{"id":6936,"date":"2017-03-10T10:00:02","date_gmt":"2017-03-10T18:00:02","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/03\/10\/news-727\/"},"modified":"2017-03-10T10:00:02","modified_gmt":"2017-03-10T18:00:02","slug":"news-727","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2017\/03\/10\/news-727\/","title":{"rendered":"TippingPoint Threat Intelligence and Zero-Day Coverage \u2013 Week of March 6, 2017"},"content":{"rendered":"<p><strong>Credit to Author: Elisa Lippincott (TippingPoint Global Product Marketing)| Date: Fri, 10 Mar 2017 13:00:08 +0000<\/strong><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" width=\"300\" height=\"205\" src=\"http:\/\/blog.trendmicro.com\/wp-content\/uploads\/2016\/04\/TP-WeeklyBlog-300x205-300x205.jpg\" class=\"webfeedsFeaturedVisual wp-post-image\" alt=\"\" style=\"float: left; margin-right: 5px;\" srcset=\"http:\/\/blog.trendmicro.com\/wp-content\/uploads\/2016\/04\/TP-WeeklyBlog-300x205.jpg 300w, http:\/\/blog.trendmicro.com\/wp-content\/uploads\/2016\/04\/TP-WeeklyBlog-300x205-125x85.jpg 125w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/p>\n<p>According to Reference.com, the saying that \u201ceverything is bigger in Texas\u201d likely originated as a reference to the state\u2019s huge geographical area. Texas is second only to Alaska in size, but it is the largest of the contiguous 48 states. I am a native Texan (big hair and all) and it\u2019s exciting to have a new Trend Micro office in our state. After almost a year since the TippingPoint team became a member of the Trend Micro family, we are finally in our <a href=\"http:\/\/newsroom.trendmicro.com\/press-release\/company-milestones\/trend-micro-expands-presence-lone-star-state\">new office<\/a>. Let me tell you: 75,000 sq. ft. isn\u2019t too shabby.<\/p>\n<p>With all the craziness we encountered dealing with a massive office move, the city of Austin is adding to that with today\u2019s start of SXSW 2017. Trend Micro will be exhibiting in booth 412 at the <a href=\"https:\/\/www.sxsw.com\/exhibitions\/job-market\/\">SXSW Job Market<\/a> on March 11-12 at the Austin Convention Center. A number of us will be on hand to answer any questions about our great organization and demonstrate some of the great things we do. If you don\u2019t have a SXSW badge, you can register for a free SXSW Guest Pass <a href=\"https:\/\/guestpass.sxsw.com\/\">here<\/a>.<\/p>\n<p><strong>Apache Struts Content-type Command Injection Vulnerability (CVE-2017-5638)<\/strong><\/p>\n<p>Earlier this week, TippingPoint released DVToolkit CSW file CVE-2017-5638.csw to address the Apache Struts vulnerability that already has exploits available in the wild. This filter detects an attempt to exploit a command injection vulnerability in Apache Struts. This vulnerability results from a failure to properly validate content-type headers when processing requests. A successful attack leads to arbitrary code execution in the context of the web server. Authentication is not required to exploit this vulnerability. The CSW filter will be replaced with Mainline DV filter 27410. For the latest DVToolkit filters, customers can visit the <a href=\"https:\/\/tmc.tippingpoint.com\">Threat Management Center<\/a> (TMC) and navigate to Releases &gt; CSW Files.<strong>\u00a0<\/strong><\/p>\n<p><strong>Pwn2Own 2017 Next Week!<\/strong><\/p>\n<p>The time has come! Starting on March 15, the 10<sup>th<\/sup> annual Pwn2Own contest returns to CanSecWest. The Zero Day Initiative will be offering more than $1,000,000 across five different categories to see the latest research and crown a Master of Pwn. There will be daily wrap-ups of the event so please follow Zero Day Initiative on <a href=\"https:\/\/twitter.com\/thezdi\">Twitter<\/a> for all the latest updates! Click <a href=\"http:\/\/blog.trendmicro.com\/pwn2own-returns-for-2017-to-celebrate-10-years-of-exploits\/\">here<\/a> for the complete rules.<\/p>\n<p><strong>Zero-Day Filters<\/strong><\/p>\n<p>There are 14 new zero-day filters covering four vendors in this week\u2019s Digital Vaccine (DV) package. A number of existing filters in this week\u2019s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and\/or optimize performance. You can browse the list of <a href=\"http:\/\/www.zerodayinitiative.com\/advisories\/published\/\">published advisories<\/a> and <a href=\"http:\/\/www.zerodayinitiative.com\/advisories\/upcoming\/\">upcoming advisories<\/a> on the <a href=\"http:\/\/www.zerodayinitiative.com\/\">Zero Day Initiative<\/a> website.<\/p>\n<p><strong><em>Adobe (1)<\/em><\/strong><\/p>\n<p>\u2022 \u00a027304: ZDI-CAN-4395: Zero Day Initiative Vulnerability (Adobe Reader DC)<strong><em>\u00a0<\/em><\/strong><\/p>\n<p><strong><em>Cisco (2)<\/em><\/strong><\/p>\n<p>\u2022 \u00a027315: ZDI-CAN-4468,4469: Zero Day Initiative Vulnerability (Cisco Prime Collaboration Provisioning)<\/p>\n<p>\u2022 \u00a027316: ZDI-CAN-4467: Zero Day Initiative Vulnerability (Cisco Prime Collaboration Provisioning)<strong><em>\u00a0<\/em><\/strong><\/p>\n<p><strong><em>Foxit (2)<\/em><\/strong><\/p>\n<p>\u2022 \u00a027124: HTTP: Foxit Reader JPEG2000 Parsing Out-of-Bounds Write Vulnerability (ZDI-17-032)<\/p>\n<p>\u2022 \u00a027125: HTTP: Foxit Reader JPEG2000 Parsing Information Disclosure Vulnerability (ZDI-17-033)<strong><em>\u00a0<\/em><\/strong><\/p>\n<p><strong><em>Trend Micro (9)<\/em><\/strong><\/p>\n<p>\u2022 \u00a027305: ZDI-CAN-4396: Zero Day Initiative Vulnerability (Trend Micro SafeSync for Enterprise)<\/p>\n<p>\u2022 \u00a027306: ZDI-CAN-4397: Zero Day Initiative Vulnerability (Trend Micro SafeSync for Enterprise)<\/p>\n<p>\u2022 \u00a027308: ZDI-CAN-4398: Zero Day Initiative Vulnerability (Trend Micro SafeSync for Enterprise)<\/p>\n<p>\u2022 \u00a027309: ZDI-CAN-4399-4401: Zero Day Initiative Vulnerability (Trend Micro SafeSync for Enterprise)<\/p>\n<p>\u2022 \u00a027310: ZDI-CAN-4474: Zero Day Initiative Vulnerability (Trend Micro Control Manager)<\/p>\n<p>\u2022 \u00a027311: ZDI-CAN-4402: Zero Day Initiative Vulnerability (Trend Micro SafeSync for Enterprise)<\/p>\n<p>\u2022 \u00a027312: ZDI-CAN-4472: Zero Day Initiative Vulnerability (Trend Micro InterScan Messaging Security Suite)<\/p>\n<p>\u2022 \u00a027313: ZDI-CAN-4403: Zero Day Initiative Vulnerability (Trend Micro SafeSync for Enterprise)<\/p>\n<p>\u2022 \u00a027314: ZDI-CAN-4471: Zero Day Initiative Vulnerability (Trend Micro InterScan Web Security VA)<strong><em>\u00a0<\/em><\/strong><\/p>\n<p><strong>Missed Last Week\u2019s News?<\/strong><\/p>\n<p>Catch up on last week\u2019s news in my <a href=\"http:\/\/blog.trendmicro.com\/tippingpoint-threat-intelligence-zero-day-coverage-week-february-27-2017\/\">weekly recap<\/a>.<\/p>\n<p><a href=\"http:\/\/blog.trendmicro.com\/tippingpoint-threat-intelligence-zero-day-coverage-week-march-6-2017\/\" target=\"bwo\" >http:\/\/feeds.trendmicro.com\/TrendMicroSimplySecurity<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Elisa Lippincott (TippingPoint Global Product Marketing)| Date: Fri, 10 Mar 2017 13:00:08 +0000<\/strong><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" width=\"300\" height=\"205\" src=\"http:\/\/blog.trendmicro.com\/wp-content\/uploads\/2016\/04\/TP-WeeklyBlog-300x205-300x205.jpg\" class=\"webfeedsFeaturedVisual wp-post-image\" alt=\"\" style=\"float: left; margin-right: 5px;\" srcset=\"http:\/\/blog.trendmicro.com\/wp-content\/uploads\/2016\/04\/TP-WeeklyBlog-300x205.jpg 300w, http:\/\/blog.trendmicro.com\/wp-content\/uploads\/2016\/04\/TP-WeeklyBlog-300x205-125x85.jpg 125w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/>According to Reference.com, the saying that \u201ceverything is bigger in Texas\u201d likely originated as a reference to the state\u2019s huge geographical area. Texas is second only to Alaska in size, but it is the largest of the contiguous 48 states. I am a native Texan (big hair and all) and it\u2019s exciting to have a&#8230;<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10378,10413],"tags":[10384,714,10415],"class_list":["post-6936","post","type-post","status-publish","format-standard","hentry","category-security","category-trendmicro","tag-network","tag-security","tag-zero-day-initiative"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/6936","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=6936"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/6936\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=6936"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=6936"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=6936"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}