CERT specific news

CERT announcements

  

RT @CERTEU: We welcome the @EUauditors report on the #cybersecurity of EUIBAs 🙏. The call for enhanced preparedness is more timely than eve…

RT @CERTEU: We welcome the @EUauditors report on the #cybersecurity of EUIBAs 🙏. The call for enhanced preparedness is more

  

There are ongoing @luxtrust phishing campaigns such as https://t.co/Jyl7wKtXar Be super careful. Don’t hesitate… https://t.co/PWaIZcXYQr

There are ongoing @luxtrust phishing campaigns such as https://t.co/Jyl7wKtXar Be super careful. Don’t hesitate… https://t.co/PWaIZcXYQrCIRCL Luxembourg – Computer Incident Response

  

Be careful, there are still ongoing campaigns targeting some LeFoyer customers in Luxembourg, you can see and analy… https://t.co/KAE6eNJ0wb

Be careful, there are still ongoing campaigns targeting some LeFoyer customers in Luxembourg, you can see and analy… https://t.co/KAE6eNJ0wbCIRCL Luxembourg

  

A good overview of the current state of “Spring4Shell” and the overall overview of the different vulnerabilites (in… https://t.co/WPwc35bkIm

A good overview of the current state of “Spring4Shell” and the overall overview of the different vulnerabilites (in… https://t.co/WPwc35bkImCIRCL Luxembourg

  

LookyLoo @lookyloo_app released version v1.11 including maintenance and improvements such as multiple captures, imp… https://t.co/46yEvnLGci

LookyLoo @lookyloo_app released version v1.11 including maintenance and improvements such as multiple captures, imp… https://t.co/46yEvnLGciCIRCL Luxembourg – Computer Incident Response

  

“FANTEC GmbH MWiD25-DS Firmware v2.000.030 allows unauthenticated attackers to access and download arbitrary files… https://t.co/6Md6GmeoZW

“FANTEC GmbH MWiD25-DS Firmware v2.000.030 allows unauthenticated attackers to access and download arbitrary files… https://t.co/6Md6GmeoZWCIRCL Luxembourg – Computer Incident Response

  

“BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR rec… https://t.co/kBlYtLBAEn

“BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR rec…

  

An authentication bypass vulnerability in the CGI program of Zyxel USG/ZyWALL , USG FLEX, ATP series VPN, and NSG,… https://t.co/5LSI2H6qoS

An authentication bypass vulnerability in the CGI program of Zyxel USG/ZyWALL , USG FLEX, ATP series VPN, and NSG,… https://t.co/5LSI2H6qoSCIRCL

  

“Apperta Foundation OpenEyes 3.5.1 allows remote attackers to view the sensitive information of patients without ha… https://t.co/tLhLYCokU8

“Apperta Foundation OpenEyes 3.5.1 allows remote attackers to view the sensitive information of patients without ha… https://t.co/tLhLYCokU8CIRCL Luxembourg – Computer

  

https://t.co/uDwAaDG5Fv has been updated and now includes the set of Yara Signature Base from @cyb3rops (thanks!)… https://t.co/nOYzVBfAWK

https://t.co/uDwAaDG5Fv has been updated and now includes the set of Yara Signature Base from @cyb3rops (thanks!)… https://t.co/nOYzVBfAWKCIRCL Luxembourg – Computer

  

“GitLab Critical Security Release: 14.9.2, 14.8.5, and 14.7.7” https://t.co/jPOTY05kFn To scan your @gitlab serve… https://t.co/PBu8t8yQ6L

“GitLab Critical Security Release: 14.9.2, 14.8.5, and 14.7.7” https://t.co/jPOTY05kFn To scan your @gitlab serve… https://t.co/PBu8t8yQ6LCIRCL Luxembourg – Computer Incident Response

  

FYI, the old IP ASN History is archived at @circl_lu and it is now https://t.co/XnN40CS9zO under the @d4_project and maintained over there.

FYI, the old IP ASN History is archived at @circl_lu and it is now https://t.co/XnN40CS9zO under the @d4_project and maintained

  

RT @MISPProject: Glad to see @ServiceSsu and @NATO working together to share information and threat intelligence using MISP. https://t.co/…

RT @MISPProject: Glad to see @ServiceSsu and @NATO working together to share information and threat intelligence using MISP. https://t.co/…CIRCL Luxembourg

  

RT @FDezeure: Happy to announce the 9th EU ATT&CK Workshop on 2 June. https://t.co/ZwwohwM3U5. News from @MITREattack and best practices pr…

RT @FDezeure: Happy to announce the 9th EU ATT&CK Workshop on 2 June. https://t.co/ZwwohwM3U5. News from @MITREattack and best practices

  

RT @TelindusCSIRT: Phishing campaigns seen using email content from previous exploitation of Exchange vulnerabilities. The phishing campaig…

RT @TelindusCSIRT: Phishing campaigns seen using email content from previous exploitation of Exchange vulnerabilities. The phishing campaig…CIRCL Luxembourg – Computer

   

Signal biztonsági beállítások

CERT-EU kiadott egy útmutatót a Signal biztonsági beállítások módosítására az alábbi javaslatokkal. Minden esetben a hivatalos oldalt használja a Signal

  

“In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or… https://t.co/IhO8HGhN8h

“In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or… https://t.co/IhO8HGhN8hCIRCL

  

“Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform authentication when a spe… https://t.co/XO1FWmxv4i

“Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform authentication when a spe… https://t.co/XO1FWmxv4iCIRCL Luxembourg – Computer

  

RT @MISPProject: A huge thanks to @CERT_FR to share information in structured standard MISP format. The events are now also available in th…

RT @MISPProject: A huge thanks to @CERT_FR to share information in structured standard MISP format. The events are now also

  

@nuria_imeq @virustotal Thanks a lot. You might want to have at a new one (still in beta) https://t.co/KanpPPYPfT a… https://t.co/2LBGACtMRn

@nuria_imeq @virustotal Thanks a lot. You might want to have at a new one (still in beta) https://t.co/KanpPPYPfT a… https://t.co/2LBGACtMRnCIRCL

  

RT @paulvixie: @circl_lu i guess C means never having to say you’re sorry?

RT @paulvixie: @circl_lu i guess C means never having to say you’re sorry?CIRCL Luxembourg – Computer Incident Response Center Luxembourg

  

RT @gallypette: Analyzing conti jabber chat with @ail_project gives really neat results. https://t.co/Rw0N4FPzL6

RT @gallypette: Analyzing conti jabber chat with @ail_project gives really neat results. https://t.co/Rw0N4FPzL6CIRCL Luxembourg – Computer Incident Response Center Luxembourg

  

“Network Infrastructure Security Guidance” by @NSAGov provides a good resource for best practices for network secur… https://t.co/QozImU8UaQ

“Network Infrastructure Security Guidance” by @NSAGov provides a good resource for best practices for network secur… https://t.co/QozImU8UaQCIRCL Luxembourg – Computer

  

RT @jpcert_en: As Emotet evolves, we have released a new Emocheck. ^KK https://t.co/V04Qrkpt1i

RT @jpcert_en: As Emotet evolves, we have released a new Emocheck. ^KK https://t.co/V04Qrkpt1iCIRCL Luxembourg – Computer Incident Response Center Luxembourg

  

RT @adulau: Many people, groups, organisations, countries and alliances are running @MISPProject to support sharing, a new improvement (to…

RT @adulau: Many people, groups, organisations, countries and alliances are running @MISPProject to support sharing, a new improvement (to…CIRCL Luxembourg

  

RT @SecEvangelism: Update from #Romania URGENT Can anyone build out quickly a map tracking website which tracks over over 400 people via th…

RT @SecEvangelism: Update from #Romania URGENT Can anyone build out quickly a map tracking website which tracks over over 400

  

RT @hasherezade: Check our deep-dive, describing various interesting implementation details! https://t.co/BRAdWeFwix

RT @hasherezade: Check our deep-dive, describing various interesting implementation details! https://t.co/BRAdWeFwixCIRCL Luxembourg – Computer Incident Response Center Luxembourg Recent NewsRead

  

“Zyxel security advisory for OS command injection vulnerability of NWA1100-NH access point Homepage Support Securit… https://t.co/3oJLJkGU79

“Zyxel security advisory for OS command injection vulnerability of NWA1100-NH access point Homepage Support Securit… https://t.co/3oJLJkGU79CIRCL Luxembourg – Computer Incident

  

RT @ESETresearch: 🇺🇦 #BREAKING #ESETresearch continues to investigate the #HermeticWiper incident. We uncovered a worm component #HermeticW…

RT @ESETresearch: 🇺🇦 #BREAKING #ESETresearch continues to investigate the #HermeticWiper incident. We uncovered a worm component #HermeticW…CIRCL Luxembourg – Computer

  

“Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.8.” https://t.co/HryWeAfDL2

“Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.8.” https://t.co/HryWeAfDL2CIRCL Luxembourg – Computer Incident Response Center Luxembourg Recent

  

@87David76 @CertLu Could you summit the links via https://t.co/i4LedNoVPL ? Thank you very much.

@87David76 @CertLu Could you summit the links via https://t.co/i4LedNoVPL ? Thank you very much.CIRCL Luxembourg – Computer Incident Response Center

  

hashlookup Bloom filter updated with 316+ millions hashes. It can be downloaded from https://t.co/dwltFu02V5 and ca… https://t.co/DLlMJfS6Le

hashlookup Bloom filter updated with 316+ millions hashes. It can be downloaded from https://t.co/dwltFu02V5 and ca… https://t.co/DLlMJfS6LeCIRCL Luxembourg – Computer

  

“In zsh before 5.8.1, an attacker can achieve code execution if they control a command output inside the prompt, as… https://t.co/vvWxUFOoIC

“In zsh before 5.8.1, an attacker can achieve code execution if they control a command output inside the prompt, as…

  

RT @MISPProject: The MISP cheat sheet has been updated with a representation overview showing how MISP is used to model a security incident…

RT @MISPProject: The MISP cheat sheet has been updated with a representation overview showing how MISP is used to model

  

“CGI.escape_html in Ruby before 2.7.5 and 3.x before 3.0.3 has an integer overflow and resultant buffer overflow vi… https://t.co/iT58PvXS52

“CGI.escape_html in Ruby before 2.7.5 and 3.x before 3.0.3 has an integer overflow and resultant buffer overflow vi… https://t.co/iT58PvXS52CIRCL Luxembourg

  

“ESET products for Windows allows untrusted process to impersonate the client of a pipe, which can be leveraged by… https://t.co/OD4g2KnRpd

“ESET products for Windows allows untrusted process to impersonate the client of a pipe, which can be leveraged by… https://t.co/OD4g2KnRpdCIRCL

  

“Adobe has released security updates for Adobe Commerce and Magento Open Source. These updates resolve a vulnerabil… https://t.co/hRrpQaiU4r

“Adobe has released security updates for Adobe Commerce and Magento Open Source. These updates resolve a vulnerabil… https://t.co/hRrpQaiU4rCIRCL Luxembourg – Computer Incident

  

RT @CERTEU: ICM Vulnerability in SAP Software (CERT-EU Security Advisory 2022-011) – https://t.co/3kdgj7ZK0B

RT @CERTEU: ICM Vulnerability in SAP Software (CERT-EU Security Advisory 2022-011) – https://t.co/3kdgj7ZK0BCIRCL Luxembourg – Computer Incident Response Center Luxembourg

  

“An improper authentication vulnerability has been reported to affect QNAP NAS running Kazoo Server.” https://t.co/xHSyUWylft

“An improper authentication vulnerability has been reported to affect QNAP NAS running Kazoo Server.” https://t.co/xHSyUWylftCIRCL Luxembourg – Computer Incident Response

  

“Joplin 2.6.10 allows remote attackers to execute system commands through malicious code in user search results.” https://t.co/Ub0OdoeXjT

“Joplin 2.6.10 allows remote attackers to execute system commands through malicious code in user search results.” https://t.co/Ub0OdoeXjTCIRCL Luxembourg – Computer

  

@MaliciaRogue The directory from @enisa_eu is always a nice source to find out which teams are located in EU countr… https://t.co/lLepeoNSPW

@MaliciaRogue The directory from @enisa_eu is always a nice source to find out which teams are located in EU countr…

  

“StarWind SAN and NAS before 0.2 build 1685 allows remote code execution via a virtual disk management command.” -… https://t.co/jicHMrOaoF

“StarWind SAN and NAS before 0.2 build 1685 allows remote code execution via a virtual disk management command.” -… https://t.co/jicHMrOaoFCIRCL

  

We published open source metrics about @circl_lu contributions to projects that we maintain or co-maintain such as… https://t.co/331TAf0MwG

We published open source metrics about @circl_lu contributions to projects that we maintain or co-maintain such as… https://t.co/331TAf0MwGCIRCL Luxembourg –

  

“IBM Security Verify Access 10.0.0.0, 10.0.1.0 and 10.0.2.0 with the advanced access control authentication service… https://t.co/5OdJz1spA7

“IBM Security Verify Access 10.0.0.0, 10.0.1.0 and 10.0.2.0 with the advanced access control authentication service… https://t.co/5OdJz1spA7CIRCL Luxembourg – Computer Incident

  

New version v1.10 of @lookyloo_app released including support for CIRCL hashlookup, new browser extension many impr… https://t.co/APMbsDQDYZ

New version v1.10 of @lookyloo_app released including support for CIRCL hashlookup, new browser extension many impr… https://t.co/APMbsDQDYZCIRCL Luxembourg – Computer

  

RT @CyberpeaceInst: 9/10: If you suspect an infection, @circl_lu recommends: – Re-installing every compromised server from scratch and th…

RT @CyberpeaceInst: 9/10: If you suspect an infection, @circl_lu recommends: – Re-installing every compromised server from scratch and th…CIRCL Luxembourg

  

RT @IT_SiBe: Mit #Lookyloo fĂĽr Webseiten … – beobachten, wer Zugriff auf Informationen hat – böswillige Aktivitäten erkennen – Phishing-A…

RT @IT_SiBe: Mit #Lookyloo fĂĽr Webseiten … – beobachten, wer Zugriff auf Informationen hat – böswillige Aktivitäten erkennen – Phishing-A…CIRCL

  

The friday reminder about @Microsoft exchange build and especially how is your patching and incident response going… https://t.co/HTD7OnfDh3

The friday reminder about @Microsoft exchange build and especially how is your patching and incident response going… https://t.co/HTD7OnfDh3CIRCL Luxembourg –

  

RT @CyberpeaceInst: ALERT to #NGOs: The @CyberpeaceIns recently detected that a number of NGOs have fallen victim to an ongoing #malspam ca…

RT @CyberpeaceInst: ALERT to #NGOs: The @CyberpeaceIns recently detected that a number of NGOs have fallen victim to an ongoing

  

“A buffer overflow vulnerability was discovered in Zoom Client for Meetings” https://t.co/8lOkWyKxEi

“A buffer overflow vulnerability was discovered in Zoom Client for Meetings” https://t.co/8lOkWyKxEiCIRCL Luxembourg – Computer Incident Response Center Luxembourg Recent

  

RT @ail_project: AIL Framework version 4.0 released with a new synchronisation feature, tracker webhook improvement and many bugs fixed. #t…

RT @ail_project: AIL Framework version 4.0 released with a new synchronisation feature, tracker webhook improvement and many bugs fixed. #t…CIRCL

  

RT @MISPProject: We did some improvements into the issue template for @MISPProject and also open the discussion part of our @github main re…

RT @MISPProject: We did some improvements into the issue template for @MISPProject and also open the discussion part of our