BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:
aloaha

Aloaha PDF Suite Buffer Overflow Vulnerability

Disclosed August 28, 2013    Zeroday : 330 days
Vendors: Aloaha Software
Vulnerability Severity: High
Exploit Impact: Remote Code Execution
Exploit Availability: Publicly Available
Categories:
Zeroday Tracker
avtech

AVTECH DVR Multiple Vulnerabilities

Disclosed August 28, 2013    Zeroday : 330 days
Vendors: AVTECH
Vulnerability Severity: High
Exploit Impact: Remote Code Execution, Security Bypass
Exploit Availability: Publicly Available
Categories:
Zeroday Tracker
vmworld2013_logo_richblack

Live from VMWorld

Posted August 27, 2013    Morey Haber

This time it is all about virtualization and rightfully so. VMWorld 2013 is one of the largest shows I have seen in a long time, focused solely on a single subject and vendors are spread out across the expo floor covering everything from layer 7 switching fabrics for virtualized networks, to high speed SSD caches…

Categories:
Vulnerability Management
Tags:
, , , , , ,
FIMScreenRename_2_shadow

A Use Case for File Integrity Monitoring within PowerBroker for Windows

Posted August 22, 2013    Jason Silva

As most of you are aware, PowerBroker for Windows v6 introduced File Integrity Monitoring (FIM) into the software.  For those of you who did not know this, FIM allows an Admin to specify protections over files/folders so these assets can only be modified by certain users or service accounts.  It also protects against renaming the…

Categories:
Privileged Account Management
Tags:
, , , ,
zeroday-default

Ovidentia Multiple Vulnerabilities

Disclosed August 22, 2013    Zeroday : 336 days
Vendors: Ovidentia CANTICO
Vulnerability Severity: Medium
Exploit Impact: Information Disclosure
Exploit Availability: Publicly Available
Categories:
Zeroday Tracker
did you know

Did you know? Continuous Protection feature

Posted August 21, 2013    Morgan Holm

Did you know that the continuous protection feature in the PowerBroker Management Suite is unique in the market?  You may have heard it referred to as continuous recovery or continuous backup. What is it? – It’s like the undo feature found in MS Word but for Active Directory (AD). PowerBroker Auditor for Active Directory provides…

Categories:
Privileged Account Management
Tags:
, , , ,
Marc-CNN-Facebook

Our CTO Interviewed on CNN: Man exposes Facebook security flaw

Posted August 19, 2013    Sarah Lieber

Marc Maiffret spoke on CNN earlier today about the Palestinian IT specialist, Khalil Shreateh, who exposed a Facebook security flaw and due to miscommunication, was not awarded a bounty for his work. A quick excerpt and a link to the interview are below. “He found a great vulnerability in Facebook, he tried to report it responsibly in…

Categories:
Vulnerability Management
Tags:
, , , , , ,

August VEF Participant Wins a Kindle Fire

Posted August 19, 2013    Qui Cao

As you all know, every month we host our Vulnerability Expert Forum (VEF) webinar. This is a time where our experts share valuable insight regarding new vulnerabilities that are discovered and the actions that need to be taken as a result. It’s a quick way to get up to speed on current potential risks to your organization…

Categories:
Vulnerability Management
Tags:
, , , , , , , , , , ,
patch-tuesday

August 2013 Patch Tuesday

Posted August 13, 2013    BeyondTrust Research Team

Just a little over one week after hackers flooded Vegas for BlackHat and Defcon, August’s Patch Tuesday greets us with eight bulletins: three critical and five important. Software fixed this month includes Internet Explorer, Exchange, Windows, and Active Directory. MS13-059 addresses 11 privately disclosed vulnerabilities, including multiple memory corruptions, an information disclosure, and a privilege…

Categories:
Security Research
Tags:
,
Retina CS

Top 5 Tips and Tricks for Retina CS 4.5

Posted August 8, 2013    Morey Haber

I honestly believe we have the best pre-sales, post sales, and technical support departments in the security industry. They are responsive, technical, and can customize BeyondTrust solutions to match individual business requirements, even when they are pretty comprehensive outside-of-the-box. Based on their work, we have an internal process and external knowledge base to document these…

Categories:
Vulnerability Management
Tags:
, , , , , , ,