Last Updated: 2012-05-04 20:50:24 UTC
by Guy Bruneau (Version: 1)
Adobe released a critical patch for Flash Player addressing an object confusion vulnerability (CVE-2012-0779). If exploited, it could cause the application crash and potentially allow an attacker to take control of the system. The security bulletin is posted here and the update can be downloaded here.
- Windows, Macintosh and Linux version 184.108.40.206 and earlier
- Android 4.x version 220.127.116.11 and earlier
- Android 3.x and 2.x version 18.104.22.168 and earlier
Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu
Last Updated: 2012-05-04 16:07:32 UTC
by Adam Swanger (Version: 1)
We have launched some new data collection projects relatively recently in addition to the original DShield project. What happens to all that data being collected? When there appears to be enough data to publicly release, the reports will likely be linked to from our Reports page at https://isc.sans.edu/reports.html. You can get there by clicking Data/Reports or its sub-menu Summary Page on the top-right menu. We've highlighted some of these projects in past Features but let's list them all out here.
Data Collection - https://isc.sans.edu/reports.html#collect
This section was added recently as a central location to list new and existing data collection and reporting projects.
- ISC/DShield API - Click for previous feature diary coverage.
- HTTP Headers - Project to find how many sites use security relevant headers. Read Jason Lam's diary on HTTP Headers.
- 404Project - Click for previous feature diary coverage.
- Fake Call Tech Support Calls - Newly launched information collection form in response to understanding the growing number of cold-call Fake Tech Support Calls.
World Map - https://isc.sans.edu/reports.html#worldmap
Graphics map of country statistics (This deserves more in-depth coverage in another feature diary...Stay Tuned!) with link to Country Report Page at https://isc.sans.edu/countryreport.html
- Available on the ISC Dashboard.
- Option on https://isc.sans.edu/customize.htmlisc.sans.edu/customize.html once logged in.
- Available in the right column on the homepage.
Top Source IPs - https://isc.sans.edu/reports.html#top10source
Top 10 Source IPs as collected by DShield sensor listed with count, number of attacks, first seen and last seen with link to Top Sources Page at https://isc.sans.edu/sources.html
Additional Reports - https://isc.sans.edu/reports.html#additional
- AS Reports - DShield data by ASN information
- Country Reports - Dshield data by Country information
- Survival Time - calculated as the average time between reports for an average target IP address
- Trends of Ports - attempt to put a number to the increase in activity for a given port. Also available on the Dashboard and right column of the homepage.
- Daily Data Volume (Submissions/day) - Summaries with graph, table and criteria form
Post suggestions or comments in the section below or send us any questions or comments in the contact form on https://isc.sans.edu/contact.html#contact-form
Adam Swanger, Web Developer (GWEB, GWAPT)
Internet Storm Center - https://isc.sans.edu