BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:

Posts Tagged ‘malware’

keyboard

You still need to start with the security best practices

Posted October 14, 2014    Tony Bradley

This blog post is republished with the permission of Techspective.net. See the original post here. – By: Tony Bradley, Editor-in-Chief, TechSpective.net A new cyber espionage threat dubbed “Sandworm” was revealed today. It exploits a zero day flaw that exists in all supported versions of the Windows operating system, and has apparently been active since 2009. That was FIVE years ago….

Tags:
, , , , , ,
Restricted Area Sign

Implementing Least Privilege for Windows the Easy Way

Posted July 31, 2014    Morey Haber

The concept of least privilege states that asset users should have the lowest level of access privileges required to effectively conduct their jobs. Implementing least privilege can bring several benefits to your organization, including: Increased security by reducing the attack surface available to users and to potential attackers who compromise user systems via phishing, malware,…

Tags:
, , ,
darkleech

A Brief Overview of Darkleech

Posted April 4, 2013    BeyondTrust Research Team

A piece of malware, Darkleech, has been making the news rounds as of late. This one targets web servers, specifically Apache 2.2.2 and above. Instead of merely compromising a web server and uploading malicious content to be served to unsuspecting victims, Darkleech goes a step further by installing a special module that is loaded by…

Tags:
, , , , ,
error-dns

Can’t load this page? Check your DNS settings.

Posted July 6, 2012    Nate Hatcher

DNSChanger malware is on top of everyone’s mind this week since over 270,000 systems may be effectively losing internet access next Monday because of it. What is DNSChanger malware? The criminal organization behind DNSChanger is long gone, but the effects of the malware persist. DNSChanger malware, as the name says, changes your DNS server settings…

Tags:
,
patch-tuesday

Patch Tuesday June 2012: RDP broken, again. Stuxnet TTF, again.

Posted June 12, 2012    BeyondTrust Research Team

This is shaping up to be an interesting Patch Tuesday with critical vulnerabilities being released across a combination of operating system components and client applications. In total there are 7 Microsoft Security Bulletins covering 26 distinct vulnerabilities in this June 2012 Microsoft Patch Tuesday. More than half of these vulnerabilities are rated as being likely…

Tags:
, , , , , ,
flame-98x98

Flame Burns a Little Brighter

Posted June 4, 2012    BeyondTrust Research Team

Did you know that Microsoft’s Terminal Server Licensing Service (we’ll call it TSLS for convenience) generated certificates that could be used to sign code? No? Neither did Redmond. Flame leveraged a “0day” (zero day) within TSLS to sign its own code, allowing it to appear as if the code came from Microsoft. This allowed Flame…

Tags:
, , ,
fireextinguisher-98x98

Putting out the Flames

Posted May 30, 2012    Marc Maiffret

Stop me if you’ve heard this one before: there is a new piece of malware and this one is even worse than the last one. It is bigger, scarier, more complex and will take years, according to some estimates, to actually ever know what the malware really does. And of course it already has a…

Tags:
, , , ,
blowfish-98x98

Honey, Does this Installer Make Me Look Fat?

Posted December 7, 2011    The eEye Research Team

I remember the days when I used download.com to grab utilities and shareware, never really questioning why I used download.com. All I knew is that it was safe and fast, usually appearing as a top search result in Google and it was always available. Unfortunately, CBS Interactive found that it would be monetarily advantageous to bundle downloads in…

Tags:
, ,