Managing Identities and Privileges for Robotic Process Automation (RPA)

by Morey J. Haber  | 

For teams seeking to automate repetitive or mundane decision-based tasks at scale, robotic process automation is a powerful, high-impact tool, that offers many advantages. However, the power of RPA provokes an important IT security question; how does it get privileges to perform various tasks and collect critical information in order to implement a process and make decisions?

June 2019 Patch Tuesday

by BeyondTrust Research  | 

​Welcome to Patch Tuesday, June 2019. Microsoft has published its monthly updates, fixing 88 vulnerabilities, 21 of which were rated as Critical. Additionally, the updates include fixes for four of the five zero-day vulnerabilities that “SandboxEscaper” had been selling online over the course of the last month. None of them are known to have been exploited in the wild.

Honing a Proactive Cybersecurity Posture by Practicing Windows Attack and Defense

by Jay Beale  | 

​In my recent, demo-focused Windows Attack and Defense webinar, I attacked a Capture the Flag (CTF) challenge that I designed around the Windows-based Metasploitable 3 virtual machine. After the attack, I demonstrated how you can break the attack using the open source OSSEC’s active response rules to block the attacker’s IP at the sign of their first port scan. There are a number of other systems hardening measures we could use to block the attack.