BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

BeyondTrust’s CTO Develops A Handy Guide for Beating the Flame Malware

Posted May 31, 2012    Peter McCalister

BeyondTrust’s CTO, Marc Maiffret, wrote up an insightful analysis of the Flame Malware and actions you can take now to identify, detect and remediate the vulnerabilities. Below is an excerpt:

“The Flame malware is currently leveraging two older Microsoft vulnerabilities that have been patched since August and September of 2010 (specifically, that is Microsoft Security Bulletin’s MS10-046 and MS10-061). In this case you should have a proper vulnerability and patch management process within your organization to verify that you do not have these unpatched vulnerabilities which Flame has been known to use.

Secondarily, the Flame malware has been shown to have capabilities to leverage Windows Domain Administrator credentials to further spread to other systems. While some investigation is being done it is recommended that best practices are followed to ensure your organization is running with “least privilege” user accounts so as to not more easily allow malware to embed within a system and further propagate.

Specifically for eEye, now BeyondTrust customers and community users there are many ways that the BeyondTrust Retina CS Vulnerability Management platform can help you get visibility and control over this Flame malware.”

If you don’t already know our free Retina Community security products, now is as good a time as any to go grab it. BeyondTrust’s flagship Retina CS Vulnerability Management solution has the capability to identify both systems infected with the Flame malware and systems with vulnerabilities that Flame malware can leverage for infection. Read the entire step-by-step guide on the eEye blog now.

Leave a Reply

Additional articles

Sudo_logo

Don’t Create a Different sudoers File for Each System

Posted May 20, 2015    Randy Franklin Smith

What if you have multiple Linux and/or Unix systems? Sudo management can become onerous and unwieldy if you try to manage a different sudoers file on each system. The good news is that sudo supports multiple systems.

password-safety

What Does Microsoft Local Administrator Password Solution Really Do?

Posted May 19, 2015    Morey Haber

LAPS is a feature that allows the randomization of local administrator accounts across the domain. Although it would seem that this capability overlaps with features in BeyondTrust’s PowerBroker Password Safe (PBPS), the reality is it is more suited for simple use cases such as changing the local Windows admin account and not much more.

Tags:
, ,
webinar_ondemand

On Demand Webinar: Securing Windows Server with Security Compliance Manager

Posted May 14, 2015    BeyondTrust Software

On Demand Webinar: Security Expert Russell Smith, explains how to use Microsoft’s free Security Compliance Manager (SCM) tool to create and deploy your own security baselines, including user and computer authentication settings.

Tags:
, ,