CIRCL (Twitter feed) @circl@mastodon.opencloud.lu

If you are a new ISAC and want to start a sharing community, don't forget we have a document made with X-ISAC
https://www.x-isac.org/publication.html … "Guidelines to setting up an information sharing community such as an ISAC or ISAO"pic.twitter.com/HqwPG1BSKo

"Intellian Aptus Web 1.24 has a hardcoded password of 12345678 for the intellian account." #VSAT

https://cve.circl.lu/cve/CVE-2020-8000 …

I will be at @FIC_eu next week if you want to discuss about @MISPProject @cve_search @d4_project @circl_lu open source security or even threat intelligence. Booth G10
https://twitter.com/MISPProject/status/1219909086684336129 …

"Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition."

https://cve.circl.lu/cve/CVE-2019-16022 …

Angreifer nutzen die #Schwachstellen bei aktuell noch immer verwundbaren #Citrix Systemen aus, um darüber in interne Netzwerke der Opfer einzudringen und die #Ransomware #REvil / #Sodinokibi auszurollen.
https://twitter.com/campuscodi/status/1220711683057995777 …

"In uftpd before 2.11, it is possible for an unauthenticated user to perform a directory traversal attack using multiple different FTP commands and read and write to arbitrary locations on the filesystem due to the lack of a well-written chroot jail"

https://cve.circl.lu/cve/CVE-2020-5221 …

"Fixes now available for Citrix ADC, Citrix Gateway versions 12.1 and 13.0" CVE-2019-19781

https://www.citrix.com/blogs/2020/01/23/fixes-now-available-for-citrix-adc-citrix-gateway-versions-12-1-and-13-0/ … -
https://cve.circl.lu/cve/CVE-2019-19781 …

"DFSA supports National Cybersecurity Strategy by Launching a Cyber Threat Intelligence Platform" #DFSA

We are delighted to see new ISAC and financial sharing community being created and relying on MISP.

http://www.dfsa.ae/en/MediaRelease/News/DFSA-supports-National-Cybersecurity-Strategy-by-L?newsid=293 …

Glad to see the @concordiah2020 project using the MISP platform. This could also help us to improve the platform to cover new use-cases. Great news!
https://twitter.com/concordiah2020/status/1220283310817128448 …

"A stack-based buffer overflow in zap_parse_args in zap.c in zap in Ruckus Unleashed through 200.7.10.102.64 allows remote code execution via an unauthenticated HTTP request."

https://cve.circl.lu/cve/CVE-2019-19840 …

AIL Framework version 2.8 released with a domain screenshot browser and many bugs fixed. #ThreatIntel #darkweb

https://github.com/CIRCL/AIL-framework/releases/tag/v2.8 … - Don't forget to join our training of the 20th February in (Luxembourg)
https://en.xing-events.com/YHBTLMJ.html pic.twitter.com/AeufxSSqAE

We are committed to the security of our products & we are making every effort to ensure all customers are supported in response to #CVE201919781. To that end, we have teamed up with @FireEye on a scanner that aids customers in the detection of compromise.
https://www.citrix.com/blogs/2020/01/22/citrix-and-fireeye-mandiant-share-forensic-tool-for-cve-2019-19781/ …

We (@adulau and @chrisred_68) will be at the @FIC_eu (at Booth G10) next week. If you have any question, ideas, bug reports, feature requests about @MISPProject or
http://MISP-standard.org  don't hesitate to visit us (to get stickers too ;-). #ThreatIntel #FIC2020pic.twitter.com/AfTBlgchFW

"Honor V30 smartphones with versions earlier than 10.0.1.135(C00E130R4P1) have an improper authentication vulnerability."

https://cve.circl.lu/cve/CVE-2020-1788 …

"A remote code execution (RCE) vulnerability exists in qdPM 9.1 and earlier."

https://cve.circl.lu/cve/CVE-2020-7246 …

Do you know about the trainings @circl_lu gives in February?
18>20.02.2020 @MISPProject #ThreatIntel Introduction, Hands-on workshop & Practical #Darkweb and criminal #Blockchain monitoring using the AIL framework.
More information:
https://circl.lu/services/misp-training-materials/ …pic.twitter.com/rYTAVpH1Ue

A nice example of spear phishing attempts on a MISP event displayed on the new timeline visualisation. #ThreatIntelpic.twitter.com/OHDcqy3kE8

We have been busy during holidays and the next release (for tomorrow) will include a new timeline feature in MISP. All attributes and objects can now have a first_seen and last_seen. A convenient timeline editor/viewer is now included to see all activities based on time.pic.twitter.com/uVukhfY4LD

"Cacti 1.2.8 allows Remote Code Execution (by privileged users) via shell metacharacters in the Performance Boost Debug Log field of poller_automation.php. "

https://cve.circl.lu/cve/CVE-2020-7237 …

New project to strengthen collaboration between European CSIRTs has kicked-off. We are pleased to work with @CERT_at @CERT_EE @circl_lu @sk_cert Deloitte and coordinate the project
https://ec.europa.eu/digital-single-market/en/news/open-platform-and-tools-facilitate-collaboration-among-computer-security-incident-response …