MS-ISAC Cyber Alert Level
The Current Cyber Alert Level is: Guarded
On May 13, 2008, the Cyber Alert Level is being raised from Green (Low) to Blue (Guarded) due to the Microsoft Security Bulletins that were released on May 13, 2008. We issued two Cyber Security Advisories, one for a vulnerability in the Microsoft Jet Database Engine (MS-ISAC Advisory 2008-018) and one for a vulnerability in Microsoft Word (MS-ISAC Advisory 2008-019). Organizations and users are encouraged to review the details outlined in these Advisories and apply the relevant patches and recommendations after appropriate testing. Other lines of defense include user awareness training regarding the threats posed by attachments and hypertext links contained in emails especially from un-trusted sources, and continuing to update antivirus signatures daily.
FS-ISAC Cyber Alert Levels
The Current Cyber Threat Advisory is: Guarded
The Current Physical Threat Advisory is: Elevated
IT-ISAC Cyber Alert Level
The Current Threat Level is: AlertCon 1
AlertCon 1 reflects the malicious, determined, global, 24 x 7 attacks experienced by all networks
DHS Threat Alert Level
The Current Threat Level is: Elevated
SANS Institute Info Con
Most Recent MSISAC Advisories
- Vulnerability in Microsoft Jet Database Engine Could Allow Remote Code Execution
- Vulnerabilities in Microsoft Word Could Allow Remote Code Execution
- Novell GroupWise Buffer Overflow Vulnerability
- Novell GroupWise Buffer Overflow Vulnerability
- Vulnerability in Microsoft Graphics Device Interface (GDI) Could Allow for Remote Code Execution
TOP ATTACKING IP ADDRESSES (WORLDWIDE)
| IP Address | Reports | Attacks | FirstSeen | LastSeen | ISP(Domain) | Country |
|---|---|---|---|---|---|---|
| 121.162.129.138 |
124,149 | 110,444 | 2008-04-16 | 2008-05-18 | Korea Telecom (Kornet.net) | Korea |
| 221.003.224.155 |
186,109 | 103,605 | 2008-04-15 | 2008-04-22 | Yuxi Hongta Tobacco (group)co. Ltd (-) | China |
| 222.141.066.091 |
260,459 | 96,225 | 2008-03-25 | 2008-05-15 | Cncgroup Henan Province Network (Gutzwiller.ch) | China |
| 212.005.208.157 |
186,268 | 93,325 | 2008-03-20 | 2008-05-15 | Nafta A.s. Gbely (-) | Croatia |
| 081.209.145.131 |
415,688 | 93,243 | 2008-03-08 | 2008-05-16 | Lncde-fnh-media (Fn2.de) | Germany |
| 217.098.102.037 |
160,023 | 91,667 | 2008-04-12 | 2008-05-15 | Fonbud Sp. Z O. O (217.in-addr.arpa) | Poland |
| 203.094.243.191 |
713,445 | 91,571 | 2007-08-16 | 2008-04-28 | Mahanagar Telephone Nigam Ltd. Isp Division New Delhi (-) | India |
| 059.106.022.156 |
102,381 | 91,352 | 2008-02-28 | 2008-04-27 | Sakura Internet Inc (Sakura.ad.jp) | Japan |
| 202.101.235.100 |
984,895 | 90,999 | 2007-11-28 | 2008-04-09 | Chinanet Jiangxi Province Network (163data.com.cn) | China |
| 069.010.139.130 |
162,159 | 90,516 | 2008-03-21 | 2008-04-12 | Rackforce Hosting Inc (Eatoni.com) | Canada |
TOP 10 PORTS UNDER ATTACK (WORLDWIDE)
| Port | Trend |
|---|---|
| 14560 |
10.291024500528 |
| 8206 |
8.583389741209 |
| 186 |
5.2725320786132 |
| 3399 |
4.7214962629564 |
| 62000 |
4.5887446370096 |
| 623 |
3.8339780199171 |
| 1492 |
3.6769299881061 |
| 1333 |
3.6666893933424 |
| 8888 |
3.3102017409389 |
| 3050 |
3.3050221714283 |
News Feeds
- Microsoft Security Bulletins
- Department of Homeland Security News
- Security Response Weblog
- Security Response Weblog
- Security Response Weblog
- Latest Security Advisories
- Security Response Weblog
- Sophos latest virus and spyware detection
- Sophos latest virus and spyware detection
- Sophos security news
- U.S. Fire Administration Critical Infrastructure Protection Infograms
-