{"id":10416,"date":"2017-11-10T07:00:30","date_gmt":"2017-11-10T15:00:30","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/11\/10\/news-4189\/"},"modified":"2017-11-10T07:00:30","modified_gmt":"2017-11-10T15:00:30","slug":"news-4189","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2017\/11\/10\/news-4189\/","title":{"rendered":"TippingPoint Threat Intelligence and Zero-Day Coverage \u2013 Week of November 6, 2017"},"content":{"rendered":"

Credit to Author: Elisa Lippincott (TippingPoint Global Product Marketing)| Date: Fri, 10 Nov 2017 14:36:42 +0000<\/strong><\/p>\n

\"\"<\/p>\n

I started a 14-day detox this week that eliminates common food allergens and hormones. It\u2019s going to be two weeks of no fun, but it\u2019s good to give your body a little reset. Plus, I\u2019ll be done just in time for the Thanksgiving holiday. Eliminating toxins from your body can be compared to eliminating threats from your network, and funny enough, I remembered that there was a print advertisement we ran (in the early days of TippingPoint) more than 13 years ago that made the same analogy.<\/p>\n

It said something along the lines of \u201cIf you want to know the benefits of our solution, start by removing your liver.\u201d Hopefully you remember what you learned in biology class about liver function.<\/p>\n

Fast forward to 2017 and we\u2019re still eliminating toxins from networks. Earlier this week, our TippingPoint 8400TX Threat Protection System was awarded the \u201cRecommended\u201d rating from NSS Labs. The 8400TX had an overall security effectiveness rating of 99.6% and an above average total cost of ownership (TCO) at $6 per protected Mbps. To learn more and to download the full report, click here<\/a>.<\/p>\n

Zero-Day Filters<\/strong><\/p>\n

There are 50 new zero-day filters covering 11 vendors in this week\u2019s Digital Vaccine (DV) package. A number of existing filters in this week\u2019s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and\/or optimize performance. You can browse the list of published advisories<\/a> and upcoming advisories<\/a> on the Zero Day Initiative<\/a> website. You can also follow the Zero Day Initiative on Twitter @thezdi<\/a> and on their blog<\/a>.<\/p>\n

Apple (6)<\/em><\/strong><\/p>\n\n\n\n\n
<\/td>\n\n
    \n
  • 29903: PWN2OWN ZDI-CAN-5340: Zero Day Initiative Vulnerability (Apple Safari)<\/li>\n
  • 29904: PWN2OWN ZDI-CAN-5344: Zero Day Initiative Vulnerability (Apple Safari)<\/li>\n
  • 29910: PWN2OWN ZDI-CAN-5352: Zero Day Initiative Vulnerability (Apple Safari)<\/li>\n
  • 29911: PWN2OWN ZDI-CAN-5353: Zero Day Initiative Vulnerability (Apple Safari)<\/li>\n
  • 29916: PWN2OWN ZDI-CAN-5366: Zero Day Initiative Vulnerability (Apple Safari)<\/li>\n
  • 29917: PWN2OWN ZDI-CAN-5342: Zero Day Initiative Vulnerability (Apple Safari)<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

Cisco (1)<\/em><\/strong><\/p>\n\n\n\n\n
<\/td>\n\n
    \n
  • 29880: HTTPS: Cisco Prime Collaboration Provisioning logconfigtracer Directory Traversal (ZDI-17-448)<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

Dell (1)<\/em><\/strong><\/p>\n\n\n\n\n
<\/td>\n\n
    \n
  • 29887: ZDI-CAN-5293: Zero Day Initiative Vulnerability (Dell EMC Storage Manager)<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

Delta (16)<\/em><\/strong><\/p>\n\n\n\n\n
<\/td>\n\n
    \n
  • 29861: ZDI-CAN-5265: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)<\/li>\n
  • 29862: ZDI-CAN-5266: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)<\/li>\n
  • 29863: ZDI-CAN-5267: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)<\/li>\n
  • 29864: ZDI-CAN-5268: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)<\/li>\n
  • 29867: ZDI-CAN-5269,5276: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)<\/li>\n
  • 29868: ZDI-CAN-5270: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)<\/li>\n
  • 29869: ZDI-CAN-5271: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)<\/li>\n
  • 29870: ZDI-CAN-5272: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)<\/li>\n
  • 29871: ZDI-CAN-5273: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)<\/li>\n
  • 29872: ZDI-CAN-5274: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)<\/li>\n
  • 29873: ZDI-CAN-5275: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)<\/li>\n
  • 29877: ZDI-CAN-5283: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)<\/li>\n
  • 29878: ZDI-CAN-5284: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)<\/li>\n
  • 29879: ZDI-CAN-5285: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)<\/li>\n
  • 29882: ZDI-CAN-5286: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)<\/li>\n
  • 29883: ZDI-CAN-5287: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

Foxit (6)<\/em><\/strong><\/p>\n\n\n\n\n
<\/td>\n\n
    \n
  • 29885: ZDI-CAN-5288: Zero Day Initiative Vulnerability (Foxit Reader)<\/li>\n
  • 29886: ZDI-CAN-5290: Zero Day Initiative Vulnerability (Foxit Reader)<\/li>\n
  • 29888: ZDI-CAN-5294: Zero Day Initiative Vulnerability (Foxit Reader)<\/li>\n
  • 29889: ZDI-CAN-5295: Zero Day Initiative Vulnerability (Foxit Reader)<\/li>\n
  • 29895: ZDI-CAN-5296: Zero Day Initiative Vulnerability (Foxit Reader)<\/li>\n
  • 29898: ZDI-CAN-5282: Zero Day Initiative Vulnerability (Foxit Reader)<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

Huawei (5)<\/em><\/strong><\/p>\n\n\n\n\n
<\/td>\n\n
    \n
  • 29905: PWN2OWN ZDI-CAN-5347: Zero Day Initiative Vulnerability (Huawei Browser)<\/li>\n
  • 29906: PWN2OWN ZDI-CAN-5348: Zero Day Initiative Vulnerability (Huawei Browser)<\/li>\n
  • 29907: PWN2OWN ZDI-CAN-5349: Zero Day Initiative Vulnerability (Huawei Browser)<\/li>\n
  • 29908: PWN2OWN ZDI-CAN-5350: Zero Day Initiative Vulnerability (Huawei Browser)<\/li>\n
  • 29909: PWN2OWN ZDI-CAN-5351: Zero Day Initiative Vulnerability (Huawei Browser)<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

Microsoft (2)<\/em><\/strong><\/p>\n\n\n\n\n
<\/td>\n\n
    \n
  • 29897: ZDI-CAN-5090: Zero Day Initiative Vulnerability (Microsoft Windows)<\/li>\n
  • 29900: ZDI-CAN-5242: Zero Day Initiative Vulnerability (Microsoft Chakra)<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

NetGain Systems (1)<\/em><\/strong><\/p>\n\n\n\n\n
<\/td>\n\n
    \n
  • 29896: ZDI-CAN-5080: Zero Day Initiative Vulnerability (NetGain Systems Enterprise Manager)<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

QNAP (4)<\/em><\/strong><\/p>\n\n\n\n\n
<\/td>\n\n
    \n
  • 29859: ZDI-CAN-5262: Zero Day Initiative Vulnerability (QNAP QTS)<\/li>\n
  • 29860: ZDI-CAN-5263: Zero Day Initiative Vulnerability (QNAP QTS)<\/li>\n
  • 29875: ZDI-CAN-5278,5280: Zero Day Initiative Vulnerability (QNAP QTS)<\/li>\n
  • 29876: ZDI-CAN-5279: Zero Day Initiative Vulnerability (QNAP QTS)<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

Samsung (5)<\/em><\/strong><\/p>\n\n\n\n\n
<\/td>\n\n
    \n
  • 29902: PWN2OWN ZDI-CAN-5332: Zero Day Initiative Vulnerability (Samsung Internet Browser)<\/li>\n
  • 29912: PWN2OWN ZDI-CAN-5355: Zero Day Initiative Vulnerability (Samsung Internet Browser)<\/li>\n
  • 29913: PWN2OWN ZDI-CAN-5356: Zero Day Initiative Vulnerability (Samsung Internet Browser)<\/li>\n
  • 29914: PWN2OWN ZDI-CAN-5361: Zero Day Initiative Vulnerability (Samsung Internet Browser)<\/li>\n
  • 29915: PWN2OWN ZDI-CAN-5365: Zero Day Initiative Vulnerability (Samsung Internet Browser)<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

Trend Micro (3)<\/em><\/strong><\/p>\n\n\n\n\n
<\/td>\n\n
    \n
  • 29782: HTTP: Trend Micro Control Manager Debug Level Authentication Bypass Vulnerability (ZDI-17-497)<\/li>\n
  • 29846: HTTP: Trend Micro Mobile Security for Enterprise query_user search_by SQL Injection (ZDI-17-771)<\/li>\n
  • 29858: ZDI-CAN-5234: Zero Day Initiative Vulnerability (Trend Micro Control Manager)<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

Missed Last Week\u2019s News?<\/strong><\/p>\n

Catch up on last week\u2019s news in my weekly recap<\/a>.<\/p>\n

http:\/\/feeds.trendmicro.com\/TrendMicroSimplySecurity<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Credit to Author: Elisa Lippincott (TippingPoint Global Product Marketing)| Date: Fri, 10 Nov 2017 14:36:42 +0000<\/strong><\/p>\n

\"\"I started a 14-day detox this week that eliminates common food allergens and hormones. It\u2019s going to be two weeks of no fun, but it\u2019s good to give your body a little reset. Plus, I\u2019ll be done just in time for the Thanksgiving holiday. Eliminating toxins from your body can be compared to eliminating threats…<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10378,10413],"tags":[10384,714,10415],"class_list":["post-10416","post","type-post","status-publish","format-standard","hentry","category-security","category-trendmicro","tag-network","tag-security","tag-zero-day-initiative"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/10416","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=10416"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/10416\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=10416"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=10416"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=10416"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}