

Posted February 10, 2015    BeyondTrust Research Team

Microsoft patched a fairly hefty 58 CVEs across 9 bulletins this month, with Internet Explorer taking the lion’s share of those fixes. Among the offending flaws are remote code execution, security bypass, elevation of privilege, and information disclosure vulnerabilities. MS15-009 fixes 41 assorted flaws in Internet Explorer including remote code execution, ASLR bypass, privilege elevation…

Categories:
General, Network Security, Vulnerability Management
Tags:
, ,
vaut

Overcoming the One Fatal Flaw of Enterprise Password Management

Posted February 9, 2015    Morey Haber

There are a wide variety of enterprise password management products available in the market – from high availability enterprise solutions to personal desktop tools. These products are delivered by vendors such as BeyondTrust and others like CyberArk, Thycotic, LastPass, and even Apple’s Keychain. The goal of all of these solutions is to simplify the storage,…

Categories:
New Features, Privileged Account Management
Tags:
, , , ,
Anthem Breach

The Anthem Breach: What We Know Now

Posted February 5, 2015    Morey Haber

I learned about the breach directly from the CEO before all the hype and speculation hit. This is the level of caring and responsibility I personally expect as an Anthem customer. So now that the news is out there, let’s talk about the technical aspects of the breach.

Categories:
General, Network Security, Privileged Account Management, Vulnerability Management
Tags:
, , ,
Lightbulb

Advanced Threat Analytics Reveals Hidden Risks: Introducing BeyondInsight Clarity

Posted February 3, 2015    Chris Burd

BeyondInsight Clarity, now shipping standard with BeyondInsight v5.4, enables our customers to detect critical IT security threats previously lost amidst volumes of data, while identifying specific users, accounts and assets exhibiting patterns of risky activity.

Categories:
General, Network Security, New Features, Privileged Account Management, Vulnerability Management
Tags:
, , , , , , , , ,

Are Your Data Security Efforts Focused in the Right Area?

Posted January 28, 2015    Scott Lang

Vormetric Data Security recently released an insider threat report, with research conducted by HarrisPoll and analyzed by Ovum. Based on the survey responses, it is apparent that there is still a great deal of insecurity over data. However, the results also show that there may be misplaced investments to address those insecurities. I will explain…

Categories:
Privileged Account Management
Tags: