BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:
haihaisoft

Haihaisoft Universal Player Buffer Overflow

Disclosed March 25, 2014    Zeroday : 182 days
Vendors: Haihaisoft
Vulnerability Severity: High
Exploit Impact: Remote Code Execution
Exploit Availability: Publicly Available
Categories:
Zeroday Tracker
microsoft

Microsoft Word 2010 Memory Corruption

Disclosed March 24, 2014    Fully Patched
Vendors: Microsoft
Vulnerability Severity: High
Exploit Impact: Remote Code Execution
Exploit Availability: Publicly Available
Categories:
Zeroday Tracker
apache

Apache CouchDB UUIDs Request Denial of Service Vulnerability

Disclosed March 24, 2014    Zeroday : 183 days
Vendors: Apache Software Foundation
Vulnerability Severity: Medium
Exploit Impact: Denial of Service
Exploit Availability: Publicly Available
Categories:
Zeroday Tracker
Img4

Getting Retina Data into Splunk

Posted March 21, 2014    Jason Williams

SIEM products do a great job correlating information from a laundry list of security and operational solutions in order to gain visibility and context within an IT environment. Today we are going to show how to forward Retina Network security data into Splunk to help improve visibility and decision making. This integration can be completed…

Categories:
Vulnerability Management
Tags:
, , , , , ,
beyondtrust-dashboard-auditingprivaccessblog

Auditing Privileged Access on Windows

Posted March 20, 2014    Morey Haber

When a user is given privileged access to a Windows host, they gain access to a wide variety of tools to control the system. Everything from the GUI and Start Menu to PowerShell and command line allow system alteration and software installation. In truly secure world, no end users would have administrative privileges. However, we…

Categories:
Privileged Account Management
Tags:
, , , , , , , ,

March VEF Participant Wins a Apple iPad mini

Posted March 20, 2014    Qui Cao

Every month we host our Vulnerability Expert Forum (VEF) webinar. This is a time where our experts share valuable insight regarding new vulnerabilities that are discovered and the actions that need to be taken as a result. It’s a quick way to get up to speed on current potential risks to your organization and a…

Categories:
Vulnerability Management

CVE-2014-0301 Analysis

Posted March 19, 2014    BeyondTrust Research Team

This blog post will demonstrate how to leverage binary diffing in order to identify a recently patched Microsoft security flaw leveraging only public data. This is a common practice in the security researcher and attacker space but is a useful reminder for those working in IT how straight forward vulnerability identification can be. For this…

Categories:
Security Research
Tags:
kaspersky

Kaspersky RegExp Remote Denial of Service Vulnerability

Disclosed March 18, 2014    Zeroday : 189 days
Vendors: Kaspersky
Vulnerability Severity: Low
Exploit Impact: Denial of Service
Exploit Availability: Publicly Available
Categories:
Zeroday Tracker
redhat

oVirt 3.4 Session Fixation and CSRF Vulnerabilities

Disclosed March 17, 2014
Vendors: Red Hat
Vulnerability Severity: Medium
Exploit Impact: Session Hijacking
Exploit Availability:
Categories:
Zeroday Tracker
BI Analytics Reporting

The Best Vulnerability Management Reporting and Analytics

Posted March 13, 2014    Morey Haber

The number one reason why our customers choose BeyondTrust for enterprise vulnerability management is simple: The BeyondInsight Reporting and Analytics capabilities included with Retina CS Enterprise Vulnerability Management exceed the capabilities of every single competitor combined. Retina CS with BeyondInsight is the only vulnerability management solution that ships with an integrated, structured big data warehouse…

Categories:
Privileged Account Management, Vulnerability Management
Tags:
, , , , , ,