Back in the green...
Back to InfoCon Green

As Johannes mentioned yesterday, we are back to green. As his addition to the diary is still relevant, it bears repeating.

As of Tuesday, 1:45 AM GMT (Monday 20:45 EDT), we moved back to infocon green.

We moved to 'Yellow' on Friday, after we did see a number of exploits released for last weeks Microsoft Windows vulnerabilities, in particular MS05-039 (PnP) which is exploitable remotely.

As expected, we did see various bots, in particular 'Zotob' take advantage of this vulnerability. At this point, the situation is however static. New bot variations keep getting developed, but they do not add any fundamental new variation of the exploit. We expect that most exploitable systems have been compromised at this point.
http://isc.sans.org/diary.php
SANS - Internet Storm Center - Cooperative Cyber Threat Monitor And Alert System - Current Infosec News and Analysis