BeyondTrust

Security In Context

Bringing you news and commentary on solutions and strategies for protecting your critical IT infrastructure.

Hiding in plain sight

IT Security’s Best Kept Secret – Hiding in Plain Sight

This blog post was first posted on Wired.com on January 22nd, 2013. It can be found, in it’s original formatting, here: http://insights.wired.com/profiles/blogs/it-security-s-best-kept-secret-hiding-in-plain-sight               There’s a reason the old saying “an ounce of prevention is worth of a pound a cure” resonates in so many situations – because it’s true….

Post by Mike Puterbaugh January 22, 2013
Tags:
, , , , , ,

January VEF Participant Wins a Kindle Fire

As you all know, every month we host our Vulnerability Expert Forum (VEF) webinar. This is a time where our experts share valuable insight regarding new vulnerabilities that are discovered and the actions that need to be taken as a result. It’s a quick way to get up to speed on current potential risks to your organization…

Post by Qui Cao January 17, 2013

Java/IE 0days Put to Bed

Over the past two days, two actively exploited 0day vulnerabilities got patched. Yesterday, Oracle addressed the 0day in Java, CVE-2013-0422, with an new update, Java 7u11. Today, Microsoft addressed the 0day in Internet Explorer 6-9, CVE-2012-4792, with MS13-008. In addition to fixing the 0day vulnerability, the Java update changes the default security level setting from…

Post by BeyondTrust Research Team January 14, 2013
Tags:
, , , , ,
java7

Java Zero Day Exploit – Java 7 Not the Answer

A new Java zero-day vulnerability has been seen exploiting hundreds of thousands of machines. This 0day has already been incorporated into Cool Exploit Kit and Blackhole, in addition to Nuclear Pack and Redkit. This vulnerability affects Java 7 versions up to and including the current version of Java, 7u10. It should be noted that while…

Post by BeyondTrust Research Team January 10, 2013
Tags:
, , , , , ,

January 2013 Patch Tuesday: Patches, but none for the IE 0day!

Happy New Year! Starting off 2013, we’ve got a critical vulnerability within the Windows Print Spooler, and we’re still seeing bugs surface in widely used software like MSXML, the .NET framework, and SSL/TLS. January’s Patch Tuesday greets us with seven patches, addressing 12 vulnerabilities across a spectrum of Microsoft software. Two of these bulletins are…

Post by BeyondTrust Research Team January 8, 2013
ieflaw

Another (sigh) IE Zero-Day

Unfortunately, the security industry was not going to escape 2012 without seeing yet another zero-day vulnerability in Microsoft’s Internet Explorer. It has been discovered that a targeted attack, leveraging a zero-day in IE, has been posed against the Council on Foreign Relations Portal. The technical origin of the flaw is as follows: the vulnerability occurs…

Post by BeyondTrust Research Team December 30, 2012
Tags:
, , , , , ,
sclogoupdated_1448

BeyondTrust Named 2012 Industry Innovator by SC Magazine

We’re happy to announce that SC Magazine has recognized BeyondTrust as a 2012 Industry Innovator! Read the report here. What SC Magazine Says. “BeyondTrust is far more than a one-trick pony. The company’s creativity and drive to innovate is what keeps this organization at the forefront of its market. Like many companies, currently and in…

Post by Sarah Lieber December 21, 2012
Tags:
, , , , ,
wipers

Batchwiper: How I Learned to Worry Less and Love Least Privilege Security

With news coming from Iran’s CERT of a nasty (but not really nasty) new piece of malware designed to wipe drives and desktop contents on a specific date, we took the straightforward approach of examining what common, easily implemented security best practices could have stopped Batchwiper in its tracks… As far as malware goes, Batchwiper…

Post by BeyondTrust Research Team December 19, 2012
Java-Logo

JRE 6 automatic upgrade to JRE 7, coming soon

Starting this month, Oracle will be automatically replacing Java Runtime Environment (JRE) 6 installations with JRE 7 installations on a small amount of users’ systems (the users are randomly chosen). This will be done to ensure that the automatic upgrading mechanism is working properly. In February 2013, the last public version of JRE 6 (Java…

Post by BeyondTrust Research Team December 19, 2012
Tags:
, , , , , , ,
bt-bb-acq

Media Coverage Roundup | BeyondTrust Acquires Blackbird Group

Today we announced the acquisition of Blackbird Group, a leader in Windows system management. With this addition, BeyondTrust furthers our vision to simplify IT security operations management, while providing customers much-needed context to improve decision-making to protect against both internal and external security threats. We’re happy to welcome the Blackbird Group! Read the official announcement now….

Post by Sarah Lieber December 12, 2012
Tags:
, , , , , , , ,