BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:
blog8-img1

Do You Have Users Hiding in Your Enterprise Servers?

Posted August 27, 2012    Peter McCalister

Are you in control of the user accounts across your enterprise systems? Defunct user accounts, duplicate IDs, excessive rights – do these plague your current accounts database? More importantly – how many account databases are you maintaining…or failing to maintain? Identity services like authentication and single sign-on are critical in today’s business environments. Managing these…

Categories:
General
microsoft

Vulnerabilities in Java 7 Allows for Remote Code Execution

Disclosed August 26, 2012    Fully Patched
Vendors: Oracle
Vulnerability Severity: High
Exploit Impact: Remote Code Execution
Exploit Availability:
Categories:
Zeroday Tracker
thenewyorktimes

Our CEO Quoted in The New York Times, “Struggling to Recover from a Cyberattack”

Posted August 24, 2012    Peter McCalister

Today, The New York Times published an article (both in print and online), “Struggling to Recover from a Cyberattack”, a real-world account of how one organization dealt with a crippling cyberattack, driven by an insider. After MyBizHomepage was hacked, its founder, Peter Justen, considered declaring bankruptcy or shutting down. Our CEO, John Mutch, provided the…

Categories:
General
charliesheen-winning

August VEF Participant Wins a Kindle Fire

Posted August 21, 2012    Peter McCalister

As you all know, every month we host our Vulnerability Expert Forum (VEF) webinar. This is a time where our experts share valuable insight regarding new vulnerabilities that are discovered and the actions that need to be taken as a result. It’s a quick way to get up to speed on current potential risks to…

Categories:
General
phishingforapayday

Phishing for a Pay Day

Posted August 21, 2012    Peter McCalister

Attackers are currently focusing their efforts on a recently patched Java flaw (CVE 2012-1723). According to Threatpost the flaw has been a recent target of several pieces of malware and Web based attacks as of late, focused on HR/Payroll employees using social engineering techniques to gain access to payroll systems. There are numerous audits released…

Categories:
General
img-gpo

Does This GPO Make Me Look Fat?

Posted August 20, 2012    Peter McCalister

I was on a call with a colleague and friend of mine Paddy McHale. We were walking a new PowerBroker Desktops (PBD) customer through some initial planning and setup. Being a Group Policy Extension quite commonly the topic of how many GPOs are required to maintain this software frequently comes up. Specifically, should a company…

Categories:
General
Blink6.0

Just Released Blink 6.0: Advanced Endpoint Protection

Posted August 16, 2012    Morey Haber

It has been a long time since any vendor has introduced game changing features to end point protection solutions. We have seen claims of better anti-virus protection, advanced persistent threat protection (APT), and even claims of massive resource savings using their latest versions. BeyondTrust believes in a defense in depth approach to end point protection…

Categories:
Vulnerability Management
Tags:
, , , , , ,
img12

PowerBroker Databases Best Practices for HIPAA Statutes

Posted August 14, 2012    Peter McCalister

Protecting the electronic health information means any information created or received by a health care provider, health plan, public health authority, employer, life insurer, school or university, or health care clearinghouse; and relates to the past, present, or future physical or mental health or condition of an individual; the provision of health care to an…

Categories:
General
Tags:
patch-tuesday

August 2012 Patch Tuesday – Oracle PWNS Microsoft, story at 11!

Posted August 14, 2012    Marc Maiffret

Oracle can be the butt of a lot of jokes when it comes to software security researchers. This Patch Tuesday, however, Oracle has taken things to the next level by not just having poorly secured products of their own but also providing the world with a remote vulnerability within Microsoft Exchange. Microsoft security bulletin MS12-058…

Categories:
General
oracle

Oracle Gets in the Patch Tuesday Mix

Posted August 14, 2012    Brad Hibbert

While the entire security world looks to Microsoft on Patch Tuesday, we’re also keeping an eye on other critical technology vendors for their vuln announcements as well. Today, as part of our Patch Tuesday audit update, we’ll also be adding two new audits to our Retina scan engine to close a security vulnerability that can enable…

Categories:
Vulnerability Management