BeyondTrust

Security In Context

Bringing you news and commentary on solutions and strategies for protecting your critical IT infrastructure.

October VEF Participant Wins an iPad mini

As you all know, every month we host our Vulnerability Expert Forum (VEF) webinar. This is a time where our experts share valuable insight regarding new vulnerabilities that are discovered and the actions that need to be taken as a result. It’s a quick way to get up to speed on current potential risks to your organization…

Post by Qui Cao October 15, 2013
retinacs-insight-scalability

Scalability Part Deuce

It was great to see a flood of email on the previous scalability blog. Thank you all for the emails directly to me on the topic. Based on the responses, I would be remiss not to cover the other three sides of scalability. First, is how we scale down. Retina is a family of solutions….

Post by Morey Haber October 9, 2013
Tags:
, , , , , ,
ScanMetrics-screenshot

Now Available: Retina Unlimited – $1,200 Unlimited IP Addresses

It has been over 15 years since we first introduced Retina, the Network Security Scanner, to the world. In those early days the vulnerability assessment space was still in its infancy with much of the focus being around scanning network based services for remotely exploitable vulnerabilities. Back then there were no compliance mandates or policies…

Post by Marc Maiffret October 8, 2013
Tags:
, , , , ,
patch-tuesday

October 2013 Patch Tuesday: 10 Year Anniversary Edition

Happy 10th birthday, Patch Tuesday! This month marks the 10th anniversary of the Patch Tuesday process we’re all familiar with. To kick off the anniversary celebrations, October’s patch Tuesday fixes vulnerabilities in Internet Explorer, the Windows Kernel, .NET, SharePoint, Office, and more. There are a total of 8 patches, fixing 26 unique vulnerabilities; four bulletins…

Post by BeyondTrust Research Team October 8, 2013
Tags:
, ,
src

The Silk Road to the FBI is Paved with Bitcoin

The FBI has seized control of one of the online black market’s most prominent marketplaces, Silk Road. Silk Road was an online marketplace used by miscreants who bought and sold illegal merchandise, such as drugs, weapons, and other illicit materials. It was not accessible without the use of routing software known as Tor (the onion…

Post by BeyondTrust Research Team October 3, 2013
Retina Security Scanner

Scalability When You Need It

I think we have all been there before. We pilot a solution, run the gambit of tests in the lab, and when it comes to production, the scalability falls flat on its face. It does not matter if the solution was architected correctly for the environment with multiple nodes, high performance database, and tons of…

Post by Morey Haber September 25, 2013
Tags:
, , ,

September VEF Participant Wins an iPad mini

As you all know, every month we host our Vulnerability Expert Forum (VEF) webinar. This is a time where our experts share valuable insight regarding new vulnerabilities that are discovered and the actions that need to be taken as a result. It’s a quick way to get up to speed on current potential risks to your organization…

Post by Qui Cao September 24, 2013
Retina CS

Building Automated Vulnerability Audit Groups

From time to time, the field engineering team and I see the same request cross our desks in a short period of time. This time it was how to remove certain types of audits from running when performing a vulnerability scan originating from Retina CS. The old way of doing things would have required the…

Post by Bill Tillson September 20, 2013
Tags:
, , , , , , ,
LOLZ

Land of the Rising IE 0day

A new Internet Explorer zeroday has surfaced that affects every supported version of Internet Explorer. It has been observed in the wild in targeted attacks in Japan. Current attacks are focusing on exploiting Internet Explorer 8 and 9 on Windows XP and 7 machines. This is a use-after-free vulnerability in mshtml.dll, which is a DLL…

Post by BeyondTrust Research Team September 17, 2013
Tags:
,
patch-tuesday

September 2013 Patch Tuesday

September’s Patch Tuesday fixes vulnerabilities in SharePoint, Outlook, Word, Excel, Kernel drivers, and more. There are a total of 13 patches, fixing 47 unique CVEs; four bulletins are rated critical and nine bulletins are rated important. MS13-067 addresses ten vulnerabilities in SharePoint server, including versions 2003, 2007, 2010, and 2013, along with Office Web Apps…

Post by BeyondTrust Research Team September 10, 2013
Tags:
,