TippingPoint Threat Intelligence and Zero-Day Coverage – Week of April 16, 2018

Credit to Author: Elisa Lippincott (TippingPoint Global Product Marketing)| Date: Fri, 20 Apr 2018 14:45:13 +0000

It was a crazy week at this year’s RSA Conference in San Francisco. I always try to get a quick view of the floor to see companies old and new exhibit their wares. Unfortunately, work never sleeps when you attend a conference, and the shortage of seating at this year’s event left many, including myself, with a view of the actual floor. So I decided to listen instead.

 

 

You would be surprised what you can hear if you really pay attention. I heard someone ordering something and giving out their credit card number, someone asking another person about a job, and even someone talking on the phone with their pet sitter and giving them the code for their home alarm system.

Imagine if I had heard this information and I was a “bad guy.” I could piece some information together and attempt to impersonate someone else via email to get some valuable data like banking information…all without including a malicious file. Email is still one of the most lucrative attack vectors for cyber criminals, with total global losses from business email compromise (BEC) scams predicted to reach $9 billion this year. To counter those scams, Trend Micro introduced its Writing Style DNA, a new layer of protection against BEC attacks that uses artificial intelligence (AI) to “blueprint” a user’s style of writing through more than 7,000 writing characteristics. When an email is suspected of impersonating a high-profile user, like an organization’s CEO, the style is compared to Trend Micro’s trained AI model and a warning is sent to the implied sender, the recipient and the IT department. You can learn more about Writing Style DNA here.

Postscript: For the record, I did nothing with the information I heard – but I could have. Be aware of your surroundings because you never know who might be listening.

Adobe Security Update

This week’s Digital Vaccine (DV) package includes coverage for Adobe updates released on or before April 10, 2018. The following table maps Digital Vaccine filters to the Adobe updates. You can get more detailed information on this month’s security updates from Dustin Childs’ April 2018 Security Update Review from the Zero Day Initiative:

Bulletin # CVE # Digital Vaccine Filter #
APSB18-08 CVE-2018-4932 31154
APSB18-08 CVE-2018-4933 31156
APSB18-08 CVE-2018-4934 31186
APSB18-08 CVE-2018-4935 31190
APSB18-08 CVE-2018-4936 31201

 

Zero-Day Filters

There are six new zero-day filters covering three vendors in this week’s Digital Vaccine (DV) package. A number of existing filters in this week’s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and/or optimize performance. You can browse the list of published advisories and upcoming advisories on the Zero Day Initiative website. You can also follow the Zero Day Initiative on Twitter @thezdi and on their blog.

Apple (1)

  • 31167: ZDI-CAN-5544: Zero Day Initiative Vulnerability (Apple Safari)

GE (4)

  • 31161: ZDI-CAN-5538: Zero Day Initiative Vulnerability (GE MDS PulseNET)
  • 31163: ZDI-CAN-5539: Zero Day Initiative Vulnerability (GE MDS PulseNET)
  • 31164: ZDI-CAN-5540: Zero Day Initiative Vulnerability (GE MDS PulseNET)
  • 31165: ZDI-CAN-5541: Zero Day Initiative Vulnerability (GE MDS PulseNET)

Oracle (1)

  • 31138: HTTPS: Oracle Secure Backup exec_qr Command Injection Vulnerability (ZDI-09-003)

Missed Last Week’s News?

Catch up on last week’s news in my weekly recap.

The post TippingPoint Threat Intelligence and Zero-Day Coverage – Week of April 16, 2018 appeared first on .

http://feeds.trendmicro.com/TrendMicroSimplySecurity