TippingPoint Threat Intelligence and Zero-Day Coverage – Week of April 23, 2018

Credit to Author: Elisa Lippincott (TippingPoint Global Product Marketing)| Date: Fri, 27 Apr 2018 12:00:45 +0000

I was having dinner with friends recently and one of the newer members of the group asked me what I did for a living. I told him that I worked for a cybersecurity company and his reply was, “I don’t need to worry about security – I have a MacBook.” I thought that at any second, Rod Serling was going to rise from his grave and come tell me that I’m in the Twilight Zone. Sure, 25+ years ago, that could have been a little bit true, but just like Osgood Fielding III says in the last line of the movie Some Like it Hot, “Nobody’s perfect.”

It goes without saying that you need security regardless of the brand of your laptop. Many Apple vulnerabilities are submitted to the Zero Day Initiative all the time, and most recently, a MacOS backdoor detected by Trend Micro has ties to the OceanLotus cyber-espionage group. Phishing continues to be a huge problem for enterprises and consumers alike, so don’t cross over into the Twilight Zone – make sure you’re protected. For the gory details on the latest MacOS backdoor, you can read more here: https://blog.trendmicro.com/trendlabs-security-intelligence/new-macos-backdoor-linked-to-oceanlotus-found/. 

Zero-Day Filters

There are three new zero-day filters covering three vendors in this week’s Digital Vaccine (DV) package. A number of existing filters in this week’s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and/or optimize performance. You can browse the list of published advisories and upcoming advisories on the Zero Day Initiative website. You can also follow the Zero Day Initiative on Twitter @thezdi and on their blog.

Advantech (1)

  • 31281: HTTP: Advantech WebAccess Node chkLogin2 user SQL Injection Vulnerability (ZDI-18-143)

Sun (1)

  • 31184: HTTP: Sun Java Runtime AWT setDifflCM Stack Buffer Overflow Vulnerability (ZDI-09-078)

Symantec (1)

  • 31276: HTTPS: Symantec Backup Exec System Recovery Arbitrary File Upload Vulnerability (ZDI-08-003)

Missed Last Week’s News?

Catch up on last week’s news in my weekly recap.

The post TippingPoint Threat Intelligence and Zero-Day Coverage – Week of April 23, 2018 appeared first on .

http://feeds.trendmicro.com/TrendMicroSimplySecurity