June 2006 Summary & Trends
As expected, the continued decrease of event reports and IT Incidents continued through the month of June, despite the release of several exploits for critical Microsoft vulnerabilities.
Most notable this month were two advisories from Microsoft for remote execution vulnerabilities in the Word and PowerPoint applications, both part of the MS Office Suite. The Internet Storm Center that this PowerPoint vulnerability was being used to target specific organizations for attack. The publication of these vulnerabilities is likely to draw security researchers and hackers alike to finding and using further exploits against common office tools.
As predicted in the previous month’s report, the number of classified IT Incidents has continued to fall from an all-time high of 87 in May to 22 in June. Activity in May was largely due to a high number of spam reports from users and not indicative of an increase in general attacks.
Finally, in the previous month's report it was mentioned that the STEAM-CIRT expected that the number of IT Incidents would continue to fall throughout the summer. Data collected for June reflects this in the number of classified IT Incidents, which is just over half (22) the number of classified IT Incidents for the month of April (87). Please note that the number of classified IT Incidents differs in meaning from the number of investigable events. It is expected that this number will remain steady in July, and start to rise again in August due to the start of the Fall 2006 academic semester.
Posted by Addam Schroll on July 25, 2006, in Handlers Log.