Login   |   Secure Purdue > News

STEAM-CIRT Summary & Trends for January 2008

Monthly Summary and Trends

The STEAM-CIRT saw a significant increase of 56% in the total number of events reported in January
compared to December. Investigable events also experienced a significant raise of 66% from December.
Furthermore, classified incidents jumped by 71%. Compared to the same month last year, classified IT
incidents are 93% higher.

In January, the STEAM-CIRT posted two advisories regarding multiple cross-site scripting vulnerabilities in
Adobe Flash and multiple vulnerabilities in Xserver. Also, three handler’s log entries were published which
described a new storm worm variant, new phishing attacks and Quicktime vulnerabilities. Both the advisory
and handler’s log entry can be found on the STEAM News section of the Secure Purdue website.

STEAM-ADVISORY NO. 2008011401 – Critical Vulnerabilities in Adobe Flash Content May Lead to
Cross-Site Scripting (XSS) Attacks
http://www.purdue.edu/securepurdue/steam/newsDetail.cfm?NewsID=191

STEAM-ADVISORY NO. 2008012301 – Multiple Xserver and XInput Vulnerabilities
http://www.purdue.edu/securepurdue/steam/newsDetail.cfm?NewsID=193

Posted by William Harshbarger on March 12, 2008, in Handlers Log.