BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:

May, 2012

FlameRetardantSymbol-250x250

BeyondTrust’s CTO Develops A Handy Guide for Beating the Flame Malware

Posted May 31, 2012    Peter McCalister

BeyondTrust’s CTO, Marc Maiffret, wrote up an insightful analysis of the Flame Malware and actions you can take now to identify, detect and remediate the vulnerabilities. Below is an excerpt: “The Flame malware is currently leveraging two older Microsoft vulnerabilities that have been patched since August and September of 2010 (specifically, that is Microsoft Security…

fireextinguisher-98x98

Putting out the Flames

Posted May 30, 2012    Marc Maiffret

Stop me if you’ve heard this one before: there is a new piece of malware and this one is even worse than the last one. It is bigger, scarier, more complex and will take years, according to some estimates, to actually ever know what the malware really does. And of course it already has a…

Tags:
, , , ,
retinainsight-pivotgrids2-680x242-1

Retina Insight Pivot Grids, Custom Report Sharing on BeyondTrust Forums

Posted May 29, 2012    Morey Haber

Around this time last year I wrote a blog on the Pivot Grids within Retina Insight and how they allow a user to custom build historical reports based on almost every piece of data collected by Retina Insight. Recently I spoke with an analyst on this same topic and he was very pleased to see that we…

Tags:
, , , , , , , ,
gear6-98x98

Configuration Mistakes Make for Costly Security Gaps

Posted May 25, 2012    Daniel Jacobowitz

Earlier this week, Brian Prince over at Security Week posted an article on a subject that we’ve always been passionate about here at eEye, now BeyondTrust, Research – and that’s configuration.  More specifically, the incredible impact that smart, effective configuration can have on reducing attack surface for any size organization.

Tags:
, , ,
Chrome-No.-1-Browser-98x98

Chrome continues its march to security domination. We nod knowingly.

Posted May 22, 2012    The eEye Research Team

As security researchers, we’re always looking for ways to put the security conversation in the spotlight; be it an interesting fact, figure or editorial. By now you’ve probably read about how Google Chrome has achieved the number one browser position, worldwide (according to StatCounter). Coming in at about 32.76% of the global browser market share,…

Tags:
, , , , , , ,
playbook

Don’t Leave Mobile Devices Unchecked in the Enterprise

Posted May 21, 2012    Peter McCalister

In recent months, there has been a lot of publicity around BYOD (Bring Your Own Device). Respectfully, this forward thinking personalizes work culture for employees as well as provides cost savings by scratching mobile device purchases off the list of company spending. Since BYOD provides the opportunity for individuals to act as their own administrators…

cloud

The Evolving Threat Landscape

Posted May 18, 2012    Peter McCalister

With new vulnerabilities being exploited daily through desktop applications, employee-owned devices, remote computing, and social networks, protecting sensitive company assets can appear daunting. The boldness and inventiveness of hackers is outrunning companies’ ability to deal with them. According to DataLossDB.org, there were 1,030 publically disclosed data breach incidents in 2011. Theft of intellectual property from…

microsoft

Windows XP Keyboard Layouts Pool Corruption Local Privilege Elevation

Disclosed May 18, 2012    No Patch Available
Vendors: Microsoft
Vulnerability Severity: Medium
Exploit Impact: Elevation of Privilege
Exploit Availability:
VEF-March-newsletter-98x98

eEye’s May Patch Tuesday Assessment Now Available On Demand

Posted May 17, 2012    Sarah Lieber

Miss our live VEF webinar earlier this week? In case you did, I’ve put all of the content together for you below. Enjoy! Additionally, access this month’s Security Bulletin, a list of all the Audit IDs, and the PDF of the presentation. If you have additional questions you’d like to ask the research team about…

Tags:
, , , , , ,
acquisition-img4-98x98

BeyondTrust and eEye Acquisition Announcement Now On Demand

Posted May 17, 2012    Peter McCalister

There’s been a good amount of buzz surrounding our announcement that BeyondTrust acquired eEye Digital Security. We’re very excited about it and the opportunity the combined company has to provide an unmatched protection strategy for both the internal and external threats that target today’s enterprise.