BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:

Posts Tagged ‘network security’

sclogoupdated_1448

BeyondTrust Retina CS Earns Perfect 5 Star Rating by SC Magazine

Posted February 4, 2013    Sarah Lieber

We are happy to announce that for the 5th year in a row, SC Magazine has given a glowing review of Retina CS Threat Management Console with 5 stars across all its judging categories. SC Magazine tests all products in the most logical way: they vulnerability or pen tested them directly. Their “…results were excellent and…

Tags:
, , , , , , ,
Java-Logo

JRE 6 automatic upgrade to JRE 7, coming soon

Posted December 19, 2012    BeyondTrust Research Team

Starting this month, Oracle will be automatically replacing Java Runtime Environment (JRE) 6 installations with JRE 7 installations on a small amount of users’ systems (the users are randomly chosen). This will be done to ensure that the automatic upgrading mechanism is working properly. In February 2013, the last public version of JRE 6 (Java…

Tags:
, , , , , , ,
chalk cliff in england-resized-600.jpg

Privilege Identity Management – A Help Desk Perspective

Posted October 12, 2012    Morey Haber

Help desk technicians within a company are the first line of defensive for a new project or system problem. Most of the time, they are informed and trained that users will be getting a new piece of security software. The solution, in this case, is called Privileged Identity Management (PIM) and is designed to manage authenticated permissions…

Tags:
, , , , , , , ,

IE 0day Fixed in Out-of-Band Patch

Posted September 21, 2012    The eEye Research Team

Microsoft has released a patch to fix the IE 0day, CVE-2012-4969, along with four other privately reported CVEs that lead to remote code execution (CVE-2012-1529, CVE-2012-2546, CVE-2012-2548, and CVE-2012-2557). One interesting thing to note is that CVE-2012-2546 and CVE-2012-2548 only affect the most recent version of Internet Explorer, IE 9. The now-patched 0day, CVE-2012-4969, affects…

Tags:
, , , ,
IE-0day

Mmm, Smells Like 0day

Posted September 17, 2012    BeyondTrust Research Team

Just when you thought we were out of the woods, Internet Explorer 0day shows up, in the wild. Here’s what you need to know about the vulnerability: Internet Explorer 6, 7, 8, and 9 are vulnerable (UPDATE: Out-of-band patch available now!) Use-after-free when the CMshtmlEd object is deleted and then the same area in memory…

Tags:
, , , , , ,
scanner-ui

Xen Server Escape Exploit News

Posted September 10, 2012    Jerome Diggs

In today’s ever expanding virtualized data center it’s critical to ensure hypervisors/host systems are properly secured and patched to prevent bleed over into often dense populations of the corporate infrastructure.  According to a recent blog post on Threatpost, French research firm VUPEN security has revealed exploit code that takes advantage of a vulnerability in Xen…

Tags:
, , , , , , , , , , , ,
blackholetoolkit1

BlackHole toolkit targets Microsoft XML Core Services flaw

Posted August 1, 2012    Sarah Lieber

Blackhole is a popular exploit kit used to inject malware onto PCs that visit an exploited site, or are redirected to such a site from another, compromised website.  As hackers get bolder they use these types of toolkits to compromise computer networks.  This allows less sophisticated individuals and organizations to compromise computer networks since these…

Tags:
, , , , , , , ,
new-kids-on-the-block

Create custom audits for Android devices. Come on, all the cool kids are doing it.

Posted July 18, 2012    Carter Jones

Have you ever wanted to root your Android device, so you could be like all the other cool kids on the block? If you did your research, you learned that it makes it easier for attackers to keep their malware on your device, if it were to be infected, through the use of a rootkit….

Tags:
, , , , , , ,
rsa-archer-egrc-2-680x393

Now Available! Direct Integration from Retina CS into RSA Archer eGRC

Posted June 1, 2012    Morey Haber

Yet another first for BeyondTrust and eEye Digital Security. Our combined companies are proud to release our first new direct integration from Retina CS into RSA Archer eGRC. The business value provides comprehensive vulnerability management data directly into Archer’s Threat Management system. Using direct database access from Archer’s Integration System, the eGRC platform harvests asset…

Tags:
, , , , , ,
retinainsight-pivotgrids2-680x242-1

Retina Insight Pivot Grids, Custom Report Sharing on BeyondTrust Forums

Posted May 29, 2012    Morey Haber

Around this time last year I wrote a blog on the Pivot Grids within Retina Insight and how they allow a user to custom build historical reports based on almost every piece of data collected by Retina Insight. Recently I spoke with an analyst on this same topic and he was very pleased to see that we…

Tags:
, , , , , , , ,