CIRCL (Twitter feed) @circl@mastodon.opencloud.lu

"Joplin through 1.0.184 allows Arbitrary File Read via XSS."

https://cve.circl.lu/cve/CVE-2020-9038 …

"ELTEX NTP-RG-1402G 1v10 3.25.3.32 devices allow OS command injection via the TRACE field of the resource ping.cmd. The NTP-2 device is also affected."

https://cve.circl.lu/cve/CVE-2020-9027 …

We are glad to support the creation of a new financial sharing community operated by the Dubai Financial Service Authority relying on @MISPProject

https://twitter.com/MISPProject/status/1220377618572304385 …pic.twitter.com/DRS3kYqqfO

IOCs can be found in @MISPProject Private or UUID 5e471206-3fb8-43d3-adfd-4806950d210f through @circl_lu osint feed

"Abbott FreeStyle Libre 14-day before February 2020 and FreeStyle Libre 2 before February 2020 allow remote attackers to enable write access via a specific NFC unlock command."

https://cve.circl.lu/cve/CVE-2020-8997 …

"A stack-based buffer overflow was found on the D-Link DIR-842 REVC with firmware v3.13B09 HOTFIX due to the use of strcpy for LOGINPASSWORD when handling a POST request to the /MTFWU endpoint."

https://cve.circl.lu/cve/CVE-2020-8962 …

A new version of MISP (2.4.121) has been released. This version is a security/bug fix release and users are highly encouraged to update as soon as possible. Besides that several issues were resolved and new functionalities were added. #CTI

https://www.misp-project.org/2020/02/12/MISP.2.4.121.released.html …pic.twitter.com/CotOQwxjul

Welcome to the Internet, digital literacy should be your guide!
“We all contribute to #disinformation by not factchecking what we read & share online” Chris Pinchen @BEESECURE
Best-practices to detect #manipulation by Chris Pinchen & Raphaël Vinot @circl_lu #EUvsDisinfopic.twitter.com/G5OO8l87n4 – bei Maison de l'Europe

On 18-19 May, we will co-host in Brussels, with @EU_DIGIT CSIRC, the EU ATT&CK Community workshop organised by @FDezeure & @circl_lu.

Come share your experience with @MITREattack and learn from the other attendees!

Attendance is free. To register:
https://www.attack-community.org/event/ 

When you plan to dev a tool from scratch because nobody care about HAR and @circl_lu already dev Lookyloo with HAR and @MISPProject can store HAR info with small change in objects...pic.twitter.com/logWXUFIdm

The VARIoT project was introduced to the CSIRT community at the @FIRSTdotOrg FIRST Regional Symposium Europe in Malaga at the end of January, as part of The @Shadowserver Foundation's update on recent work
https://www.first.org/events/symposium/malaga2020/program#pThe-Shadowserver-Foundation-Updates-and-Highlights-From-Recent-Activities …

Lookyloo, the web interface to crawl and analyse the website calls to other domains. It's an open source software and the version 1.0 was released Today.
https://github.com/CIRCL/Lookyloo  Thanks to @rafi0t and @quinnnorton for the hard work.pic.twitter.com/St8ogKYzao

"Schmid ZI 620 V400 VPN 090 routers allow an attacker to execute OS commands as root via shell metacharacters to an entry on the SSH subcommand menu, as demonstrated by ping."

https://cve.circl.lu/cve/CVE-2020-6760 …

"A privilege escalation vulnerability in FortiClient for Linux 6.2.1 and below may allow an user with low privilege to run system commands under root privilege via injecting specially crafted "ExportLogs" type IPC client requests to the fctsched process."

https://cve.circl.lu/cve/CVE-2019-15711 …

Reading this makes me feel:

- Aaaww!
- Happy about having given my (small) contribution to the huge work behind @MISPProject
- Proud about the #EU supporting #CyberSecurity projects making the difference!

#EUbudgetForResults
@Cybersec_EU

Thanks
https://twitter.com/MISPProject/status/1225733724865802240 …

"Critical Bluetooth Vulnerability in Android (CVE-2020-0022)"

https://insinuator.net/2020/02/critical-bluetooth-vulnerability-in-android-cve-2020-0022/ …
https://source.android.com/security/bulletin/2020-02-01.html …

"Lotus Core CMS 1.0.1 allows authenticated Local File Inclusion of .php files via directory traversal in the index.php page_slug parameter."

https://cve.circl.lu/cve/CVE-2020-8641 …

We are extending AIL to fully support the @MISPProject standard format by default for all import and export. So you will be able to transparently import/export investigations between AIL and MISP. #threathunting #threatintel
https://www.misp-standard.org/ 
https://github.com/CIRCL/AIL-framework/ …pic.twitter.com/iOwhlNECuS

"An issue was discovered in Squid before 4.10. It allows a crafted FTP server to trigger disclosure of sensitive information from heap memory, such as information associated with other users' sessions or non-Squid processes."

https://cve.circl.lu/cve/CVE-2019-12528 …

We (@adulau and @Iglocska from @circl_lu) will be at the @FIRSTdotOrg FIRST Cyber Threat Intelligence Symposium in Zurich (9-11 March) to talk about "Turning Data into Actionable Intelligence - Advanced Features in MISP Supporting Your Analysts and Tools"
https://www.first.org/events/symposium/zurich2020/program …