• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Network   »   TippingPoint Threat Intelligence and Zero-Day Coverage – Week of July 10, 2017

TippingPoint Threat Intelligence and Zero-Day Coverage – Week of July 10, 2017

  • Posted on:July 14, 2017
  • Posted in:Network, Security, Zero Day Initiative
  • Posted by:
    Elisa Lippincott (Global Threat Communications)
0

Before the world of laptops, tablets and smart phones, some of us had to use paper-based solutions to keep track of our calendars and to-do lists. I used a Franklin Planner, where I kept track of my calendar as well as my never-ending to-do list. The Franklin Planner used the “ABC” system to help you prioritize your tasks. If you use Microsoft Outlook, you can see this same approach in the Tasks section where you can assign your items with a high, normal, or low priority.

If you have a large number of tasks on your plate, it’s a nice and easy way to prioritize what you need to work on first.

Now imagine using a Franklin planner to prioritize thousands of security events in your network every 30 seconds? It’s inconceivable! Even if you have an arsenal of security tools at your disposal, how do you determine what to focus on first? To help our customers make sense of what’s going on in their network, we recently announced SMS Threat Insights, a new feature in our TippingPoint Security Management System (SMS). SMS Threat Insights aggregates threat data from multiple sources and compiles it to help you prioritize security response measures, increase visibility into current and potential threats impacting your network, and provide insight into preemptive protection actions that may have already been taken. You can learn more about SMS Threat Insights from my blog: Not All Threats Are Created Equal. If you want to see SMS Threat Insights in action, get a quick demo here.

Microsoft Update

This week’s Digital Vaccine (DV) package includes coverage for Microsoft updates released on or before July 11, 2017. Microsoft released patches for Windows, Internet Explorer, Edge, Office, SharePoint, .NET Framework, Exchange, and HoloLens. A total of 19 of these CVEs are rated Critical. The following table maps Digital Vaccine filters to the Microsoft updates. You can get more detailed information on this month’s security updates from Dustin Childs’ July 2017 Security Update Review from the Zero Day Initiative:

CVE # Digital Vaccine Filter # Status
CVE-2017-0170 No Vendor Intelligence Provided
CVE-2017-0243 29051
CVE-2017-8463 No Vendor Intelligence Provided
CVE-2017-8467 No Vendor Intelligence Provided
CVE-2017-8486 No Vendor Intelligence Provided
CVE-2017-8495 No Vendor Intelligence Provided
CVE-2017-8501 No Vendor Intelligence Provided
CVE-2017-8502 No Vendor Intelligence Provided
CVE-2017-8556 No Vendor Intelligence Provided
CVE-2017-8557 No Vendor Intelligence Provided
CVE-2017-8559 No Vendor Intelligence Provided
CVE-2017-8560 No Vendor Intelligence Provided
CVE-2017-8561 No Vendor Intelligence Provided
CVE-2017-8562 No Vendor Intelligence Provided
CVE-2017-8563 No Vendor Intelligence Provided
CVE-2017-8564 No Vendor Intelligence Provided
CVE-2017-8565 No Vendor Intelligence Provided
CVE-2017-8566 No Vendor Intelligence Provided
CVE-2017-8569 No Vendor Intelligence Provided
CVE-2017-8570 No Vendor Intelligence Provided
CVE-2017-8573 No Vendor Intelligence Provided
CVE-2017-8574 No Vendor Intelligence Provided
CVE-2017-8577 29054
CVE-2017-8578 29055
CVE-2017-8580 Insufficient Vendor Information
CVE-2017-8581 No Vendor Intelligence Provided
CVE-2017-8582 No Vendor Intelligence Provided
CVE-2017-8584 No Vendor Intelligence Provided
CVE-2017-8585 No Vendor Intelligence Provided
CVE-2017-8587 No Vendor Intelligence Provided
CVE-2017-8588 No Vendor Intelligence Provided
CVE-2017-8589 No Vendor Intelligence Provided
CVE-2017-8590 No Vendor Intelligence Provided
CVE-2017-8592 29048
CVE-2017-8594 29046
CVE-2017-8595 No Vendor Intelligence Provided
CVE-2017-8596 No Vendor Intelligence Provided
CVE-2017-8598 29050
CVE-2017-8599 No Vendor Intelligence Provided
CVE-2017-8601 29047
CVE-2017-8602 No Vendor Intelligence Provided
CVE-2017-8603 No Vendor Intelligence Provided
CVE-2017-8604 No Vendor Intelligence Provided
CVE-2017-8605 29049
CVE-2017-8606 No Vendor Intelligence Provided
CVE-2017-8607 No Vendor Intelligence Provided
CVE-2017-8608 No Vendor Intelligence Provided
CVE-2017-8609 No Vendor Intelligence Provided
CVE-2017-8610 No Vendor Intelligence Provided
CVE-2017-8611 No Vendor Intelligence Provided
CVE-2017-8617 29056
CVE-2017-8618 29045
CVE-2017-8619 29057

 

End of Sale/End of Life Announcement for TippingPoint N-Series (S660N and S1400N)

Last week, we announced the end-of-sale (EOS) and end-of-life (EOL) dates for the TippingPoint N-Series solutions (S660N and S1400N). The last day to order the affected products is September 30, 2017 while quantities last. Customers with active maintenance contracts will continue to receive support from TippingPoint’s Technical Assistance Center (TAC) for five years after the end-of-sale date. Maintenance contracts can continue to be purchased to cover the five years of support following the end-of-sale date, however, they must be purchased during the first two years following the end-of-sale date as described in the table below. Maintenance contracts cannot be extend beyond the end-of-support date.

Impacted Product SKUs and Descriptions

Part Number (HP/Trend Micro) Device Description End of Sale Date
JC019A/TPNN0020 TippingPoint S660N Intrusion Prevention System September 30, 2017
JC020A/TPNN0023 TippingPoint S1400N Intrusion Prevention System September 30, 2017

 

Product End of Life Dates

Milestone Definition End of Sale Date
End of Sale Announcement The date on which Trend Micro announces the upcoming end of sale and end of support of a product. July 7, 2017
End of Sale (Appliance) The last date to order a product through Trend Micro point of sale. The product is removed from the price list after this date. September 30, 2017
End of Sale (Maintenance Renewals) The last date to order maintenance renewals. September 30, 2019
End of Support The last date that support calls will be accepted for the affected product. RMA’s will cease after this date. Digital Vaccine and ThreatDV updates will cease for the affected products after this date. September 30, 2022

 

We recommend that customers upgrade to the most current TippingPoint security platforms. At the time of this bulletin, the Threat Protection System (TPS) models 440T, 2200T and vTPS are the most comparable models to the 660N and 1400N. Contact your sales representative for more information:

  • TippingPoint 440T Threat Protection System (TPNN0002)
  • TippingPoint 2200T Threat Protection System (TPNN0005)
  • TippingPoint 2600NX Intrusion Prevention System (TPNN0048)
  • Virtual Threat Protection System (TPTN0060)

Customers with concerns or questions regarding this issue can contact the Trend Micro TippingPoint Technical Assistance Center (TAC).

Zero-Day Filters

There is one new zero-day filter covering one vendor in this week’s Digital Vaccine (DV) package. A number of existing filters in this week’s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and/or optimize performance. You can browse the list of published advisories and upcoming advisories on the Zero Day Initiative website.

Linksys (1)

  • 29060: ZDI-CAN-4892: Zero Day Initiative Vulnerability (Linksys WVBR0) 

Missed Last Week’s News?

Catch up on last week’s news in my weekly recap.

Related posts:

  1. TippingPoint Threat Intelligence and Zero-Day Coverage – Week of November 27, 2017
  2. TippingPoint Threat Intelligence and Zero-Day Coverage – Week of July 3, 2017
  3. TippingPoint Threat Intelligence and Zero-Day Coverage – Week of July 17, 2017
  4. TippingPoint Threat Intelligence and Zero-Day Coverage – Week of July 24, 2017

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Advanced Cloud-Native Container Security Added to Trend Micro's Cloud One Services Platform
  • Trend Micro Goes Global to Find Entrepreneurs Set to Unlock the Smart Connected World
  • Winners of Trend Micro Global Capture the Flag Demonstrate Excellence in Cybersecurity
  • Companies Leveraging AWS Well-Architected Reviews Now Benefit from Security Innovations from Trend Micro
  • Trend Micro Announces World's First Cloud-Native File Storage Security
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.