{"id":5801,"date":"2017-01-18T22:14:04","date_gmt":"2017-01-18T22:14:04","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/01\/18\/news-16\/"},"modified":"2017-01-18T22:14:04","modified_gmt":"2017-01-18T22:14:04","slug":"news-16","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2017\/01\/18\/news-16\/","title":{"rendered":"TippingPoint Threat Intelligence and Zero-Day Coverage \u2013 Week of January 9, 2017"},"content":{"rendered":"

\"\"<\/p>\n

A lot can happen in a decade. I read an article earlier this week about Apple celebrating the 10th<\/sup> anniversary of its very first iPhone. I started thinking about what was going on in the TippingPoint world 10 years ago and the first thing that came to mind was our Pwn2Own contest. In 2007, the Zero Day Initiative held the first annual Pwn2Own contest. Back then, the focus was on Apple, but not the iPhone. The focus was on laptops and Apple\u2019s Mac OS X.<\/p>\n

It\u2019s been interesting to see the evolution of the Pwn2Own \u2013 the focus has adapted as new technologies emerged and now, there\u2019s even a separate Pwn2Own dedicated to mobile phones. This year, we\u2019ll be celebrating the 10th<\/sup> anniversary of Pwn2Own. Details will be published soon on the Trend Micro Simply Security blog. In the meantime, take a look at the ZDI 2016 Retrospective<\/a>.<\/p>\n

Next-Generation Intrusion Prevention at Speeds up to 100Gbps<\/strong><\/p>\n

Earlier this week, we announced<\/a> the industry\u2019s first 100Gbps standalone next-generation intrusion prevention system: the TippingPoint 7600NX. This new addition to the Trend Micro TippingPoint family is specifically designed for data centers and enterprises with high traffic environments who need real-time, inline protection that can keep up with their evolving performance requirements. You can learn more here<\/a>.<\/p>\n

Microsoft Patch Tuesday Update<\/strong><\/p>\n

This week\u2019s Digital Vaccine (DV) package includes coverage for the Microsoft Security Bulletins released on or before January 10, 2017. This month\u2019s Patch Tuesday covered three CVEs with four update bulletins \u2013 one of them rated critical. The following table maps Digital Vaccine filters to the Microsoft Security Bulletins. You can get more detailed information on this month\u2019s Microsoft Security Bulletins from Dustin Childs\u2019 January 2017 Security Update Review<\/a>:<\/p>\n

\n\n\n\n\n\n
Bulletin #<\/strong><\/td>\nCVE #<\/strong><\/td>\nDigital Vaccine Filter #<\/strong><\/td>\nStatus<\/strong><\/td>\n<\/tr>\n
MS17-001<\/td>\nCVE-2017-0002<\/td>\n<\/td>\nInsufficient information<\/td>\n<\/tr>\n
MS17-002<\/td>\nCVE-2017-0003<\/td>\n26410<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/div>\n

 <\/p>\n

Zero Day Initiative Team Members Speaking at REcon Brussels 2017<\/strong><\/p>\n

RECon is a computer security conference with a focus on reverse engineering and advanced exploitation techniques. The conference will be held for the first time in Brussels, Belgium. It offers a single track of presentations over the span of three days with a focus on reverse engineering and advanced exploitation techniques. The Zero Day Initiative will be represented with two speaking slots:<\/p>\n\n\n\n\n
<\/td>\n\n
    \n
  • Transforming Open Source to Open Access in Closed Applications (Brian Gorenc, Jasiel Spelman, Abdul-Aziz Hariri)<\/li>\n
  • A Little Less Conversation, A Little More ActionScript (WanderingGlitch<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

For more information on the conference, visit https:\/\/recon.cx\/2017\/brussels\/.<\/a><\/p>\n

Zero-Day Filters<\/strong><\/p>\n

There are 27 new zero-day filters covering five vendors in this week\u2019s Digital Vaccine (DV) package. A number of existing filters in this week\u2019s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and\/or optimize performance. You can browse the list of published advisories<\/a> and upcoming advisories<\/a> on the Zero Day Initiative<\/a> website.<\/p>\n

Adobe (2)<\/em><\/strong><\/p>\n\n\n\n\n
<\/td>\n\n
    \n
  • 26489: ZDI-CAN-4200: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)<\/li>\n
  • 26491: ZDI-CAN-4201: Zero Day Initiative Vulnerability (Adobe Reader DC)\u00a0<\/em><\/strong><\/li>\n<\/ul>\n<\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

Advantech (15)<\/em><\/strong><\/p>\n\n\n\n\n
<\/td>\n\n
    \n
  • 26397: ZDI-CAN-4080, ZDI-CAN-4081: Zero Day Initiative Vulnerability (Advantech WebAccess)<\/li>\n
  • 26398: ZDI-CAN-4082-4085: Zero Day Initiative Vulnerability (Advantech WebAccess)<\/li>\n
  • 26401: ZDI-CAN-4087: Zero Day Initiative Vulnerability (Advantech WebAccess)<\/li>\n
  • 26402: ZDI-CAN-4086: Zero Day Initiative Vulnerability (Advantech WebAccess)<\/li>\n
  • 26403: ZDI-CAN-4088: Zero Day Initiative Vulnerability (Advantech WebAccess)<\/li>\n
  • 26409: ZDI-CAN-4090: Zero Day Initiative Vulnerability (Advantech WebAccess)<\/li>\n
  • 26411: ZDI-CAN-4091: Zero Day Initiative Vulnerability (Advantech WebAccess)<\/li>\n
  • 26412: ZDI-CAN-4092: Zero Day Initiative Vulnerability (Advantech WebAccess)<\/li>\n
  • 26413: ZDI-CAN-4093: Zero Day Initiative Vulnerability (Advantech WebAccess)<\/li>\n
  • 26414: ZDI-CAN-4095,4096: Zero Day Initiative Vulnerability (Advantech WebAccess)<\/li>\n
  • 26415: ZDI-CAN-4094: Zero Day Initiative Vulnerability (Advantech WebAccess)<\/li>\n
  • 26416: ZDI-CAN-4097: Zero Day Initiative Vulnerability (Advantech WebAccess)<\/li>\n
  • 26417: ZDI-CAN-4098-4109: Zero Day Initiative Vulnerability (Advantech WebAccess)<\/li>\n
  • 26481: ZDI-CAN-4110: Zero Day Initiative Vulnerability (Advantech WebAccess)<\/li>\n
  • 26482: ZDI-CAN-4089: Zero Day Initiative Vulnerability (Advantech WebAccess)\u00a0<\/em><\/strong><\/li>\n<\/ul>\n<\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

Apple (1)<\/em><\/strong><\/p>\n\n\n\n\n
<\/td>\n\n
    \n
  • 26419: ZDI-CAN-4121: Zero Day Initiative Vulnerability (Apple Safari)\u00a0<\/em><\/strong><\/li>\n<\/ul>\n<\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

Hewlett Packard Enterprise (1)<\/em><\/strong><\/p>\n\n\n\n\n
<\/td>\n\n
    \n
  • 25807: ZDI-CAN-4122: Zero Day Initiative Vulnerability (Hewlett Packard Enterprise Intelligent Management)\u00a0<\/strong><\/li>\n<\/ul>\n<\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

Trend Micro (8)<\/em><\/strong><\/p>\n\n\n\n\n
<\/td>\n\n
    \n
  • 26483: ZDI-CAN-4130: Zero Day Initiative Vulnerability (Trend Micro Data Loss Prevention Manager)<\/li>\n
  • 26484: ZDI-CAN-4119,4120: Zero Day Initiative Vulnerability (Trend Micro Data Loss Prevention Manager)<\/li>\n
  • 26485: ZDI-CAN-4131: Zero Day Initiative Vulnerability (Trend Micro Data Loss Prevention Manager)<\/li>\n
  • 26486: ZDI-CAN-4132: Zero Day Initiative Vulnerability (Trend Micro Data Loss Prevention Manager)<\/li>\n
  • 26487: ZDI-CAN-4133: Zero Day Initiative Vulnerability (Trend Micro Data Loss Prevention Manager)<\/li>\n
  • 26488: ZDI-CAN-4134: Zero Day Initiative Vulnerability (Trend Micro Data Loss Prevention Manager)<\/li>\n
  • 26490: ZDI-CAN-4135: Zero Day Initiative Vulnerability (Trend Micro Data Loss Prevention Manager)<\/li>\n
  • 26492: ZDI-CAN-4136: Zero Day Initiative Vulnerability (Trend Micro Data Loss Prevention Manager)<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

Missed Last Week\u2019s News?<\/strong><\/p>\n

Catch up on last week\u2019s news in my weekly recap<\/a>.<\/p>\n

http:\/\/feeds.trendmicro.com\/TrendMicroSimplySecurity<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

\"\"A lot can happen in a decade. I read an article earlier this week about Apple celebrating the 10th anniversary of its very first iPhone. I started thinking about what was going on in the TippingPoint world 10 years ago and the first thing that came to mind was our Pwn2Own contest. In 2007, the…<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10378,10413],"tags":[10384,714,10415],"class_list":["post-5801","post","type-post","status-publish","format-standard","hentry","category-security","category-trendmicro","tag-network","tag-security","tag-zero-day-initiative"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/5801","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=5801"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/5801\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=5801"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=5801"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=5801"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}