BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

BeyondTrust’s CTO Develops A Handy Guide for Beating the Flame Malware

Posted May 31, 2012    Peter McCalister

BeyondTrust’s CTO, Marc Maiffret, wrote up an insightful analysis of the Flame Malware and actions you can take now to identify, detect and remediate the vulnerabilities. Below is an excerpt:

“The Flame malware is currently leveraging two older Microsoft vulnerabilities that have been patched since August and September of 2010 (specifically, that is Microsoft Security Bulletin’s MS10-046 and MS10-061). In this case you should have a proper vulnerability and patch management process within your organization to verify that you do not have these unpatched vulnerabilities which Flame has been known to use.

Secondarily, the Flame malware has been shown to have capabilities to leverage Windows Domain Administrator credentials to further spread to other systems. While some investigation is being done it is recommended that best practices are followed to ensure your organization is running with “least privilege” user accounts so as to not more easily allow malware to embed within a system and further propagate.

Specifically for eEye, now BeyondTrust customers and community users there are many ways that the BeyondTrust Retina CS Vulnerability Management platform can help you get visibility and control over this Flame malware.”

If you don’t already know our free Retina Community security products, now is as good a time as any to go grab it. BeyondTrust’s flagship Retina CS Vulnerability Management solution has the capability to identify both systems infected with the Flame malware and systems with vulnerabilities that Flame malware can leverage for infection. Read the entire step-by-step guide on the eEye blog now.

Leave a Reply

Additional articles

PowerBroker for Unix & Linux helps prevent Shellshock

Posted September 25, 2014    Paul Harper

Like many other people who tinker with UNIX and Linux on a regular basis, BASH has always been my shell of choice.  Dating back to the early days moving from Windows to a non-Windows platform, mapping the keys correctly to allow easy navigation and control helped ensure an explosion of use for the shell. Unfortunately,…

Bash “Shellshock” Vulnerability – Retina Updates

Posted September 24, 2014    BeyondTrust Research Team

A major vulnerability was recently discovered within bash which allows arbitrary command execution via specially crafted environment variables. This is possible due to the fact that bash supports the assignment of shell functions to shell variables. When bash parses environment shell functions, it continues parsing even after the closing brace of the function definition. If…

pbps-blog3

7 Reasons Customers Switch to Password Safe for Privileged Password Management

Posted September 24, 2014    Chris Burd

It’s clear that privileged password management tools are essential for keeping mission-critical data, servers and assets safe and secure. However, as I discussed in my previous post, there are several pitfalls to look out for when deploying a privileged password management solution. At this point, you may be wondering how BeyondTrust stacks up. With that,…

Tags:
, , , , ,