Life is full of surprises. I’ve had my share of good and bad ones in this crazy life of mine, but nothing could have prepared me (as a 12-year-old girl) for the surprise I found when I walked in our backyard one summer evening in South Texas. My cat had just had a litter of kittens and I was going out back to check on them. Instead of finding four cute kittens with their mom, I found an injured cat and four kitten heads. That’s right. Four kitten heads…with no bodies attached. A few feet away, I found the culprit: a big opossum.
For those of you who don’t live in the Western Hemisphere, opossums are mammals in the marsupial infraclass of the animal kingdom, which also includes kangaroos, wallabies, and koalas. It turns out that they are survivors, resistant to snake venom and other toxins, and are considered nature’s “vacuum cleaner,” eating up nasty garden pests and ticks. Once he saw me, he “played possum,” pretending to be dead so that I wouldn’t harm him. Opossums are actually pretty convincing at playing dead when they’re threatened or harmed – their bodies emit a foul odor and even if you pick them up, they won’t move. In the end, my shovel and I made sure he was dead.
There has been news of late regarding the Angler exploit kit. It was spotted first in 2013 and has been one of the most dominant exploit kits used in malvertising and the spread of ransomware. However, on June 7, Angler seemed to vanish into thin air. It appears that those looking to infect systems with malware are turning to the Neutrino exploit kit. Some are attributing Angler’s demise to the recent arrest of a Russian gang that had been using Angler to distribute the Lurk banking Trojan. Others say it’s just taking a little vacation. At any rate, you shouldn’t let your guard down when it comes to the Angler exploit kit. For all we know, it’s just “playing possum.” You can learn how TippingPoint tackles Angler with machine learning by reading the solution brief: “TippingPoint Takes on Angler Exploit Kit with Machine Learning.”
Adobe Product Security Bulletins
This week’s Digital Vaccine (DV) package includes coverage for the Adobe Product Security Bulletins released on June 21, 2016. The following table maps Digital Vaccine filters to the Adobe Bulletins:
|Bulletin #||CVE #||Digital Vaccine Filter #||Status|
Webinar on Demand: “Secure Your Network Environments with TippingPoint”
Speakers: TJ Alldridge and Satinder Khasriya
The Trend Micro TippingPoint Threat Protection System (TPS) family offers comprehensive threat protection against known and zero-day attacks. View this webinar to see the many ways the TPS can be used to protect your environment against the latest threats as well as the old ones too. Click here to view: https://www.brighttalk.com/webcast/7479/210181
Missed Last Week’s News?
There is one new zero-day filter covering one vendor in this week’s Digital Vaccine (DV) package. A number of existing filters in this week’s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and/or optimize performance. You can browse the list of published advisories and upcoming advisories on the Zero Day Initiative website.
Updated Existing Zero-Day Filters
This section highlights specific filter(s) of interest in this week’s Digital Vaccine package that have been updated as a result of a vendor either issuing a patch for a vulnerability found via the Zero Day Initiative or a vulnerability that has been published by the Zero Day Initiative in accordance with its Disclosure Policy.
This week’s updated zero-day filter covers multiple vendors and covers vulnerabilities that allow remote attackers to execute arbitrary code on vulnerable installations of Apache ActiveMQ and Eclipse Jetty. Both Apache and Eclipse have issued updates to correct this vulnerability: