{"id":11350,"date":"2018-02-02T09:00:03","date_gmt":"2018-02-02T17:00:03","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2018\/02\/02\/news-5121\/"},"modified":"2018-02-02T09:00:03","modified_gmt":"2018-02-02T17:00:03","slug":"news-5121","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2018\/02\/02\/news-5121\/","title":{"rendered":"TippingPoint Threat Intelligence and Zero-Day Coverage \u2013 Week of January 29, 2018"},"content":{"rendered":"

Credit to Author: Elisa Lippincott (TippingPoint Global Product Marketing)| Date: Fri, 02 Feb 2018 15:37:00 +0000<\/strong><\/p>\n

\"\"<\/p>\n

Late last year, Trend Micro introduced its Security Predictions for 2018<\/a>. One of the predictions stated that digital extortion will be at the core of most cybercriminals\u2019 business model. It\u2019s much more than just ransomware \u2013 it is the most successful criminal business model in the current threat landscape.<\/p>\n

Valuable information is accessible throughout corporate networks in ways not previously considered and vulnerabilities across the IT landscape could provide an entry point for attackers to damage the integrity or accessibility of critical data.<\/p>\n

Earlier this week, Trend Micro released new research that can help educate businesses and individuals, particularly in high risk industries like healthcare and manufacturing, on the breadth of digital extortion, what is targeted, and how to mitigate the risks. Learn how digital extortion figures into the threat landscape this year by reading \u201cDigital Extortion: A Forward-looking View.\u201d<\/a><\/p>\n

Zero-Day Filters<\/strong><\/p>\n

There are 17 new zero-day filters covering eight vendors in this week\u2019s Digital Vaccine (DV) package. A number of existing filters in this week\u2019s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and\/or optimize performance. You can browse the list of published advisories<\/a> and upcoming advisories<\/a> on the Zero Day Initiative<\/a> website. You can also follow the Zero Day Initiative on Twitter @thezdi<\/a> and on their blog<\/a>.<\/p>\n

Advantech (2)<\/em><\/strong><\/p>\n\n\n\n\n
<\/td>\n\n
    \n
  • 30226: HTTP: Advantech WebAccess BWSCADASoap Login Method SQL Injection Vulnerability (ZDI-18-065)<\/li>\n
  • 30228: HTTP: Advantech WebAccess gChkUser ChkAdminViewUsrPwd SQL Injection Vulnerability (ZDI-18-064)<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

Hewlett Packard Enterprise (2)<\/em><\/strong><\/p>\n\n\n\n\n
<\/td>\n\n
    \n
  • 30260: HTTP: HPE Moonshot Provisioning Manager Appliance server_response Directory Traversal (ZDI-18-003)<\/li>\n
  • 30261: HTTPS: HPE Moonshot Provisioning Manager Appliance server_response Directory Traversal (ZDI-18-003)<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

Indusoft (1)<\/em><\/strong><\/p>\n\n\n\n\n
<\/td>\n\n
    \n
  • 30299: HTTP: InduSoft Web Studio Directory Traversal (ZDI-14-118)<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

Microsoft (6)<\/em><\/strong><\/p>\n\n\n\n\n
<\/td>\n\n
    \n
  • 30258: HTTP: Microsoft Internet Explorer Chakra Memory Allocator Integer Overflow (ZDI-18-066)<\/li>\n
  • 30273: ZDI-CAN-5321: Zero Day Initiative Vulnerability (Microsoft Chakra)<\/li>\n
  • 30274: ZDI-CAN-5322: Zero Day Initiative Vulnerability (Microsoft Edge)<\/li>\n
  • 30275: ZDI-CAN-5323: Zero Day Initiative Vulnerability (Microsoft Edge)<\/li>\n
  • 30276: ZDI-CAN-5324: Zero Day Initiative Vulnerability (Microsoft Chakra)<\/li>\n
  • 30277: ZDI-CAN-5325: Zero Day Initiative Vulnerability (Microsoft Excel)<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

NetGain Systems (1)<\/em><\/strong><\/p>\n\n\n\n\n
<\/td>\n\n
    \n
  • 30272: HTTP: NetGain Systems Enterprise Manager MainFilter Authentication Bypass Vulnerability (ZDI-17-955)<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

Novell (3)<\/em><\/strong><\/p>\n\n\n\n\n
<\/td>\n\n
    \n
  • 30281: HTTPS: Novell File Reporter Buffer Overflow (ZDI-12-167)<\/li>\n
  • 30284: HTTPS:Novell NetIQ Sentinel ReportViewServlet fileName Directory Traversal Vulnerability(ZDI-16-406)<\/li>\n
  • 30302: HTTPS: Novell NetIQ Sentinel SentinelContext Authentication Bypass Vulnerability (ZDI-16-406)<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

systemd (1)<\/em><\/strong><\/p>\n\n\n\n\n
<\/td>\n\n
    \n
  • 30116: DNS: Systemd resolved dns_packet_read_type_window Denial-of-Service Vulnerability (ZDI-17-923)<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

Trend Micro (1)<\/em><\/strong><\/p>\n\n\n\n\n
<\/td>\n\n
    \n
  • 30296: HTTPS: Trend Micro Control Manager AdHocQuery Processor SQL Injection Vulnerability (ZDI-16-456)<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

Missed Last Week\u2019s News?<\/strong><\/p>\n

Catch up on last week\u2019s news in my weekly recap<\/a>.<\/p>\n

http:\/\/feeds.trendmicro.com\/TrendMicroSimplySecurity<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Credit to Author: Elisa Lippincott (TippingPoint Global Product Marketing)| Date: Fri, 02 Feb 2018 15:37:00 +0000<\/strong><\/p>\n

\"\"Late last year, Trend Micro introduced its Security Predictions for 2018. One of the predictions stated that digital extortion will be at the core of most cybercriminals\u2019 business model. It\u2019s much more than just ransomware \u2013 it is the most successful criminal business model in the current threat landscape. Valuable information is accessible throughout corporate…<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10378,10413],"tags":[10384,714,10415],"class_list":["post-11350","post","type-post","status-publish","format-standard","hentry","category-security","category-trendmicro","tag-network","tag-security","tag-zero-day-initiative"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/11350","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=11350"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/11350\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=11350"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=11350"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=11350"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}