Saturday, May 4, 2024
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

Security TrendMicro 

TippingPoint Threat Intelligence and Zero-Day Coverage – Week of March 20, 2017

admin , ,

Credit to Author: Elisa Lippincott (TippingPoint Global Product Marketing)| Date: Fri, 24 Mar 2017 13:33:43 +0000

The 10th anniversary of Pwn2Own is now in the books! It was a crazy week at the CanSecWest Conference, full of drama with the biggest contest ever with teams from Asia, Europe and North America! It was a tight race with only three points separating first and second place.

In the end, we saw a record 51 bugs come through the contest, gave away $833,000 USD and 12 laptops to winners…and the award for Master of Pwn.

  • 360 Security won “Master of Pwn” with 63 points
  • Tencent Security Team Sniper took second place with 60 points
  • Chaitin Security Research Lab took third place with 26 points

You can catch up on the contest by visiting the following blogs:

If you take a look at the zero-day filters we have this week, you’ll see a number of them that include “Pwn2Own” in the filter name. You guessed it! TippingPoint customers are already protected from the very vulnerabilities discovered during the contest while the affected vendors are working on a patch.

It was a grueling contest this year, but definitely one for the record books, with virtual machine escapes and a hacked touch bar. Brian Gorenc, who leads the Zero Day Initiative team, gives his perspective on the past 10 years of Pwn2Own and what the future holds. I can’t wait to see what happens next year!

Virtual Threat Protection System (vTPS) v4.2.0 is Now Available!

Earlier this week, we released version 4.2.0 build 4654 for our TippingPoint Virtual Threat Protection System (vTPS).

vTPS v4.2.0 includes the following:

  • Introduction of a single-disk architecture with a user disk partition.
  • Reduced computer requirements (1 less core is now required for deployment)
  • When configuring RADIUS, you can now set the Authentication Protocol.
  • Flexibility to upgrade inspection throughput from 500Mbps to 1Gpbs.
  • In addition, the v4.2.0 vTPS release inherits features of TPS v4.2.0, including:
    • The ability to collect a client’s true IP address.
    • The ability to identify the HTTP URI and hostname information associated with an event.
    • Enhanced SNMP support.

For a complete list of enhancements and changes, customers can refer to the product Release Notes. For questions or technical assistance on any TippingPoint product, customers can contact the TippingPoint Technical Assistance Center (TAC).

Adobe Security Bulletins Update

This week’s Digital Vaccine (DV) package includes coverage for the Adobe Security Bulletins released on or before March 14, 2017. The following table maps TippingPoint filters to the Adobe Bulletins:

Bulletin #CVE #Digital Vaccine Filter #Status
APSB17-07CVE-2017-299727499
APSB17-07CVE-2017-299827500
APSB17-07CVE-2017-299927501
APSB17-07CVE-2017-3000Insufficient Information
APSB17-07CVE-2017-300127493, 27511
APSB17-07CVE-2017-300227502
APSB17-07CVE-2017-300327503

 

Zero-Day Filters

There are 27 new zero-day filters covering six vendors in this week’s Digital Vaccine (DV) package. A number of existing filters in this week’s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and/or optimize performance. You can browse the list of published advisories and upcoming advisories on the Zero Day Initiative website.

Adobe (5)

  • 27520: PWN2OWN ZDI-CAN-4588: Zero Day Initiative Vulnerability (Adobe Reader)
  • 27521: PWN2OWN ZDI-CAN-4589: Zero Day Initiative Vulnerability (Adobe Reader)
  • 27522: PWN2OWN ZDI-CAN-4575: Zero Day Initiative Vulnerability (Adobe Reader DC)
  • 27533: PWN2OWN ZDI-CAN-4601: Zero Day Initiative Vulnerability (Adobe Flash)
  • 27534: PWN2OWN ZDI-CAN-4607: Zero Day Initiative Vulnerability (Adobe Flash) 

Apple (10)

  • 27518: PWN2OWN ZDI-CAN-4578: Zero Day Initiative Vulnerability (Apple Safari)
  • 27523: PWN2OWN ZDI-CAN-4591: Zero Day Initiative Vulnerability (Apple Safari)
  • 27524: PWN2OWN ZDI-CAN-4593: Zero Day Initiative Vulnerability (Apple Safari)
  • 27525: PWN2OWN ZDI-CAN-4594: Zero Day Initiative Vulnerability (Apple Safari)
  • 27526: PWN2OWN ZDI-CAN-4595: Zero Day Initiative Vulnerability (Apple Safari)
  • 27527: PWN2OWN ZDI-CAN-4596: Zero Day Initiative Vulnerability (Apple Safari)
  • 27528: ZDI-CAN-4597: Zero Day Initiative Vulnerability (Apple Safari)
  • 27529: ZDI-CAN-4598: Zero Day Initiative Vulnerability (Apple Safari)
  • 27535: PWN2OWN ZDI-CAN-4623: Zero Day Initiative Vulnerability (Apple Safari)
  • 27539: PWN2OWN ZDI-CAN-4613: Zero Day Initiative Vulnerability (Apple Safari) 

Google (1)

  • 27519: ZDI-CAN-4587: Zero Day Initiative Vulnerability (Google Chrome) 

Mozilla (1)

  • 27537: PWN2OWN ZDI-CAN-4620: Zero Day Initiative Vulnerability (Mozilla Firefox) 

Microsoft (6)

  • 27532: PWN2OWN ZDI-CAN-4584: Zero Day Initiative Vulnerability (Microsoft Edge)
  • 27536: PWN2OWN ZDI-CAN-4611: Zero Day Initiative Vulnerability (Microsoft Edge)
  • 27538: PWN2OWN ZDI-CAN-4618: Zero Day Initiative Vulnerability (Microsoft Edge)
  • 27540: PWN2OWN ZDI-CAN-4625: Zero Day Initiative Vulnerability (Microsoft Edge)
  • 27541: PWN2OWN ZDI-CAN-4628: Zero Day Initiative Vulnerability (Microsoft Edge)
  • 27542: PWN2OWN ZDI-CAN-4629: Zero Day Initiative Vulnerability (Microsoft Edge) 

Trend Micro (4)

  • 27507: ZDI-CAN-4404: Zero Day Initiative Vulnerability (Trend Micro SafeSync for Enterprise)
  • 27508: ZDI-CAN-4408: Zero Day Initiative Vulnerability (Trend Micro SafeSync for Enterprise)
  • 27509: ZDI-CAN-4409: Zero Day Initiative Vulnerability (Trend Micro SafeSync for Enterprise)
  • 27512: ZDI-CAN-4410: Zero Day Initiative Vulnerability (Trend Micro SafeSync for Enterprise) 

Missed Last Week’s News?

Catch up on last week’s news in my weekly recap.

http://feeds.trendmicro.com/TrendMicroSimplySecurity