Back in 2005, there were a number of us in a conference room in Austin, Texas working to determine how we would structure it, what we would name it, and how to deal with the potential backlash that would come after we announced it. What is it? I’m referring to our Zero Day Initiative. It’s been a long journey for the team working to gain the trust of not only vendors in various industries, but also the security researcher community. By promoting responsible disclosure of vulnerabilities, the Zero Day Initiative (ZDI) has grown to become a significant influencer on the importance of security in the product development lifecycle and a deterrent to the black market.
In addition to being the largest bug bounty program in the world, the ZDI is also the leader in global vulnerability research and discovery. Frost & Sullivan’s report, “Analysis of the Global Public Vulnerability Research Market, 2017,” highlights the vulnerability landscape and the key public vulnerability reporting agencies. Out of the 1,522 vulnerabilities counted in the report, the ZDI publicly disclosed 66.3% of them! For more information on ZDI and statistics from the report, download this infographic.
Adobe Security Update
This week’s Digital Vaccine (DV) package includes coverage for Adobe updates released on or before March 13, 2018. The following table maps Digital Vaccine filters to the Adobe updates. You can get more detailed information on this month’s security updates from Dustin Childs’ March 2018 Security Update Review from the Zero Day Initiative:
Bulletin # | CVE # | Digital Vaccine Filter # | Status
APSB18-05 | CVE-2018-4919 | 30701 |
APSB18-05 | CVE-2018-4920 | 30699 |
Planned Maintenance Window
The Trend Micro TippingPoint Threat Management Center (TMC) web site (<https://tmc.tippingpoint.com>) will be undergoing maintenance on the following date and time:
Date | From | To
Sunday, April 8, 2018 | 9:00AM (CDT) | 10:00AM (CDT)
2:00PM (UTC) | 3:00PM (UTC)
During the maintenance window, the Security Management System (SMS), Intrusion Prevention System (IPS), Next Generation Firewall (NGFW) and Threat Protection System (TPS) connectivity to the TMC will be disrupted, thus preventing the Digital Vaccine (DV), Threat Digital Vaccine (ThreatDV), Reputation Security Monitor (RepSM) and TippingPoint Operating System (TOS) updates from occurring. Customers with any questions or concerns can contact the TippingPoint Technical Assistance Center.
There are 22 new zero-day filters covering 10 vendors in this week’s Digital Vaccine (DV) package. A number of existing filters in this week’s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and/or optimize performance. You can browse the list of published advisories and upcoming advisories on the Zero Day Initiative website. You can also follow the Zero Day Initiative on Twitter @thezdi and on their blog.
Hewlett Packard Enterprise (2)
Schneider Electric (4)
Trend Micro (1)
Missed Last Week’s News?
Catch up on last week’s news in my weekly recap.
The post TippingPoint Threat Intelligence and Zero-Day Coverage – Week of March 19, 2018 appeared first on .