December 2012 Patch Tuesday: Oracle Outside In, TrueType, and more
December’s Patch Tuesday brings us a great collection of vulnerabilities, ranging from Oracle Outside In vulnerabilities within Exchange to TrueType vulnerabilities in every version of Windows. It seems like these are the vulnerabilities that just keep giving. Along with these, other bugs were squashed in Internet Explorer, Microsoft Word, Windows File Handling, DirectPlay, and IP-HTTPS….
12 Days of Giveaways Starts Now! Join Our 12 Twitter Days of Christmas!
Say hello to holiday fun and frolic! Starting TODAY, we’re running our 2nd Annual 12 Twitter Days of Christmas campaign! It’s time to celebrate the season of magic and what a better way to do so than with 12 days of giveaways from BeyondTrust? How to Participate in BeyondTrust’s 12 Twitter Days of Christmas: Here’s…
Retina CS 4.0 and Remedy Ticketing Integration
Overview Retina CS enables teams to centrally manage organization-wide IT security and compliance initiatives from a single, web-based console. It provides discovery, prioritization, and remediation of security risks by delivering what matters the most – context. Retina CS is the centerpiece of the BeyondTrust vision of Context Aware Security Intelligence which helps organizations answer the…
Microsoft SCCM Integration with Retina CS Threat Management Console
Overview Retina CS enables teams to centrally manage organization-wide IT security and compliance initiatives from a single, web-based console. It provides discovery, prioritization, and remediation of security risks by delivering what matters the most – context. Retina CS is the centerpiece of the BeyondTrust vision of Context Aware Security Intelligence which helps organizations answer the…
Adobe Flash Player and Air (APSB12-24) Critical Memory Vulnerabilities – November 2012
Nine new audits are being released in our Retina vulnerability scan engine to help customers identify a security vulnerability that can enable an attacker to gain control of a vulnerable system (CVE-2012-5274, CVE-2012-5275, CVE-2012-5276, CVE-2012-5277, CVE-2012-5278, CVE-2012-5279, CVE-2012-5280) These nine new audits have been released with Retina Network Community and the commercial version of Retina…
Most Versions of Android have SMiShing Vulnerability
Researchers at NC State University have discovered a vulnerability that allows a zero-permission App to fake SMS messages and thus lead to potential SMS Phishing (or SMiShing). By creating fake SMS messages from legitimate looking sources, a mal-ware app could fool a user into clicking on a link to a rogue site with the intension of…
Organizing your PowerBroker Desktops Rules
When tackling a project to remove administrator privileges from users, it is critical to understand what applications and tasks will be impacted. Some things just break or won’t function properly when users are no longer administrators. Of course, PowerBroker Desktops is designed to elevate those apps and tasks that require administrator privileges so that there…
MS SQL Cross-Site Scripting (XSS) News – October 2012
Eight new audits are being released in our Retina vulnerability scan engine to help close a security vulnerability that can enable an attacker to gain control of a MS SQL Database Server running SQL Reporting Services via Cross-Site Scripting (CVE-2012-2552, MS12-070). These eight new audits have been released with Retina Network Community and the commercial…
Don’t say “Lockdown”!
Here at BeyondTrust, we have been fortunate to be able to speak with thousands of security professionals in dozens of industries, and it is astonishing how differently organizations assess risk and approach computer security. Some organizations are very strict about security and are able to completely lock down desktops. Others are significantly more lax about…
Privilege Identity Management – A Help Desk Perspective
Help desk technicians within a company are the first line of defensive for a new project or system problem. Most of the time, they are informed and trained that users will be getting a new piece of security software. The solution, in this case, is called Privileged Identity Management (PIM) and is designed to manage authenticated permissions…
