The Glider

Microsoft plans to issue seven security bulletins on Tuesday, May 8 to address a total of 23 security flaws in Windows and Office as well as the Silverlight and .......

A sixth person, Jeremy Hammond, has been added to the list of people being charged in connection with the LulzSec and Anonymous hacking groups.......

The UK Ministry of Defence's (MoD) head of cyber security told the Guardian that hackers managed to gain access to several top secret MoD systems.......

Hackers have launched a distributed denial-of-service (DDoS) attack against the website of the UK's Serious Online Crime Agency (SOCA).......

Mozilla is the first major US company to voice opposition to CISPA, the bill that recently passed in the US House of Representatives.......

Speaking at a cybersecurity symposium at the University of Rhode Island, US Congressman Jim Langevin (D-RI) called the Cyber Intelligence Sharing and Protection Act (CISPA) "a good-faith effort to come together in a first step towards better cybersecurity for our nation.......

Adobe released a critical patch for Flash Player addressing an object confusion vulnerability (CVE-2012-0779). If exploited, it could cause the application crash and potentially allow an attacker to take control of the system. The security bulletin is posted here and the update can be downloaded here.
Affected Software
- Windows, Macintosh and Linux version 11.2.202.233 and earlier

- Android 4.x version 11.1.115.7 and earlier

- Android 3.x and 2.x version 11.1.111.8 and earlier
[1] http://www.adobe.com/support/security/bulletins/apsb12-09.html

[2] http://get.adobe.com/flashplayer/
-----------
Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Overview
We have launched some new data collection projects relatively recently in addition to the original DShield project. What happens to all that data being collected? When there appears to be enough data to publicly release, the reports will likely be linked to from our Reports page at https://isc.sans.edu/reports.html. You can get there by clicking Data/Reports or its sub-menu Summary Page on the top-right menu. We've highlighted some of these projects in past Features but let's list them all out here.
Features
Data Collection - https://isc.sans.edu/reports.html#collect

This section was added recently as a central location to list new and existing data collection and reporting projects.

ISC/DShiled API - Click for previous feature diary coverage.
HTTP Headers - Project to find how many sites use security relevant headers. Read Jason Lam's diary on HTTP Headers.
404Project - Click for previous feature diary coverage.
Fake Call Tech Support Calls - Newly launched information collection form in response to understanding the growing number of cold-call Fake Tech Support Calls.

Top 10 Ports - https://isc.sans.edu/reports.html#top10ports

Summary table of the top 10 ports listed by Reports, Targets, Sources with link to Port Report Page at https://isc.sans.edu/portreport.html

Available on the ISC Dashboard.
Option on customization page once logged in.

World Map - https://isc.sans.edu/reports.html#worldmap

Graphics map of country statistics (This deserves more in-depth coverage in another feature diary...Stay Tuned!) with link to Country Report Page at https://isc.sans.edu/countryreport.html

Available on the ISC Dashboard.
Option on https://isc.sans.edu/customize.htmlisc.sans.edu/customize.html once logged in.
Available in the right column on the homepage.

Top Source IPs - https://isc.sans.edu/reports.html#top10source

Top 10 Source IPs as collected by DShield sensor listed with count, number of attacks, first seen and last seen with link to Top Sources Page at https://isc.sans.edu/sources.html

Available on the ISC Dashboard.
Option on customization page once logged in.

Additional Reports - https://isc.sans.edu/reports.html#additional

AS Reports - DShield data by ASN information
Country Reports - Dshield data by Country information
Survival Time - calculated as the average time between reports for an average target IP address
Trends of Ports - attempt to put a number to the increase in activity for a given port. Also available on the Dashboard and right column of the homepage.
Daily Data Volume (Submissions/day) - Summaries with graph, table and criteria form


Post suggestions or comments in the section below or send us any questions or comments in the contact form on https://isc.sans.edu/contact.html#contact-form

--

Adam Swanger, Web Developer (GWEB, GWAPT)

Internet Storm Center - https://isc.sans.edu
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Post suggestions or comments in the section below or send us any questions or comments in the contact form on https://isc.sans.edu/contact.html#contact-form

--

Adam Swanger, Web Developer (GWEB, GWAPT)

Internet Storm Center https://isc.sans.edu
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.