Friday, April 26, 2024
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

Security TrendMicro 

TippingPoint Threat Intelligence and Zero-Day Coverage – Week of October 23, 2017

admin , ,

Credit to Author: Elisa Lippincott (TippingPoint Global Product Marketing)| Date: Fri, 27 Oct 2017 12:00:32 +0000

Just like Bugs Bunny wears disguises to avert his enemies, there’s another “wascally” rabbit causing trouble in the form of ransomware. Bad Rabbit is the latest ransomware campaign hitting Eastern European countries with what looks like a variant of the Petya/NotPetya ransomware. Bad Rabbit spreads via fake Adobe Flash updates and also leverages some of the exploits released by Shadowbrokers earlier this year.

 

I know sometimes it’s easier said than done based on patch management schedules – make sure to apply vendor critical patches as soon as possible. Trend Micro is keeping close tabs on the situation and has pulled together valuable resources with detailed information.

Mobile Pwn2Own

Next week, the Zero Day Initiative will be hosting this year’s Mobile Pwn2Own in Tokyo, Japan. More than $500,000 USD is available in the prize pool, and we’re giving add-on bonuses for exploits that meet a higher bar of difficulty. This year’s targets include Google Pixel, Samsung Galaxy S8, Apple iPhone 7 and Huawei Mate9 Pro. You can check out all the contest details and rules here.

The team will be live blogging and tweeting results throughout the competition. For continuing coverage of the event, make sure to follow @thezdi and @trendmicro on Twitter, and keep an eye on the #MP2O hashtag for continuing coverage.

Zero-Day Filters

There are 20 new zero-day filters covering 10 vendors in this week’s Digital Vaccine (DV) package. A number of existing filters in this week’s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and/or optimize performance. You can browse the list of published advisories and upcoming advisories on the Zero Day Initiative website. You can also follow the Zero Day Initiative on Twitter @thezdi and on their blog.

Apple (1)

  • 29781: ZDI-CAN-5096: Zero Day Initiative Vulnerability (Apple Safari)

Belkin (1)

  • 29780: ZDI-CAN-5095: Zero Day Initiative Vulnerability (Belkin Wemo Link)

Cisco (1)

  • 29759: HTTP: Cisco Prime Collaboration Provisioning Logs Directory Information Disclosure (ZDI-17-449)

Foxit (4)

  • 29696: ZDI-CAN-5073: Zero Day Initiative Vulnerability (Foxit Reader)
  • 29768: ZDI-CAN-5091: Zero Day Initiative Vulnerability (Foxit Reader)
  • 29769: ZDI-CAN-5092: Zero Day Initiative Vulnerability (Foxit Reader)
  • 29772: ZDI-CAN-5094: Zero Day Initiative Vulnerability (Foxit Reader) 

Hewlett Packard Enterprise (1)

  • 29770: ZDI-CAN-5093: Zero Day Initiative Vulnerability (Hewlett Packard Enterprise Intelligent Management)

Microsoft (6)

  • 29765: HTTP: Microsoft Internet Explorer NewMessage Privilege Escalation Vulnerability (ZDI-16-018)
  • 29784: ZDI-CAN-5105: Zero Day Initiative Vulnerability (Microsoft Office Excel)
  • 29786: ZDI-CAN-5111: Zero Day Initiative Vulnerability (Microsoft Windows)
  • 29794: ZDI-CAN-5112: Zero Day Initiative Vulnerability (Microsoft Windows)
  • 29795: ZDI-CAN-5113: Zero Day Initiative Vulnerability (Microsoft Office Publisher)
  • 29796: ZDI-CAN-5114: Zero Day Initiative Vulnerability (Microsoft Chakra)

NetGain Systems (1)

  • 29783: ZDI-CAN-5104: Zero Day Initiative Vulnerability (NetGain Systems Enterprise Manager)

Novell (1)

  • 29767: ZDI-CAN-5087: Zero Day Initiative Vulnerability (Novell NetIQ Access Manager)

Schneider Electric (3)

  • 29762: HTTP: Schneider Electric U.motion Builder syslog_getdata SQL Injection Vulnerability (ZDI-17-379)
  • 29763: HTTP: Schneider Electric U.motion Builder track_getdata SQL Injection Vulnerability (ZDI-17-382)
  • 29764: HTTP: Schneider Electric U.motion Builder editobject SQL Injection Vulnerability (ZDI-17-384)

Trend Micro (1)

  • 29785: ZDI-CAN-5107: Zero Day Initiative Vulnerability (Trend Micro Control Manager)

Missed Last Week’s News?

Catch up on last week’s news in my weekly recap.

http://feeds.trendmicro.com/TrendMicroSimplySecurity