BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:
thumb_default

Our Newest Release – Retina CS 3.1

Posted May 7, 2012    Mike Puterbaugh

Our product team has just put the finishing touches on the newest release of Retina CS, our award-winning Threat Management Console. Version 3.1 expands our market leadership in innovation for helping IT secure the technologies being widely deployed today. As it has been since halfway through 2011, Retina CS remains the only unified vulnerability and…

Categories:
Vulnerability Management
ponemon

Data Lost: Covering Your Assets

Posted May 4, 2012    Peter McCalister

According to a recent CDW poll, one in four organizations experienced data loss in the past two years. Imagine the amount of customer, student, employee and patient information lost because of those incidents, never mind the ones that go unreported. Aligning with this shocking stat is that according to the same study, the number of…

Categories:
General
adobe

Vulnerability in Adobe Flash Player Could Allow Remote Code Execution

Disclosed May 4, 2012    Fully Patched
Vendors: Adobe
Vulnerability Severity: High
Exploit Impact: Remote Code Execution
Exploit Availability:
Categories:
Zeroday Tracker
apache

PHP Query String Parameter Command Execution

Disclosed May 3, 2012    Fully Patched
Vendors: PHP
Vulnerability Severity: High
Exploit Impact: Remote Code Execution
Exploit Availability:
Categories:
Zeroday Tracker
Marc-Maiffret-NBCChicagoInterview-20121-98x98

NBC Chicago Interviews Marc Maiffret on Email Security

Posted May 1, 2012    Sarah Lieber

Recently, Marc Maiffret was interviewed on NBC Chicago about the security risks involved when unsubscribing from emails and how to best avoid being compromised by email spam (it does make up 80% of all email traffic in the United States, after all). Below is that interview and an excerpt from the article. Read the entire…

Categories:
General
Tags:
, , , , , ,
mcafee

McAfee Virtual Technician ActiveX Control Remote Code Execution

Disclosed April 30, 2012    Workaround Available
Vendors: McAfee
Vulnerability Severity: High
Exploit Impact: Remote Code Execution
Exploit Availability:
Categories:
Zeroday Tracker
AD and PBSE

Manage Privileged Access for UNIX/Linux with Microsoft Active Directory

Posted April 27, 2012    Peter McCalister

In my discussions with IT teams, I am continually reminded that managing access to UNIX and Linux systems and doing so in a least cost manner is important for IT. IT must do more with less. There is a constant need to drive down the costs of operations and deliver more to the business. Failure…

Categories:
General
netsnmp

Net-SNMP Denial of Service

Disclosed April 26, 2012    Fully Patched
Vendors: Net-SNMP
Vulnerability Severity: High
Exploit Impact: Denial of Service
Exploit Availability:
Categories:
Zeroday Tracker
cloudlock1

Breaches, Breaches Everywhere, It Seems that Insiders Just Don’t Care!

Posted April 24, 2012    Peter McCalister

Let’s take a look at a few of the breaches being reported this week alone – all at the hand of insiders. The Utah Department of Health reported that about 780,000 claims had been accessed by a hacker. Then they added that 280,000 people’s social security numbers were stolen and 500,000 people had less-sensitive personal…

Categories:
General
samsung

Samsung NET-i Viewer Multiple Vulnerabilities

Disclosed April 24, 2012    Workaround Available
Vendors: Samsung
Vulnerability Severity: High
Exploit Impact: Remote Code Execution
Exploit Availability:
Categories:
Zeroday Tracker