BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:
Closing the Door on Hackers

Closing the Door on Hackers – from the New York Times

Posted April 5, 2013    Marc Maiffret

I recently had the pleasure of contributing an Op-Ed piece to The New York Times. In the article, I talk about some of the aspects of cyber-security that I think are far too-often left out of mainstream media discussions. Specifically, the shared burden that all of us in the technology industry should feel in helping…

Categories:
General
Tags:
, , , ,
darkleech

A Brief Overview of Darkleech

Posted April 4, 2013    BeyondTrust Research Team

A piece of malware, Darkleech, has been making the news rounds as of late. This one targets web servers, specifically Apache 2.2.2 and above. Instead of merely compromising a web server and uploading malicious content to be served to unsuspecting victims, Darkleech goes a step further by installing a special module that is loaded by…

Categories:
Vulnerability Management
Tags:
, , , , ,
bestwebsharing

Groovy Media Player Buffer Overflow

Disclosed April 4, 2013    Zeroday : 474 days
Vendors: BestWebSharing
Vulnerability Severity: High
Exploit Impact: Remote Code Execution
Exploit Availability: Publicly Available
Categories:
Zeroday Tracker
trojanhorse

Vendor-Disclosed Zero Days and Targeted Trojans

Posted April 3, 2013    BeyondTrust Research Team

Here at BeyondTrust, we are constantly keeping an eye on the underground parts of the internet, monitoring for things like zero day vulnerabilities and how malware authors are exploiting vulnerabilities in the wild. As such, we wanted to keep you apprised of a vulnerability that was addressed within VMware ESXi 5.0. A patch was released…

Categories:
Vulnerability Management
Tags:
, , , , , , ,
vmware

VMware ESXi and ESX libxml2 Buffer Underflow

Disclosed March 28, 2013    Partially Patched
Vendors: VMware
Vulnerability Severity: Medium
Exploit Impact:
Exploit Availability:
Categories:
Zeroday Tracker
lucy2

Least Privilege and South Korea

Posted March 26, 2013    BeyondTrust Research Team

No, this isn’t some editorial piece about the interrelationships of varying social strata in South Korean society and Gangnam Style. Despite how interesting that may be, we are instead taking a quick look at the latest “wiper” malware to strike fear in the hearts of CTOs and IT admins alike – DarkSeoul (or Jokra or…

Categories:
Privileged Account Management
Tags:
, , , ,
retinacs-img9

Creating a Gold Image SCAP Template for Windows

Posted March 21, 2013    Bill Tillson

One of the challenges of Benchmark Configuration management is creating or modifying SCAP OVAL content to match your business policies and requirements. The following procedure is recommended to create custom Windows benchmarks for the Retina Network Security Scanner and Retina CS via local system policy, Local GPO, and Microsoft Security and Compliance Manager. For starters,…

Categories:
Privileged Account Management
Tags:
, , , ,
university-winchester

University of Winchester secures its applications with the help of BeyondTrust

Posted March 20, 2013    Sarah Lieber

A PowerBroker for Windows customer, University of Winchester, was recently highlighted in the Spring 2013 Government and Public Sector Journal (GPSJ). GPSJ is a great source for professionals in the government & public sectors, and informs them of the latest breaking news and exclusive footage. We are very happy and proud of our customer being…

Categories:
Privileged Account Management
Tags:
, , ,
microsoft

Internet Explorer 9 Memory Disclosure

Disclosed March 20, 2013    Fully Patched
Vendors: Microsoft
Vulnerability Severity: Medium
Exploit Impact:
Exploit Availability:
Categories:
Zeroday Tracker

March VEF Participant Wins a Kindle Fire

Posted March 19, 2013    Qui Cao

As you all know, every month we host our Vulnerability Expert Forum (VEF) webinar. This is a time where our experts share valuable insight regarding new vulnerabilities that are discovered and the actions that need to be taken as a result. It’s a quick way to get up to speed on current potential risks to your organization…

Categories:
Vulnerability Management