@circl@social.circl.lu
@circl@social.circl.lu avatar

circl

@circl@social.circl.lu

CIRCL is the CERT (Computer Emergency Response Team/Computer Security Incident Response Team) for the private sector, communes and non-governmental entities in Luxembourg. The home of many open source security tools.

#infosec #cert #threatintelligence #fedi22 #incidentresponse #dfir

This profile is from a federated server and may be incomplete. Browse more on the original instance.

circl, to random
@circl@social.circl.lu avatar

@DNSresolver circl.lu

circl, to infosec
@circl@social.circl.lu avatar

vulnerability-lookup version v0.7.0 has been released.

  • News feed added
  • Support for CSAF sources (CERT Bund, RedHat, Siemens, CISA, CISCO, Nozomi Networks, OpenXchange, SICK)
  • OSSF Malicious packages repository
  • Pagination for recent vulnerabilities (API & Web)

๐Ÿ”— Source code https://github.com/cve-search/vulnerability-lookup/releases/tag/v0.7.0

๐Ÿ”— Vulnerability lookup online https://vulnerability.circl.lu/

circl, to infosec
@circl@social.circl.lu avatar

TR-83 - Linux Boot Hardening HOWTO

๐Ÿ”— https://www.circl.lu/pub/tr-83/

circl, to infosec
@circl@social.circl.lu avatar

TR-82 - backdoor discovered in xz-utils - CVE-2024-3094

๐Ÿ”— For more information including detection and information about vulnerable distribution https://www.circl.lu/pub/tr-82/

circl, to infosec
@circl@social.circl.lu avatar

A out-of-bounds write vulnerability [CWE-787] in FortiOS may allow a remote unauthenticated attacker to execute arbitrary code or command via specially crafted HTTP requests.

"Workaround : disable SSL VPN (disable webmode is NOT a valid workaround)"

๐Ÿ”— https://www.fortiguard.com/psirt/FG-IR-24-015

circl, to privacy
@circl@social.circl.lu avatar

Pandora is an analysis framework designed to determine if a file is suspicious, conveniently displaying the results. Pandora provides a user-friendly content preview interface for large documents, including a preview of the metadata. This allows users to view files without the need to open them locally and don't put their computer at risk.

๐Ÿ”— https://www.circl.lu/services/pandora-document-analysis/

circl, to opensource
@circl@social.circl.lu avatar

Cybersecurity Unites Across Borders - FETTA (Federated European Team for Threat Analysis) Project Launched to Strengthen EU Cyber Threat Intelligence

๐Ÿ”— https://www.circl.lu/pub/press/20240131/

@misp

circl, to random
@circl@social.circl.lu avatar

New Mitigations to Defend Against Exploitation of Ivanti Connect Secure and Policy Secure Gateways

"Threat actors are continuing to leverage vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways to capture credentials and/or drop webshells that enable further compromise of enterprise networks. "

๐Ÿ”— https://www.cisa.gov/news-events/alerts/2024/01/30/new-mitigations-defend-against-exploitation-ivanti-connect-secure-and-policy-secure-gateways

circl, to infosec
@circl@social.circl.lu avatar

TR-78 - CVE-2023-46805 (Authentication Bypass) & CVE-2024-21887 (Command Injection) for Ivanti Connect Secure and Ivanti Policy Secure Gateways

It's a critical. We sent notification to various ISPs in Luxembourg. Review your equipments it's important.

๐Ÿ”— https://www.circl.lu/pub/tr-78/

A specific @misp MISP event has been published including the @volexity IOCs. It's in the CIRCL MISP OSINT feed.

circl,
@circl@social.circl.lu avatar

@misp MISP event available in the CIRCL OSINT feed -> https://www.circl.lu/doc/misp/feed-osint/ab1a2393-2d57-46c9-91ab-16a4cc4b0b03.json @volexity

circl, to random
@circl@social.circl.lu avatar

Exim through 4.97 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages that appear to originate from the Exim server, allowing bypass of an SPF protection mechanism. This occurs because Exim supports <LF>.<CR><LF> but some other popular e-mail servers do not.

๐Ÿ”— https://cvepremium.circl.lu/cve/CVE-2023-51766

circl, to opensource
@circl@social.circl.lu avatar

TR-567d30 - CIRCL Unveils Festive Nostalgic Initiatives - Gopher Protocol and Bulletin Board System Revival

๐Ÿ”— https://www.circl.lu/pub/tr-567d30/

Enjoy your holidays! ๐ŸŽ„ ๐Ÿฅณ

Access to the BBS via Telnet.

circl, to infosec
@circl@social.circl.lu avatar

๐Ÿš€ New release! The enhanced version of our online typosquatting finder service is now live! Explore the updated features and improvements here: https://typosquatting-finder.circl.lu/

Additionally, we've updated the underlying open-source library and web services. Dive into the advancements on GitHub: https://github.com/typosquatter/ail-typo-squatting

#typosquatting #infosec #domain #typo #opensource

circl, to opensource
@circl@social.circl.lu avatar

New forensic training materials including the latest one from the cyberday.lu 2023 are now published.

https://www.circl.lu/services/forensic-training-materials/

circl, to random
@circl@social.circl.lu avatar

A new version of the @circl_lu Passive DNS service has been released. The API is backward compatible and version 2.0 includes new functionalities. It has been activated today with new sources.

https://www.circl.lu/services/passive-dns/

circl, to infosec
@circl@social.circl.lu avatar

The Ransomlook.io fediverse bot has been updated

@Ransomlook now includes group name as tag.

๐Ÿ”— https://github.com/RansomLook/RansomLook

๐Ÿ”— https://www.ransomlook.io/

circl, to infosec
@circl@social.circl.lu avatar

ISC has disclosed two vulnerabilities in BIND 9 (CVE-2023-3341, CVE-2023-4236)

https://www.openwall.com/lists/oss-security/2023/09/20/2

circl, to mastodon
@circl@social.circl.lu avatar

Don't forget to upgrade your Mastodon sever to the latest version v4.1.8 due to the CVE-2023-42451 and CVE-2023-42452 vulnerabilities.

๐Ÿ”— https://github.com/mastodon/mastodon/releases/tag/v4.1.8

๐Ÿ”— https://cvepremium.circl.lu/cve/CVE-2023-42451
๐Ÿ”— https://cvepremium.circl.lu/cve/CVE-2023-42452

circl, to infosec
@circl@social.circl.lu avatar

If you are hit by our SSH scanner and wondering why we do so, we have a dedicated page about the scanning project(s):

https://www.circl.lu/projects/scanning/

circl, to security
@circl@social.circl.lu avatar

TR-74 - A heap-based buffer overflow vulnerability [CWE-122] in FortiOS - CVE-2023-27997

If you are running FortiOS devices, patch and also trigger an incident response procedure to review the devices.

https://www.circl.lu/pub/tr-74/

circl, to opensource
@circl@social.circl.lu avatar

We are at @passthesaltcon conference presenting various tools from
@circl and you can watch those talks live today and tomorrow at

https://passthesalt.ubicast.tv/lives/live-pass-the-salt-2023/

0x58, to infosec

Anyone at @passthesaltcon ๐Ÿ‡ซ๐Ÿ‡ท today? How are things going there?

circl,
@circl@social.circl.lu avatar

@0x58 @passthesaltcon Pretty good! Very interesting and many great people. The last talk from Quarkslab about UEFI was really impressive...

  • All
  • Subscribed
  • Moderated
  • Favorites
  • โ€ข
  • JUstTest
  • rosin
  • thenastyranch
  • ethstaker
  • DreamBathrooms
  • osvaldo12
  • magazineikmin
  • tacticalgear
  • Youngstown
  • everett
  • mdbf
  • slotface
  • ngwrru68w68
  • kavyap
  • provamag3
  • Durango
  • InstantRegret
  • GTA5RPClips
  • tester
  • cubers
  • cisconetworking
  • normalnudes
  • khanakhh
  • modclub
  • anitta
  • Leos
  • megavids
  • lostlight
  • All magazines
    •