News

• MISP - Information sharing for the financial sector - 27th May 2016
• TR-45 - Data recovery techniques published - 12th May 2016
• MISP - Malware Information Sharing Platform & Threat Sharing - Training Materials released - 24th March 2016
• TR-44 - Information security - laws and specific rulings in the Grand Duchy of Luxembourg published - 15th March 2016
• Information Sharing and Cyber Security - The Benefits of the Malware Information Sharing Platform (MISP) - 18th February 2016
• CIRCL training catalogue 2016 published - 15th February 2016
• MISP training in Luxembourg on March 22, 2016 - 11th January 2016
• TR-43 - Installing MPSS 3.6.1 to use a Intel Xeon Phi Coprocessor on Ubuntu Trusty 14.04 LTS published - 11th January 2016
• New MSc and PhD internships at CIRCL including AIL and Crawling-Analysis Extensions - 4th January 2016
• TR-42 - CVE-2015-7755 - CVE-2015-7756 - Critical vulnerabilities in Juniper ScreenOS - 21st December 2015
• TR-41 - Crypto Ransomware - Défenses proactives et de réponse sur incident - 1st December 2015
• TR-41 - Crypto Ransomware - Proactive defenses and incident response - 1st December 2015
• The first international Malware Information & Threat Sharing Platform Summit - 2nd October 2015
• BGP Ranking used as key evaluation reference in an international academic paper - 28th September 2015
• TR-40 - Allaple worm activity in 2015 and long-term persistence of worm (malware) in Local Area Networks - Friday 25th September 2015
• Passive SSL - API version 2 available with new functionalities - Thursday 27th August 2015
• Various fixes and updated to the CIRCL Common Vulnerabilities and Exposures search API - Monday 27th July 2015
• 4 security advisories published - Wednesday 1st July 2015
• Meet CIRCL at FIRST Annual Conference in Berlin - Friday 11th June 2015
• TR-38 - Attaques visant les solutions bancaires d’entreprise - Recommandations - Thursday 28th May 2015
• CIRCLean version 1.3 including critical security fix - Thursday 28th May 2015
• Phishing-Initiative Luxembourg inauguré pendant l’ICTSpring 2015 - Friday 22nd May 2015
• TR-38 - Attacks targeting enterprise banking solutions - recommendations and remediations - Monday 18th May 2015
• TR-37 - VENOM / CVE-2015-3456 - Critical vulnerability in QEMU Floppy Disk Controller (FDC) emulation - Thursday 14th May 2015
• Improving WordPress security with TR-36 Example setup of WordPress with static export - Tuesday 28th April 2015
• Luxembourg National Anti-Botnet Support Center joins the European Advanced Cyber Defence Centre - Thursday 26th March 2015
• cve.circl.lu new version released with a new public API - Monday 23rd March 2015
• CIRCLean 1.2 released - USB key sanitizer - Tuesday 11th March 2015
• CIRCL releases the source code of its URL Abuse software - Thursday 5th March 2015
• TR-33 - Analysis - CTB-Locker / Critroni - Tuesday 17th February 2015
• TR-32 - key-value store and NoSQL security recommendations - Tuesday 10th February 2015
• A new wave of crypto ransomware targeting Luxembourg - Thursday 5th February 2015
• TR-31 - GHOST / CVE-2015-0235 - glibc vulnerability - gethostbyname - Thursday 29th January 2015
• CIRCL Responsible Vulnerability Disclosure process is publicly available - Thursday 29th January 2015
• TR-08 CIRCL automatic launch object detection for Mac OS X software updated including the fix for OS X Yosemite - Friday 23rd January 2015
• TR-30 - Acquisition Support Tools for Local Incident Response Team (LIRT) published - Tuesday 20th January 2015
• New CIRCL Passive SSL services available - Friday 9th January 2015
• TR-29 - NTP (Network Time Protocol) daemon - ntpd - critical vulnerabilities published - Monday December 22nd 2014
• The Inception Framework - Cloud-Hosted Targeted Malware Framework - Monday December 15th 2014
• Hack.lu - 10 years of success and 2015 edition announced - Thursday November 27th 2014
• Sharing Threat Indicators and Security Ranking, an opportunity for the Internet Community - Tuesday November 18th 2014
• Two new Python libraries published to access CIRCL services: PyMISP and Passive DNS Python Library - Monday November 10th 2014
• A new version of CIRCLean, the USB key sanitizer including major bug fixes - Tuesday October 28th 2014
• TR-28 - SSLv3 vulnerability and how to disable SSLv3 - CVE-2014-3566 - Wednesday October 15th 2014
• A new version of CIRCLean, the USB key sanitizer, released including NTFS support and security fixes - Tuesday October 1st 2014
• TR-27 - GNU Bash Critical Vulnerability - CVE-2014-6271 - CVE-2014-7169 published - Wednesday September 24th 2014
• CIRCL warns about spear phishing scams targeting corporate executives and their accounting department - Monday September 15th 2014
• New scholarships and internships positions at CIRCL published - Thursday August 28th 2014
• First version of Analysis Information Leak framework released - Wednesday August 7th 2014
• TR-25 - Analysis of Turla/Pfinet/Snake/Uroburos/Pfinet published - Thursday July 10th 2014
• TR-14 - Analysis of a stage 3 Miniduke malware sample updated to include the loader diagram due to the F-Secure report CosmicDuke: Cosmu With a Twist of MiniDuke
• Workshop Invitation: Discover the CIRCLean – a USB key sanitizer to avoid malware infections - Tuesday July 8th 2014 (4 PM-6PM) at the Technoport Belval
• Data Feeds of Common Vulnerabilities and Exposures (CVE) with Luxembourgian Ranking - Thu June 19 2014
• CIRCL becomes member of the international Forum of Incident Response and Security Teams (FIRST) and will be at the FIRST annual conference in Boston - Mon June 16 2014
• TR-22 Recommendations for Readiness to Handle Computer Security Incidents includes a set of practical recommendations on how to gather technical evidences (memory, filesystem or network) - Fri June 6 2014
• TR-24 Analysis - Destory RAT family published including a comparison with all known malware family members (PlugX, Gulpix, Korplug, Destory, Thoper, Sogu, TVT) - Tue June 3 2014
• Malware Information Sharing Platform (MISP) - Thu May 22 2014
• A new version of CIRCLean USB key sanitizer released. A hardware device to clean documents from untrusted USB sticks - Wed May 21 2014
• Information Sharing Cornerstone in Incident Detection and Handling at DBIR Paris - Thu May 15 2014
• Presentation about Darknet and blackhole monitoring at Honeynet project in Warsaw PDF - Mon May 12 2014
• CIRCL published TR-23 Analysis - NetWiredRC malware - Thu Apr 24 2014
• CIRCL takes part in the 2014 Data Breach Investigation Report - Wed Apr 23 2014
• Critical vulnerability in OpenSSL 1.0.1 through 1.0.1f (inclusive) or 1.0.2-beta TLS heartbeat read overrun (CVE-2014-0160) leaking memory (e.g. secret keys).
• Dynamic Malware Analysis Platform info page published - Mon Apr 7 2014
• Panopticon - A System for a Network of Trusted Proxy Servers project is now open to CERTs and incident handlers - Mon Apr 7 2014
• IP to ASN Mapping Service with History is now publicly accessible - Wed Apr 2 2014
• In the light of the data protection day, CIRCL gave a talk “An Overview of Security Incidents Targeting Citizen How the Attackers Are Deceiving Us?” at the European Parliament - Tue Mar 25 2014
• Port evolution: a software to find the shady IP profiles in Netflow published - Tue Feb 18 2014
• A large scale abuse of CPE equipments from AVM (FRITZ!Box) vulnerable to a remote authentication bypass was disclosed on February 2014. The “Control Management Interface” recommendation described in CIRCL technical report TR-18 would have limited the impact of this attack.
• Passive DNS - Common Output Format presentation given at the TF-CSIRT conference in Zurich - Thu Feb 13 2014
• CIRCL Training And Technical Courses Catalogue 2014 published - Wed Jan 29 2014
• UDP Protocols Security - Recommendations To Avoid or Limit DDoS amplification - Thu Jan 23 2014
• Analysis of a PlugX malware variant updated with a loader to ease analysis - Fri Jan 17 2014
• PBX and VoIP Security - Recommendations published - Mon Dec 16 2013
• Open internship positions in 2014 published - Mon Dec 16 2013
• Java.Tomdep (Apache Tomcat Malware) - Information, Detection and Recommendation published - Fri Nov 22 2013
• CIRCLean (USB cleaner) new version of the image released - Thu Oct 17 2013
• HoneyBot Services - Client Data Collection - Mon Oct 14 2013
• Hand of Thief/Hanthie Linux Malware - Detection and Remediation published - Wed Aug 28 2013
• Malware Information Sharing Platform or How to Share Efficiently IOCs Within a Country - Fri Jul 26 2013
• CIRCLean a hardware and software solution to clean malicious documents from unknown USB drives released (BETA) - Fri Jul 26 2013
• Malware analysis report of a stage 3 Miniduke malware sample publicly published - Thu May 30 2013
• Malware analysis report of a Backdoor.Snifula variant publicly published - Wed May 29 2013
• A real-time map of the attacks targeting Luxembourg is now published - Tue Apr 23 2013
• Updated version of CIRCL automatic launch object detection for Mac OS X released - Wed Apr 10 2013
• Analysis of a PlugX malware variant used for targeted attacks - Fri Mar 29 2013
• Security Flaws in Universal Plug and Play (UPnP) - Disable UPnP - Wed Jan 30 2013
• Another Perspective to IP-Darkspace Analysis - presented at TF-CSIRT/FIRST 2013 - Tue Jan 29 2013
• How to detect Red October / Sputnik malware published - Wed Jan 16 2013
• Malware/Ransomware Discovery and potential Removal (Windows 7) published - Thu Nov 02 2012
• CIRCL Q4 2010-2011 trend report released - Wed Aug 29 2012
• Updated version of CIRCL automatic launch object detection for Mac OS X released - Fri Apr 27 2012
• CIRCL automatic launch object detection for Mac OS X released - Fri Apr 20 2012
• incident handling guidelines added - Tue Mar 20 2012
• dns-ok.lu to check if you are infected with the DNS Changer malware - Wed Feb 29 2012
• TR-06 - DigiNotar incident and general SSL/TLS security consequences - Wed Sep 7 2011
• SSL/TLS Security of Servers in Luxembourg - Mon Aug 22 2011
• CIRCL is on Twitter - Fri May 13 2011
• CIRCL technical report about the security of iOS based devices: CIRCL-TR_2011-01_iOSi - Tue Feb 8 2011

Press release

Twitter

CIRCL is also on Twitter as circl_lu. Don’t hesitate to follow us.

• We will do a @MISPProject training in Brussels (5/09) https://t.co/fJFrf9Auc7 if you want to learn more about the #ThreatIntel plaform https://www.eventbrite.com/e/misp-training-the-brussels-edition-circl-certeu-tickets-26818916100” at 2016-08-22 08:19:05
• Memory Permission Weakness in Citrix XenApp and XenDesktop https://t.co/63GpxI31au https://cve.circl.lu/cve/CVE-2016-6493” at 2016-08-21 08:46:27
• RT @Secnewsbytes: MISP training, “the Brussels Edition”, CIRCL in collaboration with CERT.EU - September 5th 2016 https://t.co/hVzkhNrTSk http://www.misp-project.org/2016/08/11/MISP-Training-in-Brussels.html” at 2016-08-20 09:15:07
• RT @xanda: Locky Ransomware Distributed Via DOCM Attachments in Latest Email Campaigns https://t.co/713CxdlIQF https://www.fireeye.com/blog/threat-research/2016/08/locky_ransomwaredis.html” at 2016-08-20 08:24:33
• IOMobileFrameBuffer in Apple iOS before 9.3.4 allows attackers to execute arbitrary code in a privileged context https://t.co/s8uhJNnLxV https://cve.circl.lu/cve/CVE-2016-4654” at 2016-08-19 18:01:29
• RT @cudeso: Next @MISPProject Training in Brussels on 5-Sep https://t.co/fhUar2btDF #misp http://www.misp-project.org/2016/08/11/MISP-Training-in-Brussels.html” at 2016-08-19 17:52:15
• RT @MISPProject: The lead developer of MISP @Iglocska will be at #SuriCon to talk about the current NIDS integration and its future https:/… https://twitter.com/OISFoundation/status/766259124220952576” at 2016-08-19 17:52:03

RSS

CIRCL RSS Feed