TippingPoint Threat Intelligence and Zero-Day Coverage – Week of August 28, 2017

Credit to Author: Elisa Lippincott (TippingPoint Global Product Marketing)| Date: Fri, 01 Sep 2017 13:25:14 +0000

The only topic I can bring up this week is the devastation in Texas caused by Hurricane Harvey. Many cities have been completely destroyed and to add insult to injury, Harvey moved back to the Gulf of Mexico and made landfall again in Louisiana. Catastrophic flooding has left tens of thousands without their homes and most major highways impassable. I have several family members that are dealing with the after effects of this storm along the Texas coast. It’s the worst feeling in the world when you want to help, but all you can do is watch from the sidelines. There’s nothing worse than texting your immediate family at 3am to make sure they’re alive and not flooded out of their house.

I’ve lived in Austin, Texas for almost 18 years, but Houston is my home. I was born there, attended college there, and have several family members and even more friends in the area. Harvey may have destroyed homes but it can’t destroy the spirit of Houston. All I can ask for at this point is to find it in your heart to make a small donation to the charity of your choice to help those who will have a long road ahead of them to rebuild their lives after this catastrophe. Or do something to help first responders who are rescuing others while they deal with the effects of Harvey at home. This native Houstonian thanks you for your generosity.

Mobile Pwn2Own

Earlier this week, the Zero Day Initiative (ZDI) announced the sixth annual Mobile Pwn2Own competition, which returns to the PacSec conference in Tokyo on November 1-2, 2017. There is more than $500,000 USD available in the prize pool, and we’re giving add-on bonuses for exploits that meet a higher bar of difficulty. This year’s contest will target the Apple iPhone 7, the Google Pixel, the Samsung Galaxy S8, and the Huawei Mate9 Pro handsets. One category has researchers targeting the web browsers on the phones. The second category involves attacks happening over Bluetooth, NFC or WiFi. The third category will have attacks demonstrated by viewing or receiving MMS or SMS messages. The final category will cover attacks where the target device communicates with a rogue base station. Full details about the event can be here on the ZDI blog. Follow ZDI on Twitter for the latest news and information.

Trend Micro Business Support Portal (BSP)

Trend Micro TippingPoint has completed the migration over to the Trend Micro Business Support Portal (BSP). The Trend Micro BSP enhances case management and collaboration by guiding customers to product specific solutions, self-help and technical assistance. Customers can access the BSP from the Threat Management Center (TMC) website by looking under Support→Business Support Portal (BSP) or directly by accessing this URL: https://success.trendmicro.com/sign-in.

Any Trend Micro TippingPoint customer contact who has created a case in the past two years will be automatically enabled for the new support portal (BSP). You can expect to receive an email from Trend Micro Technical Support within the next 72 hours with the relevant information. If you are unable to locate this email, please check your spam folders. The email will have the subject line of “Welcome to Trend Micro Business Support!” Please note that if you did not receive the email within 72 hours, you can register for the portal directly. You will need to have a current Trend Micro TippingPoint device certificate number (CERT) to complete your registration process. If you need assistance finding your CERT number, you can contact Trend Micro TippingPoint Technical Assistance Center (TAC) for additional information. Customers in Japan will migrate to the BSP in late November.

Zero-Day Filters

There are four new zero-day filters covering three vendors in this week’s Digital Vaccine (DV) package. A number of existing filters in this week’s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and/or optimize performance. You can browse the list of published advisories and upcoming advisories on the Zero Day Initiative website.

Adobe (1)

  • 29484: ZDI-CAN-4972: Zero Day Initiative Vulnerability (Adobe Acrobat Reader DC)

Dell (1)

  • 29421: HTTPS: Dell Storage Manager EmWebsiteServlet Directory Traversal Vulnerability (ZDI-17-523)

Trend Micro (2)

  • 29422: HTTPS: Trend Micro OfficeScan Proxy Command Injection Vulnerability (ZDI-17-521, ZDI-17-522)
  • 29447: HTTP: Trend Micro InterScan Web Security ConfigBackup Download System Backup (ZDI-17-227)

Missed Last Week’s News?

Catch up on last week’s news in my weekly recap.

http://feeds.trendmicro.com/TrendMicroSimplySecurity