BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:
FIMScreenRename_2_shadow

A Use Case for File Integrity Monitoring within PowerBroker for Windows

Posted August 22, 2013    Jason Silva

As most of you are aware, PowerBroker for Windows v6 introduced File Integrity Monitoring (FIM) into the software.  For those of you who did not know this, FIM allows an Admin to specify protections over files/folders so these assets can only be modified by certain users or service accounts.  It also protects against renaming the…

Categories:
Privileged Account Management
Tags:
, , , ,
zeroday-default

Ovidentia Multiple Vulnerabilities

Disclosed August 22, 2013    Zeroday : 392 days
Vendors: Ovidentia CANTICO
Vulnerability Severity: Medium
Exploit Impact: Information Disclosure
Exploit Availability: Publicly Available
Categories:
Zeroday Tracker
did you know

Did you know? Continuous Protection feature

Posted August 21, 2013    Morgan Holm

Did you know that the continuous protection feature in the PowerBroker Management Suite is unique in the market?  You may have heard it referred to as continuous recovery or continuous backup. What is it? – It’s like the undo feature found in MS Word but for Active Directory (AD). PowerBroker Auditor for Active Directory provides…

Categories:
Privileged Account Management
Tags:
, , , ,
Marc-CNN-Facebook

Our CTO Interviewed on CNN: Man exposes Facebook security flaw

Posted August 19, 2013    Sarah Lieber

Marc Maiffret spoke on CNN earlier today about the Palestinian IT specialist, Khalil Shreateh, who exposed a Facebook security flaw and due to miscommunication, was not awarded a bounty for his work. A quick excerpt and a link to the interview are below. “He found a great vulnerability in Facebook, he tried to report it responsibly in…

Categories:
Vulnerability Management
Tags:
, , , , , ,

August VEF Participant Wins a Kindle Fire

Posted August 19, 2013    Qui Cao

As you all know, every month we host our Vulnerability Expert Forum (VEF) webinar. This is a time where our experts share valuable insight regarding new vulnerabilities that are discovered and the actions that need to be taken as a result. It’s a quick way to get up to speed on current potential risks to your organization…

Categories:
Vulnerability Management
Tags:
, , , , , , , , , , ,
patch-tuesday

August 2013 Patch Tuesday

Posted August 13, 2013    BeyondTrust Research Team

Just a little over one week after hackers flooded Vegas for BlackHat and Defcon, August’s Patch Tuesday greets us with eight bulletins: three critical and five important. Software fixed this month includes Internet Explorer, Exchange, Windows, and Active Directory. MS13-059 addresses 11 privately disclosed vulnerabilities, including multiple memory corruptions, an information disclosure, and a privilege…

Categories:
Security Research
Tags:
,
Retina CS

Top 5 Tips and Tricks for Retina CS 4.5

Posted August 8, 2013    Morey Haber

I honestly believe we have the best pre-sales, post sales, and technical support departments in the security industry. They are responsive, technical, and can customize BeyondTrust solutions to match individual business requirements, even when they are pretty comprehensive outside-of-the-box. Based on their work, we have an internal process and external knowledge base to document these…

Categories:
Vulnerability Management
Tags:
, , , , , , ,
atlassian

Atlassian Confluence GET Parameter Cross-Site Scripting

Disclosed August 7, 2013    Fully Patched
Vendors: Atlassian
Vulnerability Severity: Medium
Exploit Impact:
Exploit Availability:
Categories:
Zeroday Tracker
hikvision

Hikvision IP Cameras Multiple Vulnerabilities

Disclosed August 6, 2013    Zeroday : 408 days
Vendors: Hikvision
Vulnerability Severity: High
Exploit Impact: Elevation of Privilege, Remote Code Execution, Security Bypass
Exploit Availability: Publicly Available
Categories:
Zeroday Tracker
New-Audit-Review-screenshot

Did you know? Create custom audit views and reports with PowerBroker Auditor for Active Directory

Posted July 31, 2013    Morgan Holm

Did you know about the create custom audit views and reports feature in the PowerBroker Auditor for Active Directory solution?  Even though there are already around 200 built-in audit views that ship with the product organizations need to be able to target specific information for their environment and the task that is at hand. Needless…

Categories:
Privileged Account Management
Tags:
, , , , , , , , , ,