Friday, April 19, 2024
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

Security TrendMicro 

TippingPoint Threat Intelligence and Zero-Day Coverage – Week of July 24, 2017

admin , ,

Credit to Author: Elisa Lippincott (TippingPoint Global Product Marketing)| Date: Fri, 28 Jul 2017 17:25:08 +0000

This week, I attended the Black Hat conference in Las Vegas, Nevada. 2017 marked the 20th anniversary of the Black Hat conference. A lot has certainly changed since I started attending back in 2002. I’m sure that many will have their opinions on the central themes that they saw at the conference (artificial intelligence was one message I saw on many booth graphics), but the theme that was dominant in my discussions with various security organizations was integration.

“How can our solutions work with yours?” “Can we set up an API so our solutions can talk to each other?”

Integration isn’t new to us. We’ve made it a point to work with other solutions that customers have in their networks, even products from companies I’d consider “frenemies.” In the end, the ultimate goal is visibility and being able to compile threat intelligence from multiple sources and make sense of it all. For those using TippingPoint solutions from Trend Micro, you can see how SMS Threat Insights can help you prioritize what you need to focus on first and make you the hero of your network. Learn more about SMS Threat Insights from this short video:

Zero-Day Filters

There are 18 new zero-day filters covering five vendors in this week’s Digital Vaccine (DV) package. A number of existing filters in this week’s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and/or optimize performance. You can browse the list of published advisories and upcoming advisories on the Zero Day Initiative website.

Cisco (6)

  • 29069: HTTPS: Cisco Prime Collaboration Provisioning Arbitrary File Deletion Vulnerability (ZDI-17-446)
  • 29131: HTTPS: Cisco Prime Collaboration Provisioning ScriptMgr Servlet Authentication Bypass (ZDI-17-445)
  • 29145: ZDI-CAN-4915: Zero Day Initiative Vulnerability (Cisco Prime Network Analysis Module)
  • 29146: ZDI-CAN-4916: Zero Day Initiative Vulnerability (Cisco Prime Network Analysis Module)
  • 29147: ZDI-CAN-4917,4919-4926: Zero Day Initiative Vulnerability (Cisco Prime Network Analysis Module)
  • 29148: ZDI-CAN-4918: Zero Day Initiative Vulnerability (Cisco Prime Network Analysis Module) 

Hewlett Packard Enterprise (4)

  • 28978: TCP: HPE Intelligent Management Center dbman Opcode 10010 Arbitrary File Write (ZDI-17-337)
  • 29141: ZDI-CAN-4899-4901: Zero Day Initiative Vulnerability (HPE Intelligent Management Center)
  • 29143: ZDI-CAN-4902-4904: Zero Day Initiative Vulnerability (HPE Intelligent Management Center)
  • 29144: ZDI-CAN-4905: Zero Day Initiative Vulnerability (HPE Intelligent Management Center) 

Microsoft (3)

  • 29151: ZDI-CAN-4948: Zero Day Initiative Vulnerability (Microsoft Office Excel)
  • 29152: ZDI-CAN-4967: Zero Day Initiative Vulnerability (Microsoft Windows)
  • 29153: ZDI-CAN-4968: Zero Day Initiative Vulnerability (Microsoft Office) 

Schneider Electric (1)

  • 28986: HTTP: Schneider Electric U.motion Builder track_import_export SQL Injection (ZDI-17-378) 

Trend Micro (4)

  • 28903: HTTPS: Trend Micro SafeSync for Enterprise mount_local_device Command Injection (ZDI-17-121)
  • 28988: HTTPS: Trend Micro InterScan Web Security GetClusterInfo Command Injection Vulnerability(ZDI-17-214)
  • 29132: HTTP: Trend Micro SafeSync for Enterprise check_nfs_server_status Command Injection (ZDI-17-113)
  • 29133: HTTPS: Trend Micro SafeSync for Enterprise check_nfs_server_status Command Injection (ZDI-17-113) 

Missed Last Week’s News?

Catch up on last week’s news in my weekly recap.

http://feeds.trendmicro.com/TrendMicroSimplySecurity