Security In Context

Bringing you news and commentary on solutions and strategies for protecting your critical IT infrastructure.

Archive for September, 2013

Retina Security Scanner

Scalability When You Need It

I think we have all been there before. We pilot a solution, run the gambit of tests in the lab, and when it comes to production, the scalability falls flat on its face. It does not matter if the solution was architected correctly for the environment with multiple nodes, high performance database, and tons of…

Post by Morey Haber September 25, 2013
, , ,
BeyondTrust is the expert source of VMware Security LEARN MORE

September VEF Participant Wins an iPad mini

As you all know, every month we host our Vulnerability Expert Forum (VEF) webinar. This is a time where our experts share valuable insight regarding new vulnerabilities that are discovered and the actions that need to be taken as a result. It’s a quick way to get up to speed on current potential risks to your organization…

Post by Qui Cao September 24, 2013
Retina CS

Building Automated Vulnerability Audit Groups

From time to time, the field engineering team and I see the same request cross our desks in a short period of time. This time it was how to remove certain types of audits from running when performing a vulnerability scan originating from Retina CS. The old way of doing things would have required the…

Post by Bill Tillson September 20, 2013
, , , , , , ,

Land of the Rising IE 0day

A new Internet Explorer zeroday has surfaced that affects every supported version of Internet Explorer. It has been observed in the wild in targeted attacks in Japan. Current attacks are focusing on exploiting Internet Explorer 8 and 9 on Windows XP and 7 machines. This is a use-after-free vulnerability in mshtml.dll, which is a DLL…

Post by BeyondTrust Research Team September 17, 2013

September 2013 Patch Tuesday

September’s Patch Tuesday fixes vulnerabilities in SharePoint, Outlook, Word, Excel, Kernel drivers, and more. There are a total of 13 patches, fixing 47 unique CVEs; four bulletins are rated critical and nine bulletins are rated important. MS13-067 addresses ten vulnerabilities in SharePoint server, including versions 2003, 2007, 2010, and 2013, along with Office Web Apps…

Post by BeyondTrust Research Team September 10, 2013

Marc Maiffret Interviewed on CNN: the ‘hacking war’ between the US and Syria

Last week CNN broadcast an investigative story about a potential ‘hacking war’ between the US and Syria, in light of possible US military strikes on Syria.  They wanted to know more about the ‘Syrian Electronic Army’, which shut down the NY Times website last week.  So the CNN team called on Marc to help explain…

Post by Mike Yaffe September 4, 2013
, , , , , , ,