CERT specific news

CERT announcements

   

Windows 10 hardening ajánlások

A német BSI támogatásával és szakmai felügyeletével az ERNW GmbH, egy független IT biztonsági szolgáltató közreműködésében adta ki legújabb, Windows 10 hardening témájú ajánlását.

   

A szlovák CERT egy régiót érintő, jelentős mértékű kibertámadásra figyelmeztet

Április 16-án pénteken a szlovák CERT (SK-CERT, NBÚ) rendkívüli figyelmeztetést adott ki, az országot és Közép-Európát érintő kibertámadással kapcsolatban. A figyelmeztetés nem tartalmaz részleteket, mindazonáltal leírják, hogy zsarolóvírus (ransomware) támadások várhatóak, illetve, hogy az állami, a telekommunikációs és az IT szektor leginkább veszélyeztetett.

  

Cyber insurance guidance

Cyber security considerations for organisations thinking about taking out cyber insurance.NCSC FeedRead More

  

RT @ail_project: In the next release of @ail_project there is a new crawler manager. It allows to have distributed crawlers on dedicated in…

RT @ail_project: In the next release of @ail_project there is a new crawler manager. It allows to have distributed crawlers

  

RT @MISPProject: MISP 2.4.140 released with OpenID support, cross object references in extended events and many improvements. A minor secur…

RT @MISPProject: MISP 2.4.140 released with OpenID support, cross object references in extended events and many improvements. A minor secur…CIRCL

  

@ClausHoumann @abuse_ch ThreatFox produces a MISP event feed and you can directly integrate it in any MISP sharing… https://t.co/IN60sUvKIr

@ClausHoumann @abuse_ch ThreatFox produces a MISP event feed and you can directly integrate it in any MISP sharing… https://t.co/IN60sUvKIrCIRCL Luxembourg

  

RT @MISPProject: Many new and updated feeds from @DataPlaneOrg https://t.co/ESkcJSk0M7 are now available in MISP. Thanks to @jtkristoff for…

RT @MISPProject: Many new and updated feeds from @DataPlaneOrg https://t.co/ESkcJSk0M7 are now available in MISP. Thanks to @jtkristoff for…CIRCL Luxembourg

  

RT @CERTEU: Critical Vulnerabilities Affecting F5 Devices (CERT-EU Security Advisory 2021-015) – https://t.co/9bFk6eAgb5

RT @CERTEU: Critical Vulnerabilities Affecting F5 Devices (CERT-EU Security Advisory 2021-015) – https://t.co/9bFk6eAgb5CIRCL Luxembourg – Computer Incident Response Center Luxembourg

  

“Windows DNS Server Remote Code Execution Vulnerability” Five vulnerabilities, easy to trigger and Dynamic Update i… https://t.co/2VQvWgNGc0

“Windows DNS Server Remote Code Execution Vulnerability” Five vulnerabilities, easy to trigger and Dynamic Update i… https://t.co/2VQvWgNGc0CIRCL Luxembourg – Computer

  

“Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure because of an out-… https://t.co/6yCFhaJBU1

“Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure because of an out-… https://t.co/6yCFhaJBU1CIRCL Luxembourg –

  

RT @cyb3rops: Finally a clear statement on Exchange 2010 🙌 https://t.co/ShuNCkNb72 https://t.co/jeoWyiyV6b

RT @cyb3rops: Finally a clear statement on Exchange 2010 🙌 https://t.co/ShuNCkNb72 https://t.co/jeoWyiyV6bCIRCL Luxembourg – Computer Incident Response Center Luxembourg Recent

  

RT @huntingneo: New service from https://t.co/DkrhVtIgZK project. Allow structures sharing of ioc’s for no cost, including api requests. Al…

RT @huntingneo: New service from https://t.co/DkrhVtIgZK project. Allow structures sharing of ioc’s for no cost, including api requests. Al…CIRCL Luxembourg

  

“Git for Visual Studio Remote Code Execution Vulnerability” https://t.co/OwoYmkCr84

“Git for Visual Studio Remote Code Execution Vulnerability” https://t.co/OwoYmkCr84CIRCL Luxembourg – Computer Incident Response Center Luxembourg Recent NewsRead More

  

“malicious repositories can execute remote code while cloning” https://t.co/A8fsUhBem9

“malicious repositories can execute remote code while cloning” https://t.co/A8fsUhBem9CIRCL Luxembourg – Computer Incident Response Center Luxembourg Recent NewsRead More

  

RT @USCERT_gov: Hey Mike, Mike, Mike, Mike. Guess what day it is. It’s Patch Tuesday. Read about Adobe’s latest security updates at https:/…

RT @USCERT_gov: Hey Mike, Mike, Mike, Mike. Guess what day it is. It’s Patch Tuesday. Read about Adobe’s latest security

  

We sent multiple series of notification to ISP in Luxembourg about vulnerable Exchange server. Please follow the gu… https://t.co/pa1Hg8JCdb

We sent multiple series of notification to ISP in Luxembourg about vulnerable Exchange server. Please follow the gu… https://t.co/pa1Hg8JCdbCIRCL Luxembourg

  

“LUCY Security Awareness Software through 4.7.x allows unauthenticated remote code execution because the Migration… https://t.co/o1fMHlCGll

“LUCY Security Awareness Software through 4.7.x allows unauthenticated remote code execution because the Migration… https://t.co/o1fMHlCGllCIRCL Luxembourg – Computer Incident Response

  

RT @secin_lu: https://t.co/U86ajt6lrx joined the call for #TrustworthyInstantMessaging aiming at considering an alternative solution that o…

RT @secin_lu: https://t.co/U86ajt6lrx joined the call for #TrustworthyInstantMessaging aiming at considering an alternative solution that o…CIRCL Luxembourg – Computer Incident

  

RT @adulau: If someone tell you that SSH key materials are never reused on servers, someone is lying to you… https://t.co/WYUbaUr0ib – i…

RT @adulau: If someone tell you that SSH key materials are never reused on servers, someone is lying to you…

  

RT @GSMA: Final chance to register for the #GSMA T-ISAC MISP virtual workshop with @circl_lu! Learn how to input #telco related #cyber th…

RT @GSMA: Final chance to register for the #GSMA T-ISAC MISP virtual workshop with @circl_lu! Learn how to input #telco

  

“A flaw was found in Keycloak before version 12.0.0, where it is possible to add unsafe schemes for the redirect_ur… https://t.co/8mlNhTcSaK

“A flaw was found in Keycloak before version 12.0.0, where it is possible to add unsafe schemes for the redirect_ur…

  

@AusCERT @Misp This is really cool, automation and fast information sharing in @MISPProject is always a gain for the defenders.

@AusCERT @Misp This is really cool, automation and fast information sharing in @MISPProject is always a gain for the defenders.CIRCL

  

“Multiple vulnerabilities in the Java deserialization function that is used by Cisco Security Manager could allow a… https://t.co/eRzSE0TkuG

“Multiple vulnerabilities in the Java deserialization function that is used by Cisco Security Manager could allow a… https://t.co/eRzSE0TkuGCIRCL Luxembourg –

  

In case you didn’t patch CVE-2020-14841 because the CVSS is 7.5 😉 https://t.co/OdhaxmqPXX

In case you didn’t patch CVE-2020-14841 because the CVSS is 7.5 😉 https://t.co/OdhaxmqPXXCIRCL Luxembourg – Computer Incident Response Center Luxembourg

  

Home learning technology: securing tools for remote education

Guidance to help schools provide secure remote learning tools for pupils, students and staff.NCSC FeedRead More

  

Active Cyber Defence (ACD) – The Third Year

The year three report covers 2019 and aims to highlight the achievements and efforts made by the Active Cyber Defence

  

Weekly Threat Report 26th February 2021

The NCSC’s weekly threat report is drawn from recent open source reporting.NCSC FeedRead More

  

Erasing data from donated devices

How charities can erase personal data from donated laptops, phones and tablets, before passing them on.NCSC FeedRead More

  

Home learning: advice for parents and carers

How to set up (and use) second-hand devices for online home learning.NCSC FeedRead More

  

Vulnerability Scanning Tools and Services

Advice on the choice, implementation and use of automated vulnerability scanning tools for organisations of all sizes.NCSC FeedRead More

  

Vulnerability Scanning: Keeping on top of the most common threats

Vulnerability Scanning solutions offer a cost-effective way to discover and manage common security issues.NCSC FeedRead More

  

Weekly Threat Report 22nd January 2021

The NCSC’s weekly threat report is drawn from recent open source reporting.NCSC FeedRead More

  

Cross domain security

How to safely exchange information between systems and organisations.NCSC FeedRead More

  

Technical report: Responsible use of the Border Gateway Protocol (BGP) for ISP interworking

Technical report on best practice use of this fundamental data routing protocol.NCSC FeedRead More

  

Second call for Academic Centres of Excellence in Cyber Security Education

Universities are invited to join the ACE-CSE programme, recognising excellence in the delivery of cyber security education.NCSC FeedRead More

  

Can you help improve the Cyber Security Toolkit for Boards?

Your chance to be part of the research that will shape the next iteration of the NCSC’s Board Toolkit.NCSC FeedRead

   

Újabb kórház a zsarolóvírusok kereszttüzében

Január 17-én vasárnap zsarolóvírus támadás érte a belga CHwapi kórházat, ahol a támadás következtében beavatkozásokat kellett elhalasztani és betegeket kellett átirányítani más intézményekbe. Az intézmény jelentése szerint a támadás vasárnap este 20:45 perc körül érte a kórházat, és több, mint 80 eszköz még mindig titkosítva van. Az üzemeltető személyzet próbálkozásai az irányítás visszaszerzésére jelenleg hatástalanok. Az eset furcsasága, hogy a zsarolóvírusokra egyáltalán nem jellemző módon, a támadók egyelőre nem követeltek váltságdíjat, illetve adatlopás nyomait sem fedezték még fel a szakértők.

  

Buying and selling second-hand devices

How to erase the personal data from your phone, tablets, and other devices (and why it’s important when you’re buying

  

Erasing personal data from second-hand devices

Introducing our new guidance: essential steps to follow when you’re buying (or selling) used electronic devicesNCSC FeedRead More

  

Cyber security for farmers

Guidance to help farmers improve the security and resilience of their business against cyber threats.NCSC FeedRead More

  

Weekly Threat Report 8th January 2021

The NCSC’s weekly threat report is drawn from recent open source reporting.NCSC FeedRead More