BeyondTrust

Security In Context

Bringing you news and commentary on solutions and strategies for protecting your critical IT infrastructure.

Archive for January, 2013

United States Health Department

United States Health Department Updates HIPAA Guidelines

It comes as no surprise to information technology security professionals that data leaks and privacy issues can occur at virtually any level of an organization including business associates, contractors, subs-contractors and outsourced firms like payroll and billing. With this, it is has been a long time coming that the U.S. Department of Health and Human…

Post by Morey Haber January 25, 2013
Tags:
, , , , , ,
BeyondTrust is the expert source of VMware Security LEARN MORE
Retina Insight

Vulnerability and Identity Management (VIM) Fusion

Why BeyondTrust? BeyondTrust is a unique company in the security industry that has created the first and only fusion of Vulnerability and Identity Management (VIM). While the industry has spent over a decade refining the process of vulnerability identification and reporting using standards like OVAL and CVE, BeyondTrust has taken the leadership position in understanding what risk…

Post by Morey Haber January 23, 2013
Tags:
, , , ,
Hiding in plain sight

IT Security’s Best Kept Secret – Hiding in Plain Sight

This blog post was first posted on Wired.com on January 22nd, 2013. It can be found, in it’s original formatting, here: http://insights.wired.com/profiles/blogs/it-security-s-best-kept-secret-hiding-in-plain-sight               There’s a reason the old saying “an ounce of prevention is worth of a pound a cure” resonates in so many situations – because it’s true….

Post by Mike Puterbaugh January 22, 2013
Tags:
, , , , , ,

January VEF Participant Wins a Kindle Fire

As you all know, every month we host our Vulnerability Expert Forum (VEF) webinar. This is a time where our experts share valuable insight regarding new vulnerabilities that are discovered and the actions that need to be taken as a result. It’s a quick way to get up to speed on current potential risks to your organization…

Post by Qui Cao January 17, 2013

Java/IE 0days Put to Bed

Over the past two days, two actively exploited 0day vulnerabilities got patched. Yesterday, Oracle addressed the 0day in Java, CVE-2013-0422, with an new update, Java 7u11. Today, Microsoft addressed the 0day in Internet Explorer 6-9, CVE-2012-4792, with MS13-008. In addition to fixing the 0day vulnerability, the Java update changes the default security level setting from…

Post by BeyondTrust Research Team January 14, 2013
Tags:
, , , , ,
java7

Java Zero Day Exploit – Java 7 Not the Answer

A new Java zero-day vulnerability has been seen exploiting hundreds of thousands of machines. This 0day has already been incorporated into Cool Exploit Kit and Blackhole, in addition to Nuclear Pack and Redkit. This vulnerability affects Java 7 versions up to and including the current version of Java, 7u10. It should be noted that while…

Post by BeyondTrust Research Team January 10, 2013
Tags:
, , , , , ,

January 2013 Patch Tuesday: Patches, but none for the IE 0day!

Happy New Year! Starting off 2013, we’ve got a critical vulnerability within the Windows Print Spooler, and we’re still seeing bugs surface in widely used software like MSXML, the .NET framework, and SSL/TLS. January’s Patch Tuesday greets us with seven patches, addressing 12 vulnerabilities across a spectrum of Microsoft software. Two of these bulletins are…

Post by BeyondTrust Research Team January 8, 2013