CERT specific news

  

RT @gynvael: Folks, if you have a WAC104 access point from @NETGEAR, you really need to upgrade the firmware NOW. https://t.co/SMbWypjRtd T…

RT @gynvael: Folks, if you have a WAC104 access point from @NETGEAR, you really need to upgrade the firmware NOW.

  

RT @pstirparo: Today is Day4 of #FOR578 @SANSInstitute class… MISP day (among many other topics). So following the tradition of thematic T-…

RT @pstirparo: Today is Day4 of #FOR578 @SANSInstitute class… MISP day (among many other topics). So following the tradition of

  

“An arbitrary code execution vulnerability was discovered in Avaya Aura Device Services that may potentially allow… https://t.co/oToQ2KtvEH

“An arbitrary code execution vulnerability was discovered in Avaya Aura Device Services that may potentially allow… https://t.co/oToQ2KtvEHCIRCL Luxembourg – Computer

  

RT @wugeej: #Cisco ASA,FTD SAML TUNNEL-GROUP NAME XSS (CVE-2020-3580) POST /+CSCOE+/saml/sp/acs?tgname=a HTTP/1.1 Host: ciscoASA.local Co…

RT @wugeej: #Cisco ASA,FTD SAML TUNNEL-GROUP NAME XSS (CVE-2020-3580) POST /+CSCOE+/saml/sp/acs?tgname=a HTTP/1.1 Host: ciscoASA.local Co…CIRCL Luxembourg – Computer Incident Response

  

RT @mikel_hamm: 1 USB key, 3 files with different content, depending on the system you connect it, too. Next week, I’ll present at @passthe…

RT @mikel_hamm: 1 USB key, 3 files with different content, depending on the system you connect it, too. Next week,

  

RT @Glacius_: Hey 🙂 Since @virustotal introduced the VT module for #Yara , you can livehunt for samples communicating with a C2 to get a…

RT @Glacius_: Hey 🙂 Since @virustotal introduced the VT module for #Yara , you can livehunt for samples communicating with

  

“Windows Print Spooler Elevation of Privilege Vulnerability” CVE-2021-1675 / PoC exploit available https://t.co/Rr0KZsr6bF

“Windows Print Spooler Elevation of Privilege Vulnerability” CVE-2021-1675 / PoC exploit available https://t.co/Rr0KZsr6bFCIRCL Luxembourg – Computer Incident Response Center Luxembourg

  

RT @cerebrateproje1: First set of slides about the Cerebrate project are available at: https://t.co/rDP430KNxu

RT @cerebrateproje1: First set of slides about the Cerebrate project are available at: https://t.co/rDP430KNxuCIRCL Luxembourg – Computer Incident Response Center

  

“In Phoenix Contact FL SWITCH SMCS series products in multiple versions if an attacker sends a hand-crafted TCP-Pac… https://t.co/b7dzi9uK4R

“In Phoenix Contact FL SWITCH SMCS series products in multiple versions if an attacker sends a hand-crafted TCP-Pac… https://t.co/b7dzi9uK4RCIRCL Luxembourg

  

RT @MISPProject: MISP 2.4.145 and 2.4.146 released including a massive update to the MISP warning-lists, various improvements and security…

RT @MISPProject: MISP 2.4.145 and 2.4.146 released including a massive update to the MISP warning-lists, various improvements and security…CIRCL Luxembourg

  

“Windows Print Spooler Remote Code Execution Vulnerability – CVE-2021-34527” Read carefully the workarounds provide… https://t.co/qWFRMIFjHi

“Windows Print Spooler Remote Code Execution Vulnerability – CVE-2021-34527” Read carefully the workarounds provide… https://t.co/qWFRMIFjHiCIRCL Luxembourg – Computer Incident Response

  

Don’t miss @passthesaltcon and you’ll see our colleague talking @mikel_hamm about #DFIR and especially those little… https://t.co/AIOcw30m5D

Don’t miss @passthesaltcon and you’ll see our colleague talking @mikel_hamm about #DFIR and especially those little… https://t.co/AIOcw30m5DCIRCL Luxembourg – Computer

  

“An attacker can craft a specific IdaPro *.i64 file that will cause the BinDiff plugin to load an invalid memory of… https://t.co/lWQj2sK3gg

“An attacker can craft a specific IdaPro *.i64 file that will cause the BinDiff plugin to load an invalid memory

  

“Do what I mean!” – time to focus on developer intent

In this post I propose that the software development community should work on developing and then standardising security-related libraries that

   

Windows 10 hardening ajánlások

A német BSI támogatásával és szakmai felügyeletével az ERNW GmbH, egy független IT biztonsági szolgáltató közreműködésében adta ki legújabb, Windows 10 hardening témájú ajánlását.

   

A szlovák CERT egy régiót érintő, jelentős mértékű kibertámadásra figyelmeztet

Április 16-án pénteken a szlovák CERT (SK-CERT, NBÚ) rendkívüli figyelmeztetést adott ki, az országot és Közép-Európát érintő kibertámadással kapcsolatban. A figyelmeztetés nem tartalmaz részleteket, mindazonáltal leírják, hogy zsarolóvírus (ransomware) támadások várhatóak, illetve, hogy az állami, a telekommunikációs és az IT szektor leginkább veszélyeztetett.

  

Cyber insurance guidance

Cyber security considerations for organisations thinking about taking out cyber insurance.NCSC FeedRead More

  

RT @ail_project: In the next release of @ail_project there is a new crawler manager. It allows to have distributed crawlers on dedicated in…

RT @ail_project: In the next release of @ail_project there is a new crawler manager. It allows to have distributed crawlers

  

RT @MISPProject: MISP 2.4.140 released with OpenID support, cross object references in extended events and many improvements. A minor secur…

RT @MISPProject: MISP 2.4.140 released with OpenID support, cross object references in extended events and many improvements. A minor secur…CIRCL

  

@ClausHoumann @abuse_ch ThreatFox produces a MISP event feed and you can directly integrate it in any MISP sharing… https://t.co/IN60sUvKIr

@ClausHoumann @abuse_ch ThreatFox produces a MISP event feed and you can directly integrate it in any MISP sharing… https://t.co/IN60sUvKIrCIRCL Luxembourg

  

RT @MISPProject: Many new and updated feeds from @DataPlaneOrg https://t.co/ESkcJSk0M7 are now available in MISP. Thanks to @jtkristoff for…

RT @MISPProject: Many new and updated feeds from @DataPlaneOrg https://t.co/ESkcJSk0M7 are now available in MISP. Thanks to @jtkristoff for…CIRCL Luxembourg

  

RT @CERTEU: Critical Vulnerabilities Affecting F5 Devices (CERT-EU Security Advisory 2021-015) – https://t.co/9bFk6eAgb5

RT @CERTEU: Critical Vulnerabilities Affecting F5 Devices (CERT-EU Security Advisory 2021-015) – https://t.co/9bFk6eAgb5CIRCL Luxembourg – Computer Incident Response Center Luxembourg

  

“Windows DNS Server Remote Code Execution Vulnerability” Five vulnerabilities, easy to trigger and Dynamic Update i… https://t.co/2VQvWgNGc0

“Windows DNS Server Remote Code Execution Vulnerability” Five vulnerabilities, easy to trigger and Dynamic Update i… https://t.co/2VQvWgNGc0CIRCL Luxembourg – Computer

  

“Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure because of an out-… https://t.co/6yCFhaJBU1

“Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure because of an out-… https://t.co/6yCFhaJBU1CIRCL Luxembourg –

  

RT @cyb3rops: Finally a clear statement on Exchange 2010 🙌 https://t.co/ShuNCkNb72 https://t.co/jeoWyiyV6b

RT @cyb3rops: Finally a clear statement on Exchange 2010 🙌 https://t.co/ShuNCkNb72 https://t.co/jeoWyiyV6bCIRCL Luxembourg – Computer Incident Response Center Luxembourg Recent

  

RT @huntingneo: New service from https://t.co/DkrhVtIgZK project. Allow structures sharing of ioc’s for no cost, including api requests. Al…

RT @huntingneo: New service from https://t.co/DkrhVtIgZK project. Allow structures sharing of ioc’s for no cost, including api requests. Al…CIRCL Luxembourg

  

“Git for Visual Studio Remote Code Execution Vulnerability” https://t.co/OwoYmkCr84

“Git for Visual Studio Remote Code Execution Vulnerability” https://t.co/OwoYmkCr84CIRCL Luxembourg – Computer Incident Response Center Luxembourg Recent NewsRead More

  

“malicious repositories can execute remote code while cloning” https://t.co/A8fsUhBem9

“malicious repositories can execute remote code while cloning” https://t.co/A8fsUhBem9CIRCL Luxembourg – Computer Incident Response Center Luxembourg Recent NewsRead More

  

RT @USCERT_gov: Hey Mike, Mike, Mike, Mike. Guess what day it is. It’s Patch Tuesday. Read about Adobe’s latest security updates at https:/…

RT @USCERT_gov: Hey Mike, Mike, Mike, Mike. Guess what day it is. It’s Patch Tuesday. Read about Adobe’s latest security

  

“LUCY Security Awareness Software through 4.7.x allows unauthenticated remote code execution because the Migration… https://t.co/o1fMHlCGll

“LUCY Security Awareness Software through 4.7.x allows unauthenticated remote code execution because the Migration… https://t.co/o1fMHlCGllCIRCL Luxembourg – Computer Incident Response

  

RT @secin_lu: https://t.co/U86ajt6lrx joined the call for #TrustworthyInstantMessaging aiming at considering an alternative solution that o…

RT @secin_lu: https://t.co/U86ajt6lrx joined the call for #TrustworthyInstantMessaging aiming at considering an alternative solution that o…CIRCL Luxembourg – Computer Incident

  

We sent multiple series of notification to ISP in Luxembourg about vulnerable Exchange server. Please follow the gu… https://t.co/pa1Hg8JCdb

We sent multiple series of notification to ISP in Luxembourg about vulnerable Exchange server. Please follow the gu… https://t.co/pa1Hg8JCdbCIRCL Luxembourg

  

RT @adulau: If someone tell you that SSH key materials are never reused on servers, someone is lying to you… https://t.co/WYUbaUr0ib – i…

RT @adulau: If someone tell you that SSH key materials are never reused on servers, someone is lying to you…

  

RT @GSMA: Final chance to register for the #GSMA T-ISAC MISP virtual workshop with @circl_lu! Learn how to input #telco related #cyber th…

RT @GSMA: Final chance to register for the #GSMA T-ISAC MISP virtual workshop with @circl_lu! Learn how to input #telco

  

“A flaw was found in Keycloak before version 12.0.0, where it is possible to add unsafe schemes for the redirect_ur… https://t.co/8mlNhTcSaK

“A flaw was found in Keycloak before version 12.0.0, where it is possible to add unsafe schemes for the redirect_ur…

  

@AusCERT @Misp This is really cool, automation and fast information sharing in @MISPProject is always a gain for the defenders.

@AusCERT @Misp This is really cool, automation and fast information sharing in @MISPProject is always a gain for the defenders.CIRCL

  

“Multiple vulnerabilities in the Java deserialization function that is used by Cisco Security Manager could allow a… https://t.co/eRzSE0TkuG

“Multiple vulnerabilities in the Java deserialization function that is used by Cisco Security Manager could allow a… https://t.co/eRzSE0TkuGCIRCL Luxembourg –

  

In case you didn’t patch CVE-2020-14841 because the CVSS is 7.5 😉 https://t.co/OdhaxmqPXX

In case you didn’t patch CVE-2020-14841 because the CVSS is 7.5 😉 https://t.co/OdhaxmqPXXCIRCL Luxembourg – Computer Incident Response Center Luxembourg

  

Home learning technology: securing tools for remote education

Guidance to help schools provide secure remote learning tools for pupils, students and staff.NCSC FeedRead More

  

Active Cyber Defence (ACD) – The Third Year

The year three report covers 2019 and aims to highlight the achievements and efforts made by the Active Cyber Defence

  

Weekly Threat Report 26th February 2021

The NCSC’s weekly threat report is drawn from recent open source reporting.NCSC FeedRead More

  

Erasing data from donated devices

How charities can erase personal data from donated laptops, phones and tablets, before passing them on.NCSC FeedRead More

  

Home learning: advice for parents and carers

How to set up (and use) second-hand devices for online home learning.NCSC FeedRead More

  

Vulnerability Scanning: Keeping on top of the most common threats

Vulnerability Scanning solutions offer a cost-effective way to discover and manage common security issues.NCSC FeedRead More