BeyondTrust

Security In Context

Bringing you news and commentary on solutions and strategies for protecting your critical IT infrastructure.

BeyondTrust’s CTO Develops A Handy Guide for Beating the Flame Malware

Post by Peter McCalister May 31, 2012

BeyondTrust’s CTO, Marc Maiffret, wrote up an insightful analysis of the Flame Malware and actions you can take now to identify, detect and remediate the vulnerabilities. Below is an excerpt:

“The Flame malware is currently leveraging two older Microsoft vulnerabilities that have been patched since August and September of 2010 (specifically, that is Microsoft Security Bulletin’s MS10-046 and MS10-061). In this case you should have a proper vulnerability and patch management process within your organization to verify that you do not have these unpatched vulnerabilities which Flame has been known to use.

Secondarily, the Flame malware has been shown to have capabilities to leverage Windows Domain Administrator credentials to further spread to other systems. While some investigation is being done it is recommended that best practices are followed to ensure your organization is running with “least privilege” user accounts so as to not more easily allow malware to embed within a system and further propagate.

Specifically for eEye, now BeyondTrust customers and community users there are many ways that the BeyondTrust Retina CS Vulnerability Management platform can help you get visibility and control over this Flame malware.”

If you don’t already know our free Retina Community security products, now is as good a time as any to go grab it. BeyondTrust’s flagship Retina CS Vulnerability Management solution has the capability to identify both systems infected with the Flame malware and systems with vulnerabilities that Flame malware can leverage for infection. Read the entire step-by-step guide on the eEye blog now.

Leave a Reply

Additional articles

April VEF Participant Wins a Apple iPad mini

Every month we host our Vulnerability Expert Forum (VEF) webinar. This is a time where our experts share valuable insight regarding new vulnerabilities that are discovered and the actions that need to be taken as a result. It’s a quick way to get up to speed on current potential risks to your organization and a way to…

Post by Qui Cao April 24, 2014
smart rules manager for vulnerabilities - v2

A New Way of Looking at Vulnerabilities in Your Environment

Assets, users, vulnerabilities and exploits; all are common themes in my posts on BeyondInsight. With BeyondInsight v5.1, we unveiled a new way to view exploitable assets. Sure, most vulnerability management solutions link vulnerability data to exploit information, allowing tools like NeXpose and QualysGuard to list an asset, its vulnerabilities, and any related exploits. BeyondInsight does…

Post by Morey Haber April 23, 2014
Tags:
, , , , ,
smart rules manager for vulnerabilities

Staying on Top of the Latest Vulnerabilities with BeyondInsight v5.1

It’s no secret that dozens of new OS and application vulnerabilities are revealed every day. Staying on top of these new exposures normally requires paying for services or subscribing to multiple RSS feeds. BeyondInsight 5.1 provides customers with another option: a built-in, customizable vulnerability alerting system that delivers up-to-date information on the latest vulnerabilities in…

Post by Morey Haber April 21, 2014
Tags:
, , , , , ,