BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:
BTU2

School is in Session

Posted July 1, 2013    Mike Puterbaugh

We’re proud to announce that we’ve scheduled the next installments of BeyondTrust University. BeyondTrust’s commitment to our customer’s success goes beyond the typical vendor/client relationship. To better serve our customers and partners who rely upon our privilege identity and vulnerability management solutions, we have developed a world-class training curriculum to complement our award-winning security and…

Categories:
Vulnerability Management
Tags:
, , , , ,
cuteflow

CuteFlow Multiple Vulnerabilities

Disclosed July 1, 2013    Zeroday : 510 days
Vendors: CuteFlow
Vulnerability Severity: Medium
Exploit Impact: Arbitrary File Upload, Cross-Site Scripting, Security Bypass, SQL Injection
Exploit Availability: Publicly Available
Categories:
Zeroday Tracker
PBIS-operations-dashboard

Our Newest Product Release: PowerBroker Identity Services 7.5

Posted June 26, 2013    Sarah Lieber

We are very excited for the announcement of our latest release of PowerBroker Identity Services 7.5, the industry’s most effective solution for bridging Linux, UNIX and Mac OS X assets into Active Directory. This latest update provides the strongest communications encryption to date, as well as the utmost flexibility with regards to event notification and management….

Categories:
New Features, Privileged Account Management
Tags:
, , , , , , , , , , ,
kingsoft

Kingsoft Spreadsheets Multiple Buffer Overflows

Disclosed June 26, 2013    Zeroday : 515 days
Vendors: Kingsoft
Vulnerability Severity: High
Exploit Impact: Remote Code Execution
Exploit Availability: No Exploit Available
Categories:
Zeroday Tracker
usa-today

Our CTO, Marc Maiffret Interviewed on USA Today

Posted June 21, 2013    Sarah Lieber

Marc Maiffret, BeyondTrust’s CTO, was recently interviewed on USA Today in the article, “The long road from Code Red to Microsoft’s bug bounty”, where he discussed with Byron Acohido Microsoft’s concession to finally begin paying bug bounties. They talked about why this is a big deal for Microsoft and what Maiffret thinks about this new program. An excerpt…

Categories:
General
Tags:
, , , , , ,
patch-tuesday

EMET 4.0: Adding a Layer to the Security Onion

Posted June 19, 2013    BeyondTrust Research Team

With the release of the EMET 4.0 beta back in April, it’s no surprise that there has been a lot of buzz lately around Microsoft’s Enhanced Mitigation Experience Toolkit (EMET). Now, after some delay, the beta testing is over and the brand new, and very shiny, EMET v4 has been released. The latest version of…

Categories:
Vulnerability Management
Tags:
, ,
PowerBroker-Events-Img2

Control Access and Reduce Risk

Posted June 14, 2013    Bill Virtue

In my last blog I discussed bringing the NOC and SOC closer together, providing IT Operations with tools that improve security. This week I’ll go into more specifics of the solution and show how PowerBroker for Windows is used by both IT Operations and Security Operations teams. The Challenge Supporting a security principle such as…

Categories:
Privileged Account Management
Tags:
, , , , , ,
NSA-breach

Think You’re Safe from Internal Threats? The NSA Breach Will Make You Think Twice.

Posted June 13, 2013    Rod Simmons

When reading a recent article in the USA Today about how Edward Snowden, a former Booz Allen Hamilton employee and NSA contractor, was able to steal sensitive data via non-specific vectors, I was reminded of the illusion that threats are predominately external to organizations. Even though we might not know exactly how Snowden was able to…

Categories:
Vulnerability Management
Tags:
, , , , , , , ,
retinacs-dashboard

Our Newest Product Release: Retina CS 4.5

Posted June 13, 2013    Sarah Lieber

We are very excited for our latest release of Retina CS 4.5. With this release, the Retina CS platform continues to extend our leadership in risk identification and prioritization. By integrating the PowerBroker product portfolio with Retina CS, our customers are able to combine vulnerability data with privileged identity and password management risk intelligence, which provides them with improved situational…

Categories:
New Features, Vulnerability Management
Tags:
, , , , , , , , , ,
airlive

Airlive WL2600CAM Multiple Vulnerabilities

Disclosed June 12, 2013    Zeroday : 529 days
Vendors: AirLive
Vulnerability Severity: High
Exploit Impact: Elevation of Privilege
Exploit Availability: Publicly Available
Categories:
Zeroday Tracker