The University of Derby uses BeyondTrust Privilege Management for Windows & macOS to efficiently support and secure 25,000 users. The BeyondTrust endpoint privilege management solution helped them to obtain the Cyber Essentials Certification, which has enabled them to bid for high-caliber research opportunities. Learn more and watch the video.
Patch Tuesday, February 2020 saw patches for 99 vulnerabilities from Microsoft and 42 vulnerabilities from Adobe. One vulnerability from Microsoft is currently under active exploitation in the wild, and five of them are publicly known. None of the Adobe vulnerabilities were disclosed prior to patching.
BeyondInsight is the industry’s most innovative and comprehensive privileged access management platform. The platform maximizes visibility, simplifies deployment, automates tasks, improves security, and reduces privilege-related risks. Password Safe combines privileged password and privileged session management to discover, manage, and audit all privileged credential activity. Together, BeyondInsight and Password Safe enable organizations to achieve complete control and accountability over privileged accounts. Read on for a summary of what’s new with the release of version 6.10.
In my most recent Kubernetes attack and defense webinar, I demonstrate a Kubernetes attack through a Scott Pilgrim-themed scenario. If you haven’t seen the Scott Pilgrim movie, definitely check it out! The attacks in my webinar demonstrate defeating the “evil ex” bad guys of the movie as you escalate privilege through a Linux-based Kubernetes cluster. In one step, we gain a password through a monkey-in-the-middle (MitM) attack, where we intercept a communication between two containers in the cluster. It’s much easier than it sounds! There are a number of defenses we discuss in the webinar. The most widely applicable is Kubernetes’ primary authorization rules language, called role-based access control (RBAC). RBAC is pretty easy to learn.
Consumer-grade remote support tools continue to make the news for the wrong reasons. Recently, it’s been reported that some financial institutions are preventing their applications from being run if they detect common free and/or consumer-grade remote access tools installed on the device. This is intended to protect their customers from being victimized by these tools. While this approach could be considered severe, it reflects the risk these institutions have experience with these tools, and their fears of further damage.
With help desk ticket counts on the rise, IT environments and computing platforms increasing in diversity and complexity, and management striving to control costs, IT professionals need more than free or basic remote support tools. In fact, the basic tools that teams bring on to bridge a capability gap and "get by are increasingly stretched beyond their limited use cases—impairing service desk effectiveness, frustrating customers, and even creating dangerous cyber risks. So, if you’re in the market for a new remote support tool, consider how these tools will impact the security, flexibility, reliability and the reputation of their organization.
The end of life (EOL) clock for Microsoft Windows 2008 and 2008 R2 Server and Windows 7 (all versions) has wound down, marking a significant milestone for the support of those operating systems. However, now a new clock is ticking, counting down the time until dangerous, new exploitable vulnerabilities arise that will not be patched by MSFT. Barring any custom-extended support contracts signed on a case-by-case basis with Microsoft, none of these EOL operating systems will receive further security updates, features, or technical support after January 14, 2020.
Many organizations maintain long, firmly held beliefs about privileged access management (PAM) tools and concepts that don’t hold up to much scrutiny. These misconceptions can cause IT teams to overlook easy, and highly attainable ways to reduce risk, and also cause organization to use dangerous tactics and workarounds that inflate their organization’s risk surface.
The compliance landscape for government agencies is constantly evolving to keep pace with emerging threats to public sector systems and the deployment of new technologies. And today, non-compliance may not only lead to substantive penalties, but a heightened risk of a security breach that leads to data loss, downtime, and other damages. Consequently, agencies must stay vigilant to combat threats whether internal or external, malicious or unintentional, that expose weaknesses in their defenses and policies.
As IT environments grow increasingly more complex, it becomes highly challenging and onerous to track the constantly changing relationships between users and their associated devices and accounts. It’s even harder to clearly determine and report on precisely what access users have at any given time, or even if they’ve left the company. The lack of transparency into access puts enterprises in jeopardy of security breaches and failed audits.
LAPS allows randomization of local admin accounts across the domain. It seems that this capability overlaps with Password Safe, but it is more suited for very simple use cases.
One of the most effective ways to hack into an organization, hands down, is to use social engineering against its employees/members. Phishing is the best bang-for-your-buck form of social engineering, where “buck” here refers to a threat actor’s time. So, why do phishing and social engineering techniques continue to work with such unwavering consistency?
