BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:

June, 2013

PBIS-operations-dashboard

Our Newest Product Release: PowerBroker Identity Services 7.5

Posted June 26, 2013    Sarah Lieber

We are very excited for the announcement of our latest release of PowerBroker Identity Services 7.5, the industry’s most effective solution for bridging Linux, UNIX and Mac OS X assets into Active Directory. This latest update provides the strongest communications encryption to date, as well as the utmost flexibility with regards to event notification and management….

Tags:
, , , , , , , , , , ,
kingsoft

Kingsoft Spreadsheets Multiple Buffer Overflows

Disclosed June 26, 2013    Zeroday : 520 days
Vendors: Kingsoft
Vulnerability Severity: High
Exploit Impact: Remote Code Execution
Exploit Availability: No Exploit Available
usa-today

Our CTO, Marc Maiffret Interviewed on USA Today

Posted June 21, 2013    Sarah Lieber

Marc Maiffret, BeyondTrust’s CTO, was recently interviewed on USA Today in the article, “The long road from Code Red to Microsoft’s bug bounty”, where he discussed with Byron Acohido Microsoft’s concession to finally begin paying bug bounties. They talked about why this is a big deal for Microsoft and what Maiffret thinks about this new program. An excerpt…

Tags:
, , , , , ,
patch-tuesday

EMET 4.0: Adding a Layer to the Security Onion

Posted June 19, 2013    BeyondTrust Research Team

With the release of the EMET 4.0 beta back in April, it’s no surprise that there has been a lot of buzz lately around Microsoft’s Enhanced Mitigation Experience Toolkit (EMET). Now, after some delay, the beta testing is over and the brand new, and very shiny, EMET v4 has been released. The latest version of…

Tags:
, ,
PowerBroker-Events-Img2

Control Access and Reduce Risk

Posted June 14, 2013    Bill Virtue

In my last blog I discussed bringing the NOC and SOC closer together, providing IT Operations with tools that improve security. This week I’ll go into more specifics of the solution and show how PowerBroker for Windows is used by both IT Operations and Security Operations teams. The Challenge Supporting a security principle such as…

Tags:
, , , , , ,
NSA-breach

Think You’re Safe from Internal Threats? The NSA Breach Will Make You Think Twice.

Posted June 13, 2013    Rod Simmons

When reading a recent article in the USA Today about how Edward Snowden, a former Booz Allen Hamilton employee and NSA contractor, was able to steal sensitive data via non-specific vectors, I was reminded of the illusion that threats are predominately external to organizations. Even though we might not know exactly how Snowden was able to…

Tags:
, , , , , , , ,
retinacs-dashboard

Our Newest Product Release: Retina CS 4.5

Posted June 13, 2013    Sarah Lieber

We are very excited for our latest release of Retina CS 4.5. With this release, the Retina CS platform continues to extend our leadership in risk identification and prioritization. By integrating the PowerBroker product portfolio with Retina CS, our customers are able to combine vulnerability data with privileged identity and password management risk intelligence, which provides them with improved situational…

Tags:
, , , , , , , , , ,
brickcom

Brickcom Network Cameras Multiple Vulnerabilities

Disclosed June 12, 2013    Zeroday : 534 days
Vendors: Brickcom
Vulnerability Severity: Medium
Exploit Impact: Elevation of Privilege
Exploit Availability: Publicly Available
airlive

Airlive WL2600CAM Multiple Vulnerabilities

Disclosed June 12, 2013    Zeroday : 534 days
Vendors: AirLive
Vulnerability Severity: High
Exploit Impact: Elevation of Privilege
Exploit Availability: Publicly Available
sony

Sony CH/DH Network Cameras Cross-Site Request Forgery

Disclosed June 12, 2013    Zeroday : 534 days
Vendors: Sony
Vulnerability Severity: Medium
Exploit Impact: Cross-Site Request Forgery
Exploit Availability: Publicly Available