BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:
patch-tuesday

July 2015 Patch Tuesday

Posted July 14, 2015    BeyondTrust Research Team

July’s Patch Tuesday is a hefty one, clocking in with 14 bulletins, including the typical misfits – Internet Explorer and Office. Last month’s missing bulletin (MS15-058) is now included, patching important-rated vulnerabilities within SQL Server.

Categories:
Security Research
Tags:
,
tracie_grella_aig

The Current State of the Cyber Insurance Market and its Role in Managing Cyber Risk

Posted July 14, 2015    Tracie Grella

Cyber insurance is the fastest growing insurance product today, it’s development spurred on by several large data breaches covered in the news the past year and a half. As with any new product/service, there is a lot of variation and evolution in the coverage; here is what you need to know.

Categories:
Privileged Account Management, Vulnerability Management
Tags:
, , ,
OPMBreach1

Compromised Contractor Credential Leads to Largest Cyberattack into the Systems of the US Government

Posted July 13, 2015    Brad Hibbert

The damage from the US federal government’s Office of Personnel Management data breach is only getting worse. First disclosed last month and affecting 4.2 million US federal employees, the number of compromised records now has reached 21.5 million people, including those who received government background checks for the past 15 years.

Categories:
Privileged Account Management
Tags:
, , ,
openssl-logo

CVE-2015-1793: OpenSSL Alternative Chains Certificate Forgery

Posted July 9, 2015    BeyondTrust Research Team

This morning The OpenSSL team released a security advisory stating that the latest versions of OpenSSL contain a severe vulnerability which can allow an attacker to bypass certain certificate validation checks, enabling them to issue an invalid certificate.

Categories:
Security Research
Tags:
,
webinar_privilegedpasswords

On Demand Webinar: Preserving and Protecting Privileged Passwords

Posted July 9, 2015    BeyondTrust Software

On demand webinar Webinar discusses the changing state of industry security, how current trends impact privileged accounts and their passwords, and what steps IT should be taking to ensure only those who should have access, do.

Categories:
Privileged Account Management
Tags:
, , ,
Cavalancia-Headshot - Medium

Protecting Privileged Passwords: a “Past the Password” Perspective

Posted July 6, 2015    Nick Cavalancia

Webinar discussing the realities of today’s state of security using some of the most recent (and respected) reports in the industry, and look at what steps you should be taking to properly protect your privileged passwords.

Categories:
Privileged Account Management
Tags:
,
webinar 2

On Demand Webinar: Because Auditing Stinks Sometimes

Posted July 2, 2015    Lindsay Marsh

Auditing stinks. Well, mostly stinks. In this on demand webinar, lead by Group Policy MVP Jeremy Moskowitz, you’ll learn the three key tenets to real Group Policy auditing. Tenet 1: Why do you care about Group Policy auditing? Tenet 2: How does Eventing help you know “Who did what?” Tenet 3: How does Reporting tell…

Categories:
Privileged Account Management
Tags:
, , , ,
skeletonkey3_713678_713680

Stopping the Skeleton Key Trojan

Posted June 29, 2015    Robert Auch

Earlier this year Dell’s SecureWorks published an analysis of a malware they named “Skeleton Key”. This malware bypasses authentication for Active Directory users who have single-factor (password only) authentication. The “Skeleton Key” attack as documented by the SecureWorks CTU relies on several critical parts.

Categories:
Privileged Account Management, Vulnerability Management
Tags:
, , , , ,
webinar 2

On Demand Webinar: 10 Steps to Building an Effective Vulnerability Management Program

Posted June 26, 2015    BeyondTrust Software

In this on demand webinar, Cybersecurity Expert, Derek A.Smith will take you through his 10 steps for a successful vulnerability management program and how to get started now.

Categories:
Vulnerability Management
Tags:
, ,
AHHA_PRO.LOGO

Privileged Account Management – Another AH-HA in Cyber Security

Posted June 25, 2015    Nigel Hedges

I strongly believe that the Top 4 mitigation strategies don’t just simply apply to Australian organizations, it should be a global realization, a worldwide “ah ha!” for those still not quite understanding the importance here. Here’s a refresher (or intro) on the Top 4 mitigation strategies. Read on…

Categories:
Privileged Account Management
Tags:
, ,