Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.


March, 2014


The Growing Government Interest in Cyber R&D

Posted March 26, 2014    BeyondTrust Software

Both US and International governments have been shifting their focus to the research and development of technology to protect critical cyber assets. At the recent AFCEA Homeland Security Conference, cyber security was one of the main topics covered by keynote speakers and exhibitors. We’ve compiled some of the latest endeavors taking place on behalf of…

, , , , , , ,

Microsoft Word Zeroday – Set to expire?

Posted March 25, 2014    BeyondTrust Research Team

Researchers at Google have notified Microsoft of a new Word zeroday vulnerability. This attack is currently being leveraged in the wild to target systems running Microsoft Word 2010. The attack can be successful simply by a user opening a maliciously crafted RTF file within Microsoft Word. The full extent of the breaches caused by this…

, ,

Haihaisoft Universal Player Buffer Overflow

Disclosed March 25, 2014    Zeroday : 558 days
Vendors: Haihaisoft
Vulnerability Severity: High
Exploit Impact: Remote Code Execution
Exploit Availability: Publicly Available

Microsoft Word 2010 Memory Corruption

Disclosed March 24, 2014    Fully Patched
Vendors: Microsoft
Vulnerability Severity: High
Exploit Impact: Remote Code Execution
Exploit Availability: Publicly Available

Apache CouchDB UUIDs Request Denial of Service Vulnerability

Disclosed March 24, 2014    Zeroday : 559 days
Vendors: Apache Software Foundation
Vulnerability Severity: Medium
Exploit Impact: Denial of Service
Exploit Availability: Publicly Available

Getting Retina Data into Splunk

Posted March 21, 2014    Jason Williams

SIEM products do a great job correlating information from a laundry list of security and operational solutions in order to gain visibility and context within an IT environment. Today we are going to show how to forward Retina Network security data into Splunk to help improve visibility and decision making. This integration can be completed…

, , , , , ,

Auditing Privileged Access on Windows

Posted March 20, 2014    Morey Haber

When a user is given privileged access to a Windows host, they gain access to a wide variety of tools to control the system. Everything from the GUI and Start Menu to PowerShell and command line allow system alteration and software installation. In truly secure world, no end users would have administrative privileges. However, we…

, , , , , , , ,

March VEF Participant Wins a Apple iPad mini

Posted March 20, 2014    Qui Cao

Every month we host our Vulnerability Expert Forum (VEF) webinar. This is a time where our experts share valuable insight regarding new vulnerabilities that are discovered and the actions that need to be taken as a result. It’s a quick way to get up to speed on current potential risks to your organization and a…


CVE-2014-0301 Analysis

Posted March 19, 2014    BeyondTrust Research Team

This blog post will demonstrate how to leverage binary diffing in order to identify a recently patched Microsoft security flaw leveraging only public data. This is a common practice in the security researcher and attacker space but is a useful reminder for those working in IT how straight forward vulnerability identification can be. For this…


Kaspersky RegExp Remote Denial of Service Vulnerability

Disclosed March 18, 2014    Zeroday : 565 days
Vendors: Kaspersky
Vulnerability Severity: Low
Exploit Impact: Denial of Service
Exploit Availability: Publicly Available