BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:

July VEF Participant Wins a Kindle Fire

Posted July 15, 2013    Qui Cao

As you all know, every month we host our Vulnerability Expert Forum (VEF) webinar. This is a time where our experts share valuable insight regarding new vulnerabilities that are discovered and the actions that need to be taken as a result. It’s a quick way to get up to speed on current potential risks to your organization…

Categories:
Vulnerability Management
retinacs-tierarchitecture

What can the Retina CS Threat Management Console do for me?

Posted July 10, 2013    Morey Haber

I am spending this week at the Microsoft Worldwide Partner Conference. It is a change for me. I am attending as a participant partner verses working the traditional conference trade show booth. This is relevant to the blog because as a I network with other partners, I find myself explaining BeyondTrust as a dynamic security…

Categories:
Vulnerability Management
Tags:
, , , , , ,
patch-tuesday

July 2013 Patch Tuesday

Posted July 9, 2013    BeyondTrust Research Team

July’s patch Tuesday fixes vulnerabilities in .NET, Windows, and Internet Explorer. There are a total of seven bulletins addressing 34 unique vulnerabilities; six bulletins are rated critical and one is rated important. MS13-052 addresses a TrueType font parsing vulnerability in .NET (CVE-2013-3129, also addressed in MS13-053 and MS13-054), as well as six other vulnerabilities. This…

Categories:
Security Research
Tags:
, ,
gold-star

Getting a gold star in compliance

Posted July 9, 2013    Mike Yaffe

You know I realize that I’m getting older after I lived through “this is gonna be the big year for PKI (heard that for 4 straight years, and I’m still waiting)”, or “everyone will have a digital certificate on all their credit cards next year”, or “security and compliance are two different things.” As for…

Categories:
Vulnerability Management
Tags:
, , , , , , ,
videolan

VLC Media Player MKV Integer Overflow

Disclosed July 9, 2013    Fully Patched
Vendors: VideoLAN
Vulnerability Severity: High
Exploit Impact: Remote Code Execution
Exploit Availability:
Categories:
Zeroday Tracker
corel

Multiple Remote Code Execution Vulnerabilities in Corel PDF Fusion

Disclosed July 8, 2013    Zeroday : 438 days
Vendors: Corel
Vulnerability Severity: High
Exploit Impact: Remote Code Execution
Exploit Availability: Publicly Available
Categories:
Zeroday Tracker
sclogoupdated_1448

Our CTO Writes for SC Magazine’s Threat of the Month: SCADA “sport fishing”

Posted July 2, 2013    Sarah Lieber

Our CTO, Marc Maiffret wrote for the SC Magazine column,Threat of the Month: SCADA “sport fishing” section yesterday. Read an excerpt below and read the full article here. What is it? SCADA is not just a focus because of its often critical deployments, but also because performing vulnerability research on SCADA systems is easy, like…

Categories:
General
Tags:
, , , , , , , ,
BTU2

School is in Session

Posted July 1, 2013    Mike Puterbaugh

We’re proud to announce that we’ve scheduled the next installments of BeyondTrust University. BeyondTrust’s commitment to our customer’s success goes beyond the typical vendor/client relationship. To better serve our customers and partners who rely upon our privilege identity and vulnerability management solutions, we have developed a world-class training curriculum to complement our award-winning security and…

Categories:
Vulnerability Management
Tags:
, , , ,
cuteflow

CuteFlow Multiple Vulnerabilities

Disclosed July 1, 2013    Zeroday : 445 days
Vendors: CuteFlow
Vulnerability Severity: Medium
Exploit Impact: Arbitrary File Upload, Cross-Site Scripting, Security Bypass, SQL Injection
Exploit Availability: Publicly Available
Categories:
Zeroday Tracker
PBIS-operations-dashboard

Our Newest Product Release: PowerBroker Identity Services 7.5

Posted June 26, 2013    Sarah Lieber

We are very excited for the announcement of our latest release of PowerBroker Identity Services 7.5, the industry’s most effective solution for bridging Linux, UNIX and Mac OS X assets into Active Directory. This latest update provides the strongest communications encryption to date, as well as the utmost flexibility with regards to event notification and management….

Categories:
Privileged Account Management
Tags:
, , , , , , , , ,