Beyondtrust

BeyondTrust Research Center

BeyondTrust Research Team

Our research team is known for identifying new trends in enterprise security including some of the very first critical Microsoft security vulnerabilities. The implications of cybercrime are universal, pervasive and have financial implications for organizations and individuals. The research team aims to both educate our customers on the evolving threat landscape and to use their understanding of security threat trends to shape the future of our vulnerability and privilege management products.

Latest Security Research Posts


Emergency Microsoft Internet Explorer Security Update MS15-09315

8/19/2015

Microsoft released an out-of-band patch to address a critical vulnerability that affects all versions Internet Explorer. It should be noted that Windows 10 is also affected due to its default installation of IE 11. more

August 2015 Patch Tuesday

8/11/2015

August brings with it another hefty Patch Tuesday containing 14 bulletins in total. As usual, Internet Explorer and Office patch their monthly dose of memory corruption vulnerabilities, while more atypical vulnerabilities present themselves in forms ranging from Cross-Site Scripting to command line parsing. more

Microsoft Patches a Critical Vulnerability in Adobe Type Manager Font Driver

7/21/2015

Today, Microsoft released the MS15-078 bulletin containing a patch for yet another flaw in the Adobe Type Manager Font Driver (atmfd.dll). This patch, coming just shy of a week after Microsoft’s monthly Patch Tuesday event, fixes a kernel pool overflow vulnerability (CVE-2015-2426), which can allow remote code execution with full system rights. The vulnerability lies... more

July 2015 Patch Tuesday

7/14/2015

July’s Patch Tuesday is a hefty one, clocking in with 14 bulletins, including the typical misfits - Internet Explorer and Office. Last month’s missing bulletin (MS15-058) is now included, patching important-rated vulnerabilities within SQL Server. more

CVE-2015-1793: OpenSSL Alternative Chains Certificate Forgery

7/9/2015

This morning The OpenSSL team released a security advisory stating that the latest versions of OpenSSL contain a severe vulnerability which can allow an attacker to bypass certain certificate validation checks, enabling them to issue an invalid certificate. more

June 2015 Patch Tuesday

6/9/2015

This month's Patch Tuesday is a bit on the lighter side with only 8 bulletins. In total, 45 distinct vulnerabilities are addressed with over half belonging to Internet Explorer. At the time of release, Microsoft seemed to skip the MS15-058 bulletin, so we'll be sure to keep an eye out for it. more

May 2015 Patch Tuesday

5/13/2015

This month's Patch Tuesday is massive, to say the least, with a total of 13 bulletins, affecting many products and all versions of Windows. Earlier this month, Microsoft announced that the upcoming Windows 10 will not follow the typical Patch Tuesday cycle and updates will be provided when they become available. more

The Delicate Art of Remote Checks – A Glance Into MS15-034

4/15/2015

Remote vulnerability detection - using ms15-034 as an example. more

Premera Breach – What Happened and Was it Related to the Anthem Breach?

3/18/2015

Premera Blue Cross, a major health care services provider, recently disclosed information regarding a data breach that could impact 11 million of its customers. According to Premera’s cyberattack website created to disseminate information about the breach, hackers gained access to their systems and may have accessed customer information including names, addresses, email addresses, telephone numbers,... more

The Vulnerabilities and Privileges of Carbanak Bank Thieves

2/17/2015

Recently Kaspersky released analysis of a series of significant breaches against financial institutions by a group they have dubbed Carbanak. The attacks go back over 2 years and estimates are that potentially $1 billion dollars in total were stolen from more than 100 financial institutions. In some cases the attackers were active in victim organizations between... more

» View all