We continue to monitor a Fake FLASHPlayer.pkg first reported by F-Secure.com. This type of attack is similar to one conducted in 2007 and 2009. The fake installer alters /private/etc/hosts to add an altered IP for Google Sites. The mapping in the hosts file is considered before DNS resolution thus users are redirected to a site which looks like a login for Google. 

We recomment again, blocking 91.224.160.0/23-Bergdorf Group Ltd. There are known spammers on this network. 

Apple has released iOS 4.29 and 4.3.4 to address a host of issues in CoreGraphics and IOMobileFrameBuffer. This will prevent the Jailbreak which can be delivered via PDF. Update can be installed using iTunes when device is attached.