BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:
img-64

Samsung Mobile Devices Vulnerable to Website Wipe

Posted October 16, 2011    Peter McCalister

According to IBTimes, Samsung, one of the leaders in manufacturing Android devices, has a very serious bug in their TouchWiz implementation of Android. Samsung, like most manufacturers, modifies the stock Android image to add in its own modifications and enhancements.

Categories:
General
Tags:
, , ,
terminator

Terminator V: Utilities Under Fire Without Least Privilege

Posted October 14, 2011    Peter McCalister

Remember the premise of Terminator and about another 100 or so Hollywood movies that have computers taking over the world? The first step in this conquest is always that we rely heavily on machines being connected to the worldwide web to make our life easier. This becomes problematic when said equipment is managing critical infrastructure like say electricity, water, communications, etc. Wait isn’t that what we’ve now done?

Categories:
Privileged Account Management
microsoft

Duqu – Vulnerability in TrueType Font Parsing Elevation of Privilege

Disclosed October 14, 2011    Fully Patched
Vendors: Microsoft
Vulnerability Severity: High
Exploit Impact: Remote Code Execution
Exploit Availability:
Categories:
Zeroday Tracker
guy laptop

Protecting Yourself and Satisfying Auditors With Least Privilege

Posted October 13, 2011    Peter McCalister

Within the complex world of IT infrastructure exists a vitally important group of people: those charged with administering a company’s most critical assets and protecting its most sensitive data. They are known as privileged users, and by definition they possess a collection of access rights reserved only for those a company has entrusted with significant responsibility in safeguarding not just data, but also brand reputation, customer trust, and sustained revenue.

Categories:
Privileged Account Management
book

The Best New IT Security Book You Have To Buy Now!

Posted October 12, 2011    Peter McCalister

Okay, so I am a bit biased since I am one of the co-authors of this book published by Apress Media, but in the spirit of full disclosure this is an independent industry view on mitigating insider threats across physical, virtual and cloud infrastructure and doesn’t even mention BeyondTrust.

Categories:
Privileged Account Management
microsoft

Microsoft Publisher 2007 pubconv.dll Memory Corruption Vulnerability

Disclosed October 12, 2011    Fully Patched
Vendors: Microsoft
Vulnerability Severity: Medium
Exploit Impact: Remote Code Execution
Exploit Availability:
Categories:
Zeroday Tracker
vmware

VMware ESXi and ESX Multiple Vulnerabilities

Disclosed October 12, 2011    No Patch Available
Vendors: VMware
Vulnerability Severity: High
Exploit Impact: Remote Code Execution
Exploit Availability:
Categories:
Zeroday Tracker
patch-tuesday

Microsoft Patch Tuesday – October 2011

Posted October 11, 2011    Chris Silva

Welcome to another exciting episode of Patch Tuesday, where Microsoft has released a total of 8 bulletins concerning 23 CVEs. 2 bulletins are rated as critical, mostly covering issues within Internet Explorer, while the rest are not as riveting.

Categories:
Security Research
guy tie

Insiders Run Rampant in Healthcare and Financial Services Industries

Posted October 11, 2011    Peter McCalister

Most consumers don’t blink an eye when they’re asked to provide their social security number to a healthcare or banking professional. We place complete trust into the hands of these individuals, yet employees within financial services and healthcare industries perhaps are the most notorious for snooping and disclosing sensitive information.

Categories:
General
img-android

Android Handset Makers – Adding Value or Vulnerabilities?

Posted October 10, 2011    The eEye Research Team

So many things in life can cause perception to over take reality and one great example of that is as it relates to Google’s Android security. Android itself is a very robust and security minded operating system backed by one of the best security research teams in the business. One of the big things that…

Categories:
Vulnerability Management
Tags:
, ,