BeyondTrust

Security In Context

Bringing you news and commentary on solutions and strategies for protecting your critical IT infrastructure.

match-flame

Flame Malware Burns a Little Brighter

Did you know that Microsoft’s Terminal Server Licensing Service (we’ll call it TSLS for convenience) generated certificates that could be used to sign code? No? Neither did Redmond. Flame leveraged a “0day” (zero day) within TSLS to sign its own code, allowing it to appear as if the code came from Microsoft. This allowed Flame…

Post by Peter McCalister June 5, 2012
flame-98x98

Flame Burns a Little Brighter

Did you know that Microsoft’s Terminal Server Licensing Service (we’ll call it TSLS for convenience) generated certificates that could be used to sign code? No? Neither did Redmond. Flame leveraged a “0day” (zero day) within TSLS to sign its own code, allowing it to appear as if the code came from Microsoft. This allowed Flame…

Post by BeyondTrust Research Team June 4, 2012
Tags:
, , ,
WindowsITPro_200x58

Windows IT Pro Rates PowerBroker Desktop 4 out of 5 Stars

Windows IT Pro has published its review of PowerBroker Desktops, Windows Edition. The review is quite favorable and gave PowerBroker Desktop a 4 out of 5 star rating, saying PowerBroker Desktops is an easier way to protect users’ computers. An excerpt below: “PowerBroker does the heavy lifting for you. Instead of having to relax NTFS…

Post by Peter McCalister June 1, 2012
rsa-archer-egrc-2-680x393

Now Available! Direct Integration from Retina CS into RSA Archer eGRC

Yet another first for BeyondTrust and eEye Digital Security. Our combined companies are proud to release our first new direct integration from Retina CS into RSA Archer eGRC. The business value provides comprehensive vulnerability management data directly into Archer’s Threat Management system. Using direct database access from Archer’s Integration System, the eGRC platform harvests asset…

Post by Morey Haber June 1, 2012
Tags:
, , , , , ,
FlameRetardantSymbol-250x250

BeyondTrust’s CTO Develops A Handy Guide for Beating the Flame Malware

BeyondTrust’s CTO, Marc Maiffret, wrote up an insightful analysis of the Flame Malware and actions you can take now to identify, detect and remediate the vulnerabilities. Below is an excerpt: “The Flame malware is currently leveraging two older Microsoft vulnerabilities that have been patched since August and September of 2010 (specifically, that is Microsoft Security…

Post by Peter McCalister May 31, 2012
fireextinguisher-98x98

Putting out the Flames

Stop me if you’ve heard this one before: there is a new piece of malware and this one is even worse than the last one. It is bigger, scarier, more complex and will take years, according to some estimates, to actually ever know what the malware really does. And of course it already has a…

Post by Marc Maiffret May 30, 2012
Tags:
, , , ,
retinainsight-pivotgrids2-680x242-1

Retina Insight Pivot Grids, Custom Report Sharing on eEye Forums

Around this time last year I wrote a blog on the Pivot Grids within Retina Insight and how they allow a user to custom build historical reports based on almost every piece of data collected by Retina Insight. Recently I spoke with an analyst on this same topic and he was very pleased to see that we…

Post by Morey Haber May 29, 2012
Tags:
, , , , , , , ,
gear6-98x98

Configuration Mistakes Make for Costly Security Gaps

Earlier this week, Brian Prince over at Security Week posted an article on a subject that we’ve always been passionate about here at eEye, now BeyondTrust, Research – and that’s configuration.  More specifically, the incredible impact that smart, effective configuration can have on reducing attack surface for any size organization.

Post by Daniel Jacobowitz May 25, 2012
Tags:
, , ,
Chrome-No.-1-Browser-98x98

Chrome continues its march to security domination. We nod knowingly.

As security researchers, we’re always looking for ways to put the security conversation in the spotlight; be it an interesting fact, figure or editorial. By now you’ve probably read about how Google Chrome has achieved the number one browser position, worldwide (according to StatCounter). Coming in at about 32.76% of the global browser market share,…

Post by The eEye Research Team May 22, 2012
Tags:
, , , , , , ,
playbook

Don’t Leave Mobile Devices Unchecked in the Enterprise

In recent months, there has been a lot of publicity around BYOD (Bring Your Own Device). Respectfully, this forward thinking personalizes work culture for employees as well as provides cost savings by scratching mobile device purchases off the list of company spending. Since BYOD provides the opportunity for individuals to act as their own administrators…

Post by Peter McCalister May 21, 2012