{"id":7833,"date":"2017-06-02T14:00:05","date_gmt":"2017-06-02T22:00:05","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/06\/02\/news-1615\/"},"modified":"2017-06-02T14:00:05","modified_gmt":"2017-06-02T22:00:05","slug":"news-1615","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2017\/06\/02\/news-1615\/","title":{"rendered":"TippingPoint Threat Intelligence and Zero-Day Coverage \u2013 Week of May 29, 2017"},"content":{"rendered":"

Credit to Author: Elisa Lippincott (TippingPoint Global Product Marketing)| Date: Fri, 02 Jun 2017 21:21:24 +0000<\/strong><\/p>\n

\"\"<\/p>\n

\u201cAnything that can go wrong will go wrong.\u201d It\u2019s not exactly clear how Murphy\u2019s Law originated, but it seems to always make an appearance at the one time you can\u2019t afford for anything to go wrong. Your laptop starts to malfunction right as you need to finish a project (this happened to yours truly earlier today) \u2013 your car breaks down the day you\u2019re about to leave for a trip \u2013 or in last weekend\u2019s case with British Airways, your entire IT system goes down on a holiday weekend, resulting in chaos and cancelled flights for tens of thousands of travelers at Heathrow and Gatwick airports. If you read my blog<\/a> from last week, I mentioned that I am usually suspicious of outages at large venues and will assume that someone has hacked something. It wouldn\u2019t be unreasonable for me to think that the British Airways outage was cybersecurity related.<\/p>\n

But as it turns out, the British Airways outage wasn\u2019t a cybersecurity incident at all. What caused it? Plain old human error \u2013 the result of an IT worker accidentally switching off the power supply. British Airways\u2019 parent company explained that as a result of the IT worker\u2019s actions, the supply of power to a key data center was lost, which ultimately resulted in an uncontrolled reboot of the system subsequently shut down the entire system. While British Airways will have to deal with fines related to the outage, at least they don\u2019t have to deal with cleaning up what could have been a massive cybersecurity incident. By the way, if you haven\u2019t had a chance to read it, you can read the recent white paper from the Zero Day Initiative that focuses on SCADA vulnerabilities here<\/a>.<\/p>\n

TippingPoint Security Management System (SMS) v4.6 Now Available!<\/strong><\/p>\n

Earlier this week, we released version 4.6.0 build 101914 of the TippingPoint Security Management System (SMS). SMS v4.6.0 is a general availability release that includes the following enhancements:<\/p>\n\n\n\n\n
<\/td>\n\n
    \n
  • Threat Insights and Enhanced SMS Web Management Interface: <\/em><\/strong>The SMS provides a new web-based interface in this release that provides at-a-glance insight into your network security status with Threat Insights. This aggregation portal correlates threat intelligence from NGIPS, vulnerability scans, and sandboxing – summarizing them in one place – helping to prioritize, automate, and consolidate network threat information. This redesigned and improved interface is HTML5 based and available for both desktop and mobile device access.<\/li>\n
  • Add Advanced Threat Analysis to Your Existing TippingPoint Deployment: <\/em><\/strong>Pre-filter and forward potential threats for automated sandbox analysis using the Trend Micro Analyzer appliance. Add on Trend Micro Analyzer centrally and scale as needed with no need to change your existing network infrastructure. View risk results directly from the integrated interface on the SMS. Advanced Threat Analysis requires Trend Micro Analyzer and the HTTP context feature available on TOS v3.7 or later on N\/NX-series NGIPS devices and TOS v4.2 or later on T-series IPS devices.<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

For a complete list of enhancements and changes, customers can refer to the product Release Notes. For Release Notes and other documentation, go to https:\/\/tmc.tippingpoint.com\/TMC\/<\/a>. For questions or technical assistance, customers can contact the TippingPoint Technical Assistance Center (TAC). For more information on SMS Threat Insights, click here<\/a>.<\/p>\n

Zero-Day Filters<\/strong><\/p>\n

There are 13 new zero-day filters covering one vendor in this week\u2019s Digital Vaccine (DV) package. A number of existing filters in this week\u2019s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and\/or optimize performance. You can browse the list of published advisories<\/a> and upcoming advisories<\/a> on the Zero Day Initiative<\/a> website.<\/p>\n

Foxit (13)<\/em><\/strong><\/p>\n\n\n\n\n
<\/td>\n\n
    \n
  • 28374: HTTP: Foxit Reader Link setAction Use-After-Free Vulnerability (ZDI-17-306)<\/li>\n
  • 28377: HTTP: Foxit Reader Field setAction Use-After-Free Vulnerability (ZDI-17-307)<\/li>\n
  • 28382: HTTP: Foxit Reader scroll Use-After-Free Vulnerability (ZDI-17-302)<\/li>\n
  • 28383: HTTP: Foxit Reader Field insertItemAt Use-After-Free Vulnerability (ZDI-17-303)<\/li>\n
  • 28384: HTTP: Foxit Reader spawnPageFromTemplate Use-After-Free Vulnerability (ZDI-17-304)<\/li>\n
  • 28386: HTTP: Foxit Reader Annotations arrowEnd Use-After-Free Vulnerability (ZDI-17-309)<\/li>\n
  • 28389: HTTP: Foxit Reader importAnXFDF Use-After-Free Vulnerability (ZDI-17-308)<\/li>\n
  • 28390: HTTP: Foxit Reader Annotations opacity Use-After-Free Vulnerability (ZDI-17-310)<\/li>\n
  • 28391: HTTP: Foxit Reader getURL Use-After-Free Vulnerability (ZDI-17-305)<\/li>\n
  • 28392: HTTP: Foxit Reader Annotations style Use-After-Free Vulnerability (ZDI-17-311)<\/li>\n
  • 28396: HTTP: Foxit Reader Annotations lock Use-After-Free Vulnerability (ZDI-17-312)<\/li>\n
  • 28454: HTTP: Foxit Reader buttonSetCaption Use-After-Free Vulnerability (ZDI-17-299)<\/li>\n
  • 28455: HTTP: Foxit Reader resetForm Use-After-Free Vulnerability (ZDI-17-300)\u00a0<\/em><\/strong><\/li>\n<\/ul>\n<\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

Missed Last Week\u2019s News?<\/strong><\/p>\n

Catch up on last week\u2019s news in my weekly recap<\/a>.<\/p>\n

http:\/\/feeds.trendmicro.com\/TrendMicroSimplySecurity<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Credit to Author: Elisa Lippincott (TippingPoint Global Product Marketing)| Date: Fri, 02 Jun 2017 21:21:24 +0000<\/strong><\/p>\n

\"\"\u201cAnything that can go wrong will go wrong.\u201d It\u2019s not exactly clear how Murphy\u2019s Law originated, but it seems to always make an appearance at the one time you can\u2019t afford for anything to go wrong. Your laptop starts to malfunction right as you need to finish a project (this happened to yours truly earlier…<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10378,10413],"tags":[10384,714,10415],"class_list":["post-7833","post","type-post","status-publish","format-standard","hentry","category-security","category-trendmicro","tag-network","tag-security","tag-zero-day-initiative"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/7833","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=7833"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/7833\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=7833"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=7833"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=7833"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}