BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:
Virtual Insecurity Infographic FINAL

Virtual Insecurity, and Ways to Combat It

Posted May 8, 2013    Mike Puterbaugh

Stating the obvious, our customers continue to make investments in virtualization. To support them, BeyondTrust has always been on the leading edge of providing tools and solutions in that regard. Whether it for managing privileges on virtual hosts, or scanning private cloud assets for flaws, BeyondTrust has always been at the forefront of security and…

Categories:
General
Tags:
, , ,
adobe

Adobe ColdFusion Arbitrary File Read Vulnerability

Disclosed May 8, 2013    Fully Patched
Vendors: Adobe
Vulnerability Severity: Medium
Exploit Impact:
Exploit Availability:
Categories:
Zeroday Tracker
ibm

IBM Notes PNG Integer Overflow

Disclosed May 7, 2013    Fully Patched
Vendors: IBM
Vulnerability Severity: High
Exploit Impact: Remote Code Execution
Exploit Availability:
Categories:
Zeroday Tracker
IE-0day

Internet Explorer 8 0day

Posted May 6, 2013    BeyondTrust Research Team

Last week, news broke that the U.S. Department of Labor’s (DoL) website was compromised… and that it had been serving up Internet Explorer 0day to its visitors. This 0day, CVE-2013-1347 (Retina Audit 19041 – Microsoft Internet Explorer 8 Remote Code Execution Vulnerability (Zero-Day)), only affects Internet Explorer 8 on Windows XP, Vista, and Windows 7 (as well as Server 2003,…

Categories:
Privileged Account Management
Tags:
, , , , , , ,
joomla

Joomla! ‘se_regs[]’ Parameter SQL Injection

Disclosed May 6, 2013    Fully Patched
Vendors: Joomla! DJ Classifieds Extension
Vulnerability Severity: Medium
Exploit Impact:
Exploit Availability:
Categories:
Zeroday Tracker
belkin

(Belkin) Cisco Linksys E4200 Router Multiple Vulnerabilities

Disclosed May 6, 2013    No Patch Available
Vendors: Belkin (Linksys)
Vulnerability Severity: Medium
Exploit Impact: Elevation of Privilege
Exploit Availability:
Categories:
Zeroday Tracker
microsoft

Internet Explorer Remote Code Execution Vulnerability

Disclosed May 3, 2013    Fully Patched
Vendors: Microsoft
Vulnerability Severity: High
Exploit Impact: Remote Code Execution
Exploit Availability:
Categories:
Zeroday Tracker
penny

5 steps to securing the small business (that don’t cost a penny)

Posted May 1, 2013    Andy Clark

For many small businesses there are considerable restraints on both budget and personnel that can make implementing a good security practice feel like an insurmountable challenge. Recent news gives us a constant reminder of the threats we all face from hactivists, electronic espionage, and good old fashioned script kiddies out to cause damage. These threats…

Categories:
Privileged Account Management
Tags:
, , , , , , , , ,
Endpoint Solutions Families

Security Tools for IT

Posted April 30, 2013    Bill Virtue

There is still a divide between the Security Operations Center (SOC) and the Network Operating Center (NOC). Security Operations is more strategic following security best practices to improve corporate security posture (based on business risk) and to ensure implementation of security policies and compliance. While IT is focused on network management, infrastructure availability and SLAs…

Categories:
Vulnerability Management
Tags:
, , , , ,
vivotek

Vivotek IP Cameras Multiple Vulnerabilities

Disclosed April 29, 2013    Zeroday : 544 days
Vendors: Vivotek
Vulnerability Severity: High
Exploit Impact: Command Injection, Elevation of Privilege, Remote Code Execution, Security Bypass
Exploit Availability: Publicly Available
Categories:
Zeroday Tracker