BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:
caution-blogpost

Introducing BeyondInsight v5.3: Delivering New Levels of Threat Analytics

Posted November 4, 2014    Morey Haber

Today, we’re excited to announce new releases of both our Retina vulnerability assessment technology and the BeyondInsight risk management platform. Here’s a brief overview of what’s new in BeyondInsight. With the release of BeyondInsight v5.3, BeyondTrust solutions that come equipped with the centralized BeyondInsight management, analytics and reporting console now benefit from several additional platform…

Categories:
New Features, Privileged Account Management, Vulnerability Management
Tags:
, , , , ,
webbing-blogpost

Introducing Retina v5.20: Expanded Vulnerability Assessment Coverage for Zero-Gap Visibility

Posted November 4, 2014    Chris Silva

Today, we’re excited to announce new releases of both our Retina vulnerability assessment technology and the BeyondInsight risk management platform. Here’s a brief overview of what’s new in Retina. Retina v5.20 is an update to the vulnerability assessment engine that drives Retina Network Security Scanner and Retina CS Enterprise Vulnerability Management. The release extends Retina’s…

Categories:
New Features, Vulnerability Management
Tags:
, , , , , ,

How To Implement The Australian Signals Directorate’s Top 4 Strategies

Posted October 20, 2014    Morey Haber

The Australian Signals Directorate (ASD), also known as the Defence Signals Directorate, has developed a list of strategies to mitigate targeted cyber intrusions. The recommended strategies were developed through ASD’s extensive experience in operational cyber security, including responding to serious security intrusions and performing vulnerability assessments and penetration testing for Australian government agencies. These recommendations…

Categories:
Network Security, Vulnerability Management
Tags:
, , , ,
asp-mvc

Exploiting MS14-059 because sometimes XSS is fun, sometimes…

Posted October 17, 2014    BeyondTrust Research Team

This October, Microsoft has provided a security update for System.Web.Mvc.dll which addresses a ‘Security Feature Bypass’. The vulnerability itself is in ASP.NET MVC technology and given its wide adoption we thought we would take a closer look. Referring to the bulletin we can glean a few useful pieces of information: “A cross-site scripting (XSS) vulnerability exists…

Categories:
Network Security, Security Research, Vulnerability Management
Tags:
,
4bestpracticesaudits-blog

Four Best Practices for Passing Privileged Account Audits

Posted October 16, 2014    Chris Burd

Like most IT organizations, your team may periodically face the “dreaded” task of being audited. Your process for delegating privileged access to desktops, servers, and infrastructure devices is a massive target for the auditor’s microscope. An audit’s findings can have significant implications on technology and business strategy, so it’s critical to make sure you’re prepared…

Categories:
Privileged Account Management
Tags:
, , , ,

Bad POODLE, Don’t Bite!

Posted October 16, 2014    BeyondTrust Research Team

Researchers at Google (Bodo Moller, Thai Duong, and Krzysztof Kotowicz) have discovered that the encryption schemes used by SSL 3.0 are exploitable (CVE-2014-3566). Although the majority of web servers implement Transport Layer Security (TLS), the majority of clients will downgrade to SSL 3.0 in an attempt to maintain interoperability between protocols. For example, when a…

Categories:
Security Research, Vulnerability Management
Tags:
,
usb

MS14-063 – FastFat vulnerability fixed years ago…

Posted October 15, 2014    Bill Finlayson

In vulnerability research, and computer security, we often deal strictly in the intangible. There are times however when tangible attack vectors can play a big part in real-world attacks. In a lot of cases it is USB memory sticks and related that play a common physical role in aiding attacks. From Stuxnet leveraging USB to bridge air gap networks…

Categories:
General, Network Security, Security Research, Vulnerability Management
Tags:
, ,
keyboard

You still need to start with the security best practices

Posted October 14, 2014    Tony Bradley

This blog post is republished with the permission of Techspective.net. See the original post here. – By: Tony Bradley, Editor-in-Chief, TechSpective.net A new cyber espionage threat dubbed “Sandworm” was revealed today. It exploits a zero day flaw that exists in all supported versions of the Windows operating system, and has apparently been active since 2009. That was FIVE years ago….

Categories:
Vulnerability Management
Tags:
, , , , , ,
patch-tuesday

October 2014 Patch Tuesday

Posted October 14, 2014    BeyondTrust Research Team

This October Microsoft has released eight security bulletins that cover a variety of Windows technologies from client-application attacks that would be useful in drive-by web attacks to privilege escalation vulnerabilities useful as second stage payloads to elevate from a standard user to having increased Administrator privileges. We recommend patching MS14-056 (Internet Explorer) first and then…

Categories:
Security Research, Vulnerability Management
Tags:
, , ,
Bugzilla Logo

Bugzilla ‘realname’ Parameter Account Creation Vulnerability

Posted October 8, 2014    BeyondTrust Research Team

Bugzilla, a very popular web-based bug-tracking system, has recently announced that multiple vulnerabilities have been discovered (http://www.bugzilla.org/security/4.0.14/). Perhaps the most interesting of these vulnerabilities, discovered by Netanel Rubin of Check Point Software Technologies, is one in which an attacker can automatically be added to certain groups that they were not intended to be a part…

Categories:
Security Research, Vulnerability Management
Tags: