BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:

June, 2010

microsoft

Microsoft Internet Explorer 6 Memory Address Disclosure

Disclosed June 30, 2010    Partially Patched
Vendors: Microsoft
Vulnerability Severity: Medium
Exploit Impact: Remote Code Execution
Exploit Availability:

Important Tips for Endpoint Protection

Posted June 18, 2010    Morey Haber

The guys at “Will it Blend” have done it again.  This time, they have proven through shear brute force that they can blend an iPad. This brute force and physical method for destroying the device is great marketing for their blender and if nothing else, rather entertaining. So, without being so physical, can we destroy…

Mass Infection via SQL Injection of IIS Websites

Posted June 9, 2010    Chris Silva

Multiple security outlets have released reports regarding a mass SQL injection attack that has compromised a large number of public websites – Google search results currently show that over 100,000 pages have been infected. This attack targets Microsoft IIS servers running both ASP and MSSQL.  The automated injection routine appears to leverage a vulnerability in…

Tags:
, ,

Microsoft Patch Tuesday – June 2010

Posted June 8, 2010    Chris Silva

Before we get into today’s details, apologies for the lack of an advanced notification post last Thursday – I was out of the office and good ghost writers are hard to find these days. As for the security bulletins, Microsoft answered back with ten this month – gone is the hope of leaving at a…

Tags:
,

Securing Your Business’ PCs: Beyond Password Protection

Posted June 7, 2010    Morey Haber

Physically securing a PC from would be thieves is not as simple as having a secure password. Last night my friend and I proved that point. His son “forgot” the password to his Windows XP Desktop. While there are many, many tools on the web to delete a password by booting to an alternate OS…

Tags:
, , ,

Avoiding ATM and Credit Card Fraud

Posted June 3, 2010    Morey Haber

The local news is buzzing again about the Powerball (and yes, I play the state lottery). The odds are worse than Vegas and somehow I always fall victim to “you must play to win.” Every time I leave the supermarket I pick up a few tickets from the local vending machine and enter my debit…

Tags:
, ,

How Much of Your Data Can Be Found on the Web?

Posted June 1, 2010    Morey Haber

I came across another website that invades my personal privacy and makes my personal data available to anyone that searches my name. While the results are not 100% accurate, the amount of correct information returned is rather alarming. What makes it more disturbing is that they provide a vehicle to remove your information and also…