Channel: CodeSection,代码区,网络安全 - CodeSec
Viewing all articles
Browse latest Browse all 12749

TippingPoint Threat Intelligence and Zero-Day Coverage Week of August 29, 201 ...


Earlier this week, the entertainment world lost Gene Wilder, one of the most talented comedians and screenwriters in the business. While many will remember him for his work in the movies Willy Wonka and the Chocolate Factory and Young Frankenstein , it was his work portraying Leo Bloom in The Producers (1967 version) that I really appreciated. If you’re not familiar with the plot, Max Bialystock is a washed-up Broadway producer who romances wealthy elderly women to secure money for his plays. Leo Bloom is an accountant who was hired to do Max’s books. Leo discovers a $2,000 discrepancy in the accounts of Max’s last play and Max asks Leo to hide it. Leo realizes that more money can be made with a flop than a hit show by overselling shares in the play because no one will audit the books of a play that loses money. They go in together to produce a bad play (a musical about Adolf Hitler) and oversell shares on a big scale, knowing that the topic of their play will surely result in the play closing on opening night. Long story short…it’s a hit, much to Max’s and Leo’s surprise and ultimate imprisonment.

When it comes to our Zero Day Initiative (ZDI), there is definitely no mistake when it comes to crunching our disclosure numbers. On Monday, August 29, we hit 500 published advisories to date for 2016. To give you a little more perspective, we had a total of 666 public disclosures for all of 2015, which was a record year for us. As of this week, the ZDI has an additional 213 advisories pending public disclosure, which would be more than enough to break our record. Congratulations to Trend Micro, TippingPoint and the ZDI on a great year so far. For the latest news and insight from the ZDI, follow the team on Twitter at https://twitter.com/thezdi .

TippingPoint Threat Management Center (TMC)/ThreatLinQ Migration Window

As part of our separation from Hewlett Packard Enterprise, Trend Micro TippingPoint will be migrating the Threat Management Center (TMC) and ThreatLinQ web sites during the following dates and times.

From Time To Time Saturday, October 15, 2016 8:00 AM (CDT) Sunday, October 16, 2016 8:00 AM (CDT) Saturday, October 15, 2016 1:00 PM (UTC) Sunday, October 16, 2016 1:00 PM (UTC)

During the migration window, the Security Management System (SMS), Intrusion Prevention System (IPS), Next Generation Firewall (NGFW), Threat Protection System (TPS) and ArcSight Enterprise Security Manager (ESM) connectivity to the TMC may be intermittently disrupted, thus preventing the Digital Vaccine (DV), Threat Digital Vaccine (ThreatDV), Reputation Security Monitor (RepSM) and TippingPoint Operating System (TOS) updates from occurring.

Important Note for customers with specific firewall rules for accessing the TMC : By default, TippingPoint devices are configured to use DNS resolution in order to reach the TMC. As we are moving into a new environment, the IP address currently used by TMC will change. Additionally, going forward, the resolved IP address may change without notice. As long as DNS services are available to your local deployment, this move and behavior change will not impact your ability to access TMC. If you have added specific firewall rules to manage TMC connectivity, we advise that they be reviewed to ensure this new behavior will not impact the ability for your TippingPoint deployment to communicate with TMC.

Following the migration, the login process for the websites will change. Additional information and instructions for accessing the new sites will be provided in a future announcement prior to the migration. We appreciate your patience during the migration window. Customers with any questions or concerns can contact the TippingPoint Technical Assistance Center (TAC).

Mobile Pwn2Own 2016

Get ready! The Zero Day Initiative will be running Mobile Pwn2Own later this year at the PacSec 2016 Conference in Tokyo. More details to follow! Make sure to follow the Zero Day Initiative on Twitter for the latest news!

Zero-Day Filters

There are nine new zero-day filters covering three vendors in this week’s Digital Vaccine (DV) package. A number of existing filters in this week’s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and/or optimize performance. You can browse the list of published advisories and upcoming advisories on the Zero Day Initiative website.

Adobe (6) 34146: ZDI-CAN-3841: Zero Day Initiative Vulnerability (Adobe Acrobat Reader DC) 34147: ZDI-CAN-3842: Zero Day Initiative Vulnerability (Adobe Acrobat Reader DC) 34148: ZDI-CAN-3845: Zero Day Initiative Vulnerability (Adobe Acrobat Reader DC) 34151: ZDI-CAN-3846: Zero Day Initiative Vulnerability (Adobe Acrobat Reader DC) 34155: ZDI-CAN-3847: Zero Day Initiative Vulnerability (Adobe Flash) 34157: ZDI-CAN-3848: Zero Day Initiative Vulnerability (Adobe Flash) Trend Micro (1) 34131: HTTP: Trend Micro Control Manager task_controller Information Disclosure Vulnerability (ZDI-16-462) Trihedral (2) 32388: HTTP: Trihedral VTScada WAP Filter Bypass Vulnerability (ZDI-16-404) 34145: HTTP: Trihedral VTScada WAP Out-Of-Bounds Indexing Vulnerability (ZDI-16-405) Removed Zero-Day Filters

A small number of pre-disclose filters have been removed in this week’s DV package. In certain rare cases, the TippingPoint DVLabs team provides zero-day filter coverage for vulnerabilities that may become irrelevant over time, are duplicated in other DV filters, or are no longer contractually viable via our Zero Day Initiative methodology and vendor agreement policy. Customers with any concerns or questions can contact TippingPoint support.

Missed Last Week’s News?

Catch up on last week’s news in myweekly recap.

Viewing all articles
Browse latest Browse all 12749

Latest Images

Trending Articles

Latest Images