Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

2/27/2012
07:30 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Lieberman Software Detects And Secures Well Known Default Passwords

Enterprise Random Password Manager now offers a solution to identify known, built-in administrator passwords in the network

Click here for more articles.

LOS ANGELES--(BUSINESS WIRE)--Lieberman Software Corporation announced that with its latest release, the company's flagship privileged identity management product, Enterprise Random Password Manager™ (ERPM), now offers a solution to identify known, built-in administrator passwords in the network. This provides IT staff with more knowledge and control to secure privileged accounts against unauthorized access. The company is exhibiting this functionality in booth 341 at RSA Conference 2012 in San Francisco this week.

The new “known password discovery” feature in ERPM scans the network, detecting and securing default and well-known privileged logins that make it easy for unauthorized individuals and malware to gain control of sensitive data.

Many hardware devices come pre-configured with default credentials that are rarely changed and publicly known. Because these insecure default passwords can be easily identified, anyone with network access and malicious intent can login using these credentials and access systems and applications throughout the organization.

With ERPM, default and other easily-cracked and widely known passwords are automatically secured, and authorized IT administrators are given an authoritative audit trail of their access. As an added benefit, ERPM saves IT staff time by instantly providing login credentials, on-demand, for audited, delegated access to systems and applications.

“When ERPM performs automated discovery it attempts to use an ‘alt admin’ and otherwise well-known credentials, records any logins as known passwords in the web interface, and makes the account available for recovery,” said Chris Stoneff, Director of Professional Services at Lieberman Software. “ERPM’s ability to discover factory default passwords and alert IT to their existence is a significant security enhancement and meets a direct need for many of our large enterprise customers.”

ERPM automatically discovers, secures, tracks and audits the privileged account passwords in the enterprise. Privileged accounts hold elevated, “super-user” permission to install, configure and repair applications and hardware, and provide IT staff with shared, anonymous access to an organization’s most sensitive IT assets.

To see how the privileged account discovery functionality works, Lieberman Software offers a free risk assessment available at http://www.liebsoft.com/risk_assessment.

For more information on ERPM see www.liebsoft.com/enterprise_random_password_manager.

About Lieberman Software Corporation

Lieberman Software provides privileged identity management and security management solutions to more than 1000 customers worldwide, including 40 percent of the Fortune 50. By automatically discovering and managing privileged accounts everywhere on the network, Lieberman Software helps secure access to sensitive systems and data, thereby reducing internal and external security vulnerabilities, improving IT productivity and helping ensure regulatory compliance. The company developed the first solution for the privileged identity management space, and its products continue to lead this market in features and functionality. Lieberman Software is headquartered in Los Angeles, CA with an office in Austin, TX and channel partners throughout the world. For more information, visit www.liebsoft.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
MS8699
50%
50%
MS8699,
User Rank: Apprentice
2/28/2012 | 4:18:34 AM
re: Lieberman Software Detects And Secures Well Known Default Passwords
New release!! Lieberman Software Corporation.

Enterprise Random Password Manager now offers a solution to identify known, built-in administrator passwords in the network.
News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-29445
PUBLISHED: 2021-04-16
jose-node-esm-runtime is an npm package which provides a number of cryptographic functions. In versions prior to 3.11.4 the AES_CBC_HMAC_SHA2 Algorithm (A128CBC-HS256, A192CBC-HS384, A256CBC-HS512) decryption would always execute both HMAC tag verification and CBC decryption, if either failed `JWEDe...
CVE-2021-29446
PUBLISHED: 2021-04-16
jose-node-cjs-runtime is an npm package which provides a number of cryptographic functions. In versions prior to 3.11.4 the AES_CBC_HMAC_SHA2 Algorithm (A128CBC-HS256, A192CBC-HS384, A256CBC-HS512) decryption would always execute both HMAC tag verification and CBC decryption, if either failed `JWEDe...
CVE-2021-29451
PUBLISHED: 2021-04-16
Portofino is an open source web development framework. Portofino before version 5.2.1 did not properly verify the signature of JSON Web Tokens. This allows forging a valid JWT. The issue will be patched in the upcoming 5.2.1 release.
CVE-2021-29452
PUBLISHED: 2021-04-16
a12n-server is an npm package which aims to provide a simple authentication system. A new HAL-Form was added to allow editing users in version 0.18.0. This feature should only have been accessible to admins. Unfortunately, privileges were incorrectly checked allowing any logged in user to make this ...
CVE-2021-29444
PUBLISHED: 2021-04-16
jose-browser-runtime is an npm package which provides a number of cryptographic functions. In versions prior to 3.11.4 the AES_CBC_HMAC_SHA2 Algorithm (A128CBC-HS256, A192CBC-HS384, A256CBC-HS512) decryption would always execute both HMAC tag verification and CBC decryption, if either failed `JWEDec...