BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:

Posts Tagged ‘vulnerability’

Triggering MS14-066

Triggering MS14-066

Posted November 17, 2014    BeyondTrust Research Team

Microsoft addressed CVE-2014-6321 this Patch Tuesday, which has been hyped as the next Heartbleed.  This vulnerability (actually at least 2 vulnerabilities) promises remote code execution in applications that use the SChannel Security Service Provider, such as Microsoft Internet Information Services (IIS). The details have been scarce.  Lets fix that. Looking at the bindiff of schannel.dll, we see a…

Tags:
, , , , ,
patch-tuesday

November 2014 Patch Tuesday

Posted November 11, 2014    BeyondTrust Research Team

This month brings a massive number of bulletins and vulnerabilities covering a wide array of Microsoft products. As with most months some of the more critical vulnerabilities to patch immediately are within Internet Explorer and kernel privilege escalation vulnerabilities. There are also a lot of other unique vulnerabilities that will vary on criticality depending on…

Tags:
, , , ,
PCI-Approved-Scanning Vendor

Vulnerability Scanning for PCI DSS Compliance with BeyondTrust Retina

Posted May 19, 2014    Morey Haber

I’m pleased to announce that BeyondTrust’s Retina Enterprise Vulnerability Management has successfully completed PCI Scanning Vendor Compliance Testing. This means that Retina meets all PCI Security Standards Council requirements to perform PCI data security scanning. This also marks the fifth year that BeyondTrust is an Approved Scanning Vendor (ASV). Where Vulnerability Scanning Comes into Play…

Tags:
, , , , , , ,

Are you a Target? Investigating Security Breaches with Kevin Johnson

Posted April 17, 2014    Chris Burd

Last week, over 1,000 IT security professionals watched as Kevin Johnson, CEO of Secure Ideas, presented his expert opinion on lessons learned from recent, high-profile retail breaches. Here’s a summary of key takeaways from the webcast plus an on-demand recording of the full, 60-minute presentation. Understanding the “why” behind attacks According to Kevin, the primary…

Tags:
, , , , ,

Heartbleed – When OpenSSL Breaks Your Heart

Posted April 8, 2014    BeyondTrust Research Team

You’ve likely heard about the recent OpenSSL vulnerability, CVE-2014-0160, dubbed Heartbleed. The main takeaway of this vulnerability is that attackers can use this to obtain things like secret keys used for X.509 certificates, user names and passwords, instant messages, emails, and other highly sensitive information. For a technical analysis of the bug, check out this…

Tags:
, , ,
Retina CS

Building Automated Vulnerability Audit Groups

Posted September 20, 2013    Bill Tillson

From time to time, the field engineering team and I see the same request cross our desks in a short period of time. This time it was how to remove certain types of audits from running when performing a vulnerability scan originating from Retina CS. The old way of doing things would have required the…

Tags:
, , , , , , ,
Bite apple2

ABCDKERNELPANIC: Unicode vs. Apple Inc.

Posted August 29, 2013    BeyondTrust Research Team

Yesterday, Russian researchers publicly disclosed the presence of a denial of service vulnerability affecting OS X 10.8 and iOS 6. OS X 10.9 Mavericks and iOS 7 are unaffected. So what’s the big deal with this particular denial of service vulnerability? It’s remotely exploitable and is trivial to trigger. Stringing together a series of Unicode characters, Arabic \u062E\u0337\u0334\u0310\u062E,…

Tags:
, , , , , , ,
Java-Logo

Recently Patched Java Vulnerability Exploited In the Wild: How (Not) Surprising

Posted April 23, 2013    BeyondTrust Research Team

A type confusion vulnerability, recently patched in Java 7u21 and Java 6u45, has been spotted in the wild. According to a recent blog post from F-Secure, exploitation of CVE-2013-2423 started shortly after April 21st, 2013 and continues. Given what we know about Java, none of this is surprising. “Why?!” you may ask, “didn’t we all…

Tags:
, , , , , , , , , , , ,
darkleech

A Brief Overview of Darkleech

Posted April 4, 2013    BeyondTrust Research Team

A piece of malware, Darkleech, has been making the news rounds as of late. This one targets web servers, specifically Apache 2.2.2 and above. Instead of merely compromising a web server and uploading malicious content to be served to unsuspecting victims, Darkleech goes a step further by installing a special module that is loaded by…

Tags:
, , , , ,
java7

Java Zero Day Exploit – Java 7 Not the Answer

Posted January 10, 2013    BeyondTrust Research Team

A new Java zero-day vulnerability has been seen exploiting hundreds of thousands of machines. This 0day has already been incorporated into Cool Exploit Kit and Blackhole, in addition to Nuclear Pack and Redkit. This vulnerability affects Java 7 versions up to and including the current version of Java, 7u10. It should be noted that while…

Tags:
, , , , , ,