Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: Back to green, but the exploits are still running wild - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Back to green, but the exploits are still running wild
Folks, as is our policy here at the Internet Storm Center, once we feel we've raised awareness of an issue by raising infocon to yellow, we move it back to green (otherwise, with the constant release of exploits of unpatched vulnerabilities, infocon would stay at a heightened level and become as meaningless as the DHS terrorist threat level).  Normally, we do this after 24 hours, but in this case, since we didn't raise infocon until Saturday, we felt we should wait until most folks had made it back to work on Monday before going back.  That doesn't mean that there is no more risk.  Quite to the contrary, until the vulnerabilities are patched, the risk remains high because we know there are many variants of the exploit in the wild as I type this.  There were even Metasploit modules released over the weekend, so it doesn't take much talent at this point to create a new exploit.  However, we feel that things have leveled off somewhat.  We've published pointers to the workarounds in Saturday's story, so there isn't much more that we can do at this point other than remain vigilant. I will be teaching next: Malware Reverse-Engineering Challenge - SANS Northern VA Fall- Reston 2019

Jim

407 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!