BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:
certified-partner

New OPSWAT Certifications for BeyondTrust!

Posted July 23, 2013    Mike Yaffe

I know most of you out there think marketing is blinky pens, trade shows, and people who for the most part don’t know the first thing about the products they represent. I’d like to put those stereotypes to bed right now, as here at BeyondTrust we have NEVER had blinky pens…..we have flashing balls ;-)….

Categories:
Vulnerability Management
Tags:
, , , ,
foscam

FOSCAM IP-Cameras Improper Access Restrictions

Disclosed July 23, 2013    Zeroday : 459 days
Vendors: FOSCAM
Vulnerability Severity: Medium
Exploit Impact: Elevation of Privilege
Exploit Availability: Publicly Available
Categories:
Zeroday Tracker
cisco

Cisco IOS GET VPN Encryption Policy Bypass

Disclosed July 19, 2013    Zeroday : 463 days
Vendors: Cisco
Vulnerability Severity: Medium
Exploit Impact: Security Bypass
Exploit Availability: No Exploit Available
Categories:
Zeroday Tracker
oracle

Java Reflection API Remote Code Execution Vulnerability

Disclosed July 18, 2013    Fully Patched
Vendors: Oracle
Vulnerability Severity: High
Exploit Impact: Remote Code Execution
Exploit Availability:
Categories:
Zeroday Tracker

Controlling User Accounts and Regulatory Compliance

Posted July 15, 2013    Morey Haber

PCI DSS Requirement 8 requires that organizations must be able to identify and log all user and administrative access to information systems and applications containing credit card and personally identifiable information. In addition, environments must also have a unique ID for every individual that will have computer access to these systems.  This simple requirement can…

Categories:
Vulnerability Management
Tags:
, , , , , , , , , , , ,

July VEF Participant Wins a Kindle Fire

Posted July 15, 2013    Qui Cao

As you all know, every month we host our Vulnerability Expert Forum (VEF) webinar. This is a time where our experts share valuable insight regarding new vulnerabilities that are discovered and the actions that need to be taken as a result. It’s a quick way to get up to speed on current potential risks to your organization…

Categories:
Vulnerability Management
retinacs-tierarchitecture

What can the Retina CS Threat Management Console do for me?

Posted July 10, 2013    Morey Haber

I am spending this week at the Microsoft Worldwide Partner Conference. It is a change for me. I am attending as a participant partner verses working the traditional conference trade show booth. This is relevant to the blog because as a I network with other partners, I find myself explaining BeyondTrust as a dynamic security…

Categories:
Vulnerability Management
Tags:
, , , , , ,
patch-tuesday

July 2013 Patch Tuesday

Posted July 9, 2013    BeyondTrust Research Team

July’s patch Tuesday fixes vulnerabilities in .NET, Windows, and Internet Explorer. There are a total of seven bulletins addressing 34 unique vulnerabilities; six bulletins are rated critical and one is rated important. MS13-052 addresses a TrueType font parsing vulnerability in .NET (CVE-2013-3129, also addressed in MS13-053 and MS13-054), as well as six other vulnerabilities. This…

Categories:
Security Research
Tags:
, ,
gold-star

Getting a gold star in compliance

Posted July 9, 2013    Mike Yaffe

You know I realize that I’m getting older after I lived through “this is gonna be the big year for PKI (heard that for 4 straight years, and I’m still waiting)”, or “everyone will have a digital certificate on all their credit cards next year”, or “security and compliance are two different things.” As for…

Categories:
Vulnerability Management
Tags:
, , , , , , ,
videolan

VLC Media Player MKV Integer Overflow

Disclosed July 9, 2013    Fully Patched
Vendors: VideoLAN
Vulnerability Severity: High
Exploit Impact: Remote Code Execution
Exploit Availability:
Categories:
Zeroday Tracker