{"id":12143,"date":"2018-04-27T05:00:21","date_gmt":"2018-04-27T13:00:21","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2018\/04\/27\/news-5912\/"},"modified":"2018-04-27T05:00:21","modified_gmt":"2018-04-27T13:00:21","slug":"news-5912","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2018\/04\/27\/news-5912\/","title":{"rendered":"TippingPoint Threat Intelligence and Zero-Day Coverage \u2013 Week of April 23, 2018"},"content":{"rendered":"

Credit to Author: Elisa Lippincott (TippingPoint Global Product Marketing)| Date: Fri, 27 Apr 2018 12:00:45 +0000<\/strong><\/p>\n

\"\"<\/p>\n

I was having dinner with friends recently and one of the newer members of the group asked me what I did for a living. I told him that I worked for a cybersecurity company and his reply was, \u201cI don\u2019t need to worry about security \u2013 I have a MacBook.\u201d I thought that at any second, Rod Serling was going to rise from his grave and come tell me that I\u2019m in the Twilight Zone. Sure, 25+ years ago, that could have been a little bit true, but just like Osgood Fielding III says in the last line of the movie Some Like it Hot<\/em>, \u201cNobody\u2019s perfect.\u201d<\/p>\n

It goes without saying that you need security regardless of the brand of your laptop. Many Apple vulnerabilities are submitted to the Zero Day Initiative all the time, and most recently, a MacOS backdoor detected by Trend Micro has ties to the OceanLotus cyber-espionage group. Phishing continues to be a huge problem for enterprises and consumers alike, so don\u2019t cross over into the Twilight Zone \u2013 make sure you\u2019re protected. For the gory details on the latest MacOS backdoor, you can read more here: https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/new-macos-backdoor-linked-to-oceanlotus-found\/<\/a>.\u00a0<\/strong><\/p>\n

Zero-Day Filters<\/strong><\/p>\n

There are three new zero-day filters covering three vendors in this week\u2019s Digital Vaccine (DV) package. A number of existing filters in this week\u2019s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and\/or optimize performance. You can browse the list of published advisories<\/a> and upcoming advisories<\/a> on the Zero Day Initiative<\/a> website. You can also follow the Zero Day Initiative on Twitter @thezdi<\/a> and on their blog<\/a>.<\/p>\n

Advantech (1)<\/em><\/strong><\/p>\n\n\n\n\n
<\/td>\n\n
    \n
  • 31281: HTTP: Advantech WebAccess Node chkLogin2 user SQL Injection Vulnerability (ZDI-18-143)<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

Sun (1)<\/em><\/strong><\/p>\n\n\n\n\n
<\/td>\n\n
    \n
  • 31184: HTTP: Sun Java Runtime AWT setDifflCM Stack Buffer Overflow Vulnerability (ZDI-09-078)<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

Symantec (1)<\/em><\/strong><\/p>\n\n\n\n\n
<\/td>\n\n
    \n
  • 31276: HTTPS: Symantec Backup Exec System Recovery Arbitrary File Upload Vulnerability (ZDI-08-003)<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

Missed Last Week\u2019s News?<\/strong><\/p>\n

Catch up on last week\u2019s news in my weekly recap<\/a>.<\/p>\n

The post TippingPoint Threat Intelligence and Zero-Day Coverage \u2013 Week of April 23, 2018<\/a> appeared first on <\/a>.<\/p>\n

http:\/\/feeds.trendmicro.com\/TrendMicroSimplySecurity<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Credit to Author: Elisa Lippincott (TippingPoint Global Product Marketing)| Date: Fri, 27 Apr 2018 12:00:45 +0000<\/strong><\/p>\n

\"\"<\/p>\n

I was having dinner with friends recently and one of the newer members of the group asked me what I did for a living. I told him that I worked for a cybersecurity company and his reply was, \u201cI don\u2019t need to worry about security \u2013 I have a MacBook.\u201d I thought that at any…<\/p>\n

The post TippingPoint Threat Intelligence and Zero-Day Coverage \u2013 Week of April 23, 2018<\/a> appeared first on <\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10378,10413],"tags":[18255,10384,714,18256,10415,11524],"class_list":["post-12143","post","type-post","status-publish","format-standard","hentry","category-security","category-trendmicro","tag-digital-vaccine","tag-network","tag-security","tag-tippingpoint","tag-zero-day-initiative","tag-zero-day"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/12143","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=12143"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/12143\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=12143"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=12143"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=12143"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}