If you are a new ISAC and want to start a sharing community, don't forget we have a document made with X-ISAC
https://www.x-isac.org/publication.html … "Guidelines to setting up an information sharing community such as an ISAC or ISAO"pic.twitter.com/HqwPG1BSKo
I will be at @FIC_eu next week if you want to discuss about @MISPProject @cve_search @d4_project @circl_lu open source security or even threat intelligence. Booth G10
"Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition."
"In uftpd before 2.11, it is possible for an unauthenticated user to perform a directory traversal attack using multiple different FTP commands and read and write to arbitrary locations on the filesystem due to the lack of a well-written chroot jail"
"Fixes now available for Citrix ADC, Citrix Gateway versions 12.1 and 13.0" CVE-2019-19781
"DFSA supports National Cybersecurity Strategy by Launching a Cyber Threat Intelligence Platform" #DFSA
We are delighted to see new ISAC and financial sharing community being created and relying on MISP.
Glad to see the @concordiah2020 project using the MISP platform. This could also help us to improve the platform to cover new use-cases. Great news!
"A stack-based buffer overflow in zap_parse_args in zap.c in zap in Ruckus Unleashed through 126.96.36.199.64 allows remote code execution via an unauthenticated HTTP request."
https://github.com/CIRCL/AIL-framework/releases/tag/v2.8 … - Don't forget to join our training of the 20th February in (Luxembourg)
We are committed to the security of our products & we are making every effort to ensure all customers are supported in response to #CVE201919781. To that end, we have teamed up with @FireEye on a scanner that aids customers in the detection of compromise.
"Honor V30 smartphones with versions earlier than 10.0.1.135(C00E130R4P1) have an improper authentication vulnerability."
"A remote code execution (RCE) vulnerability exists in qdPM 9.1 and earlier."
Do you know about the trainings @circl_lu gives in February?
18>20.02.2020 @MISPProject #ThreatIntel Introduction, Hands-on workshop & Practical #Darkweb and criminal #Blockchain monitoring using the AIL framework.
A nice example of spear phishing attempts on a MISP event displayed on the new timeline visualisation. #ThreatIntelpic.twitter.com/OHDcqy3kE8
"Cacti 1.2.8 allows Remote Code Execution (by privileged users) via shell metacharacters in the Performance Boost Debug Log field of poller_automation.php. "
New project to strengthen collaboration between European CSIRTs has kicked-off. We are pleased to work with @CERT_at @CERT_EE @circl_lu @sk_cert Deloitte and coordinate the project