{"id":10572,"date":"2017-11-22T07:00:03","date_gmt":"2017-11-22T15:00:03","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/11\/22\/news-4344\/"},"modified":"2017-11-22T07:00:03","modified_gmt":"2017-11-22T15:00:03","slug":"news-4344","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2017\/11\/22\/news-4344\/","title":{"rendered":"TippingPoint Threat Intelligence and Zero-Day Coverage \u2013 Week of November 20, 2017"},"content":{"rendered":"

Credit to Author: Elisa Lippincott (TippingPoint Global Product Marketing)| Date: Wed, 22 Nov 2017 14:10:15 +0000<\/strong><\/p>\n

\"\"<\/p>\n

It\u2019s that time of year again, when many will gather with their families, eat way too much, and catch those crazy Black Friday sales. I\u2019ve been seeing \u201cBlack Friday\u201d sales for almost two weeks now. Cyber Monday, which falls on the Monday after the U.S. Thanksgiving holiday, is probably going to be coupled with news of increased identity theft incidents.<\/p>\n

I\u2019ve said it before and I\u2019ll say it again: if you choose to skip Black Friday and wait for Cyber Monday, be on the lookout for great deals you learn about via email or social media (don\u2019t click the links!). Don\u2019t use free public Wi-Fi to make purchases; and make sure sites you visit are secure (HTTPS) and have a valid encryption certificate. If you\u2019re using your mobile phone, make sure you download apps from official app marketplaces or use a retailer\u2019s actual URL. I hope you all have a safe and Happy Thanksgiving!<\/p>\n

Adobe Security Update<\/strong><\/p>\n

This week\u2019s Digital Vaccine\u00ae (DV) package includes coverage for Adobe updates released on or before November 14, 2017. The following table maps Digital Vaccine filters to the Adobe updates. Filters marked with an asterisk (*) shipped prior to this DV package, providing preemptive zero-day protection for customers. You can get more detailed information on this month\u2019s security updates from Dustin Childs\u2019 November 2017 Security Update Review<\/a> from the Zero Day Initiative:<\/p>\n

\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
Bulletin #<\/strong><\/td>\nCVE #<\/strong><\/td>\nDigital Vaccine Filter #<\/strong><\/td>\nStatus<\/strong><\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16360<\/td>\n29994<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16361<\/td>\n29999<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16362<\/td>\n30030<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16363<\/td>\n30023<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16364<\/td>\n30006<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16365<\/td>\n30027<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16366<\/td>\n30019<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16367<\/td>\n30014<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16368<\/td>\n30015<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16369<\/td>\n*28924<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16370<\/td>\n29996<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16371<\/td>\n30001<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16372<\/td>\n30004<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16373<\/td>\n30039<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16374<\/td>\n30044<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16375<\/td>\n30043<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16376<\/td>\n<\/td>\nVendor Deemed Reproducibility or Exploitation Unlikely<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16377<\/td>\n<\/td>\nVendor Deemed Reproducibility or Exploitation Unlikely<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16378<\/td>\n<\/td>\nVendor Deemed Reproducibility or Exploitation Unlikely<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16379<\/td>\n<\/td>\nVendor Deemed Reproducibility or Exploitation Unlikely<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16380<\/td>\n<\/td>\nVendor Deemed Reproducibility or Exploitation Unlikely<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16381<\/td>\n*29639<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16382<\/td>\n*29638<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16383<\/td>\n*29637<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16384<\/td>\n*29636<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16385<\/td>\n*29635<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16386<\/td>\n*29584<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16387<\/td>\n*29484<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16388<\/td>\n30040<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16389<\/td>\n30041<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16390<\/td>\n29998<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16391<\/td>\n30003<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16392<\/td>\n30002<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16393<\/td>\n30005<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16394<\/td>\n30035<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16395<\/td>\n30037<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16396<\/td>\n30032<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16397<\/td>\n30000<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16398<\/td>\n29995<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16399<\/td>\n29997<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16400<\/td>\n*29852<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16401<\/td>\n*29851<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16402<\/td>\n*29853<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16403<\/td>\n*29833<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16404<\/td>\n*29850<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16405<\/td>\n30038<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16406<\/td>\n30042<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16407<\/td>\n30045<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16408<\/td>\n30034<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16409<\/td>\n30036<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16410<\/td>\n30024<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16411<\/td>\n30021<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16412<\/td>\n30020<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16413<\/td>\n30018<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16414<\/td>\n30016<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16415<\/td>\n30025<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16416<\/td>\n30007<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16417<\/td>\n30013<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16418<\/td>\n30017<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16419<\/td>\n30022<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-16420<\/td>\n30026<\/td>\n<\/td>\n<\/tr>\n
APSB17-36<\/td>\nCVE-2017-11293<\/td>\n<\/td>\nVendor Deemed Reproducibility or Exploitation Unlikely<\/td>\n<\/tr>\n
APSB17-33<\/td>\nCVE-2017-3112<\/td>\n30008<\/td>\n<\/td>\n<\/tr>\n
APSB17-33<\/td>\nCVE-2017-3114<\/td>\n30009<\/td>\n<\/td>\n<\/tr>\n
APSB17-33<\/td>\nCVE-2017-11213<\/td>\n30010<\/td>\n<\/td>\n<\/tr>\n
APSB17-33<\/td>\nCVE-2017-11215<\/td>\n30011<\/td>\n<\/td>\n<\/tr>\n
APSB17-33<\/td>\nCVE-2017-11225<\/td>\n30012<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/div>\n

 <\/p>\n

Zero-Day Filters<\/strong><\/p>\n

There are no new zero-day filters in this week\u2019s Digital Vaccine (DV) package. A number of existing filters in this week\u2019s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and\/or optimize performance. You can browse the list of published advisories<\/a> and upcoming advisories<\/a> on the Zero Day Initiative<\/a> website. You can also follow the Zero Day Initiative on Twitter @thezdi<\/a> and on their blog<\/a>.<\/p>\n

Missed Last Week\u2019s News?<\/strong><\/p>\n

Catch up on last week\u2019s news in my weekly recap<\/a>.<\/p>\n

http:\/\/feeds.trendmicro.com\/TrendMicroSimplySecurity<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Credit to Author: Elisa Lippincott (TippingPoint Global Product Marketing)| Date: Wed, 22 Nov 2017 14:10:15 +0000<\/strong><\/p>\n

\"\"It\u2019s that time of year again, when many will gather with their families, eat way too much, and catch those crazy Black Friday sales. I\u2019ve been seeing \u201cBlack Friday\u201d sales for almost two weeks now. Cyber Monday, which falls on the Monday after the U.S. Thanksgiving holiday, is probably going to be coupled with news…<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10378,10413],"tags":[10384,714,10415],"class_list":["post-10572","post","type-post","status-publish","format-standard","hentry","category-security","category-trendmicro","tag-network","tag-security","tag-zero-day-initiative"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/10572","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=10572"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/10572\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=10572"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=10572"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=10572"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}