TippingPoint Threat Intelligence and Zero-Day Coverage – Week of December 4, 2017
Credit to Author: Elisa Lippincott (TippingPoint Global Product Marketing)| Date: Fri, 08 Dec 2017 14:45:44 +0000
It snowed in Austin, Texas last night. It’s not a big deal for those of you who live in areas where you’re used to snow, but for those of us who are native Texans, it’s a big deal. Funny enough, I had scheduled a maintenance appointment for later today to make sure our heater is in working order. I’m thankful that the heater was working last night, but what if it wasn’t? No one likes to be dealing with an emergency house issue in the middle of the night, and if you’re in cyber security, I know you don’t like dealing with a security issue that’s impacting your network and your sleep schedule. Everyone knows that they need to make sure their systems are patched in a timely manner, but it can be a complicated process for those in larger organizations. And if the predictions come true, 2018 is going to put a big spotlight on patch management.
Earlier this week, Trend Micro published their annual security predictions report for 2018. Covering eight areas, the predictions highlight a wide range of issues – with the underlying theme that 2018’s biggest attacks will originate from known vulnerabilities. We saw a number of big threats this year that had known vulnerabilities behind them: WannaCry, SMB vulnerabilities – just to name a few. With shortages in security staffing and complicated networks to deal with, patching systems in a timely manner can tend to fall by the wayside, and attackers will look to take advantage of that fact in the coming year. To learn more and access the complete report, “Paradigm Shifts: Trend Micro Security Predictions for 2018,” please click here.
Zero-Day Filters
There are three new zero-day filters from one vendor in this week’s Digital Vaccine (DV) package. A number of existing filters in this week’s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and/or optimize performance. You can browse the list of published advisories and upcoming advisories on the Zero Day Initiative website. You can also follow the Zero Day Initiative on Twitter @thezdi and on their blog.
Adobe (3)
• 29940: ZDI-CAN-5146: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
• 29941: ZDI-CAN-5147: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
• 29942: ZDI-CAN-5148: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
Missed Last Week’s News?
Catch up on last week’s news in my weekly recap.