BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Security News Roundup | September 2012

Posted September 24, 2012    Sarah Lieber

September was an active month in terms of security commentary and news; ranging from an alleged Apple data hack to an IE 0day out-of-band patch release. Since I’m sure many of you are still catching up on the news, for your convenience I’ve included some of the more insightful September coverage below.

I also encourage you to join us on a monthly basis for our Vulnerability Expert Forum (VEF) where we discuss in detail, that month’s Patch Tuesday and cover relevant news and events surrounding the security landscape.

You can sign up for October’s VEF here.


PC Magazine | Internet Explorer Zero-Day Flaw Exploited by Same Java Gang

By: Fahmida Y. Rashid

“The latest vulnerability is another example of how organizations maintaining proper patching and system updating processes can still be compromised,” Marc Maiffret, CTO of BeyondTrust, told Security Watch.

Read Entire Article


Reuters | No proof hackers stole Apple data from laptop: FBI

By: Basil Katz

“If AntiSec and related folks were doing that kind of attack, this would be an upping of the game,” said Marc Maiffret, chief technology officer of security firm BeyondTrust.

That said, the data dump itself, while serious, would not prove to be very damaging to consumer privacy, Maiffret added.

“It is not something that is going to allow hackers to break into peoples’ iPhones,” he said, adding that the UDIDs appeared to be genuine.

Read Entire Article


CNET | Bromium secures computers by holding apps in isolation
CNET By: Elinor Mills

“Bromium, unlike Microsoft and VMWare, the way they do their virtualization of apps is specifically for security and fills in the gaps based on being a very different architecture,” said Marc Maiffret, chief technology officer of BeyondTrust. “As a business, they have some room to grow, as long as Microsoft doesn’t come out with their own thing. Bromium could be an attractive acquisition for VMWare or even Intel McAfee.”

Read Entire Article


Dark Reading | 10 Ways Developers Put Databases at Risk

By: Ericka Chickowski

Dark Reading“A very simple but all too common mistake is storing passwords in plain text, which involves not hashing the user inputted password, and not salting hashes, which entails adding random bits to the hash,” says Daniel Jacobowitz, security research engineer for BeyondTrust.

Read Entire Article

 

CRN | Internet Explorer Zero-Day Threat Linked to Java
By: Ken Presti

 According to Marc Maiffret, CTO at BeyondTrust, the attack currently being executed into the wild begins with a malicious website that determines which version of IE the host system is running. It then loads additional software to perform a heap spray and load an iframe. Protect.html is then loaded to trigger the vulnerability, at which point Poison Ivy is downloaded. A successful exploit leads to the ability to execute remote code.

“You essentially need to get a bunch of your attacker-supplied code loaded into memory on Internet Explorer,” explained Maiffret. “You can do that through leveraging something like Flash, or in the case of the Metasploit attack, they’re using Java. So, it’s interesting to note that if you don’t have Java, you’re not vulnerable to this as a Metasploit attack.

Read Entire Article

 

Tags:
, , ,

Leave a Reply

Additional articles

{c4eae211-3ca2-4f8e-b2b9-6df0e970aab1}_g.markhardy

The “insider” threat. Is it real, or is it being blown out of proportion?

Posted March 4, 2015    G. Mark Hardy

A lot depends on whether or not you’ve been compromised. And therein lies the problem. Cyber threats are often ignored until they cause some damage, at which point management looks for people to blame and gives all kinds of attention to fixing the problem – until the next crisis in accounting or warehousing or staffing comes along.

Tags:
, , ,
webinar_chalk

Webinar March 4th: Recreating the Carbanak Breach & Techniques for Mitigating Similar Attacks

Posted March 3, 2015    Lindsay Marsh

Join BeyondTrust Research and Development team for an in-depth live webinar that will explore the attack vectors used in the Carbanak Bank Breach and share successful mitigation techniques needed to prevent this type of attack.

Tags:
, ,
VMware Hardening Guidelines-img3

How to Audit VMware ESX and ESXi Servers Against the VMware Hardening Guidelines with Retina CS

Posted February 27, 2015    BeyondTrust Research Team

Retina CS Enterprise Vulnerability Management has included advanced VMware auditing capabilities for some time, including virtual machine discovery and scanning through a cloud connection, plus the ability to scan ESX and ESXi hosts using SSH. However, in response to recent security concerns associated with SSH, VMware has disabled SSH by default in its more recent…

Tags:
, , , ,