Skip to content

Home Early Warning System EWS Activity
EWS Activity

 

In the past twelve (12) months from October 2017 till September 2018 inclusive, there has been an“average” activity of just above four (4) advisories and just above one (1) issue per week, as collected by the Early Warning System function of MOCERT.

The Internet threat signal has been raised seven (7) times over the course of October 2017 till September 2018 to YELLOW-CAUTIOUS level, requesting computer users to be cautious about the websites and files they access from the Internet.

Below are the monthly reports in reverse chronological order:

September 2018, “Normal” Level. Microsoft, Apple, and Adobe released regular patch update as usual. Although a set of 0-days were uncovered in this month, there was no report of the vulnerabilities being exploited in the wild. The signal for this month stayed "Normal" GREEN signal.

August 2018, “Cautious” Level. Adobe security updates came out more often this month. Microsoft released its regular patch update as usual. From the week 24th of August, the threat level was raised to "Cautious" owing to disclosure of a new critical vulnerability in Apache Struts and an 0-day Microsoft Windows Task Scheduler vulnerability.

July 2018, “Normal” Level. Oracle released quarterly critical patch updates which contains 334 new security fixes. Adobe released security updates for Adobe Flash Player, Adobe Experience Manager, Adobe Connect, and Adobe Acrobat and Reader. Apple and Microsoft released their regular patch update as usual.

May 2018, “Normal” Level. A relatively normal amount of patches to vulnerabilities were reported this month. Two 0-days(EFail and JScript Error Object Use-After-Free) were uncovered this month, but there was no report of the vulnerabilities being exploited in the wild.

April 2018, the threat level has been raised to“Cautious” from the week 22nd of April. A new IE 0-days exploit has seen exploited in the wild and is being spread in Microsoft Office documents that include a malicious Web page. Besides, Oracle has published its Critical Patch Updates this month while Adobe, Apple, and Microsoft released regular patch update as usual.

March 2018, “Normal” Level. Firefox and Chrome security updates came out more often in this month. Microsoft and Adobe also released a normal amount of security patches. The threat level stayed at “Normal" throughout the month.

February 2018, “Normal” Level. Adobe security updates came out more often in this month while Apple and Microsoft released regular patch update as usual. There were no significant events that warranted a raising of the signal.

January 2018, the “Cautious” signal held the first half of this month due to two critical CPU vulnerabilities called Meltdown and Spectre. Nearly all modern computer processors are affected. These flaws could allow hackers to steal stored data on desktops, laptops, smartphones and cloud networks. Most vendors released patches for these vulnerabilities soon and security researchers also released POC exploit code.

December 2017, “Normal” Level. Apple security patches came out more often in this month. Microsoft and Adobe released a normal amount of security patches. The threat level stayed at “Normal" throughout the month.

November 2017, “Normal” Level. A normal amount of patches to vulnerabilities were reported this month. No significant events that warranted a raising of the signal.

October 2017, "Cautious" Level. Although a normal amount of patches to vulnerabilities were reported in this month, in the second half of October, the threat level was raised to“Cautious”owing to disclosure of an 0-day Apache Solr vulnerability and the key reinstallation attacks against WPA2 protocol.

 
[YOUR IP : 54.162.118.107: 37858] ...   [YOUR BROWSER: CCBot/2.0 (https://commoncrawl.org/faq/)] ...