Recent highlights
New online service - Pandora Document and File Analysis - 7th March 2022
TR-68 - Best practices in times of tense geopolitical situations - 1st March 2022
TR-65 - Vulnerabilities and Exploitation of Log4j (Remote code injection in Log4j)
CIRCL hash lookup is a public API to lookup hash values against known database of files. - 8th July 2021
TR-61 - Critical vulnerabilities in Microsoft Exchange - 11th March 2021
TR-58 - CVE-2020-0796 - Critical vulnerability in Microsoft SMBv3 - status and mitigation - 11th March 2020
TR-54 - Sextortion scam emails - I know your password- 2nd August 2018
Meltdown and Spectre Bugs in modern computers leak passwords and sensitive data - 3rd January 2018
TR-50 - WPA2 handshake traffic can be manipulated to induce nonce and session key reuse - 16th October 2017
TR-49 - CVE-2017-7494 - A critical vulnerability in Samba - remote code execution from a writable share - 26th May 2017
MS17-010 is critical and patches MUST BE applied. including EOL Windows. - 12th May 2017
TR-46 - Information Leaks Affecting Luxembourg and Recommendations (regularly updated) - 22nd December 2016
TR-42 - CVE-2015-7755 - CVE-2015-7756 - Critical vulnerabilities in Juniper ScreenOS - 21st December 2015
TR-41 (fr) - Crypto Ransomware - Défenses proactives et réponse sur incident - 1st December 2015
TR-41 - Crypto Ransomware - Proactive defenses and incident response - 1st December 2015
TR-38 (fr) - Attaques visant les solutions bancaires d'entreprise - Recommandations - 28th May 2015
TR-38 - Attacks targeting enterprise banking solutions - recommendations and remediations - 19th May 2015
TR-37 - VENOM / CVE-2015-3456 - Critical vulnerability in QEMU Floppy Disk Controller (FDC) emulation - 14th May 2015
TR-36 Example setup of WordPress with static export Another approach to secure your WordPress CMS - 29th April 2015
TR-33 Analysis - CTB-Locker / Critroni - 18th February 2015
A new wave of crypto ransomware targeting Luxembourg - Une nouvelle vague de ransomware cible le Luxembourg - 5th February 2015
glibc: buffer overflow in gethostbyname - 27th January 2015
NTP (Network Time Protocol) daemon - ntpd - critical vulnerabilities - 22nd December 2014
TR-27 - GNU Bash Critical Vulnerability - CVE-2014-6271 - CVE-2014-7169 - 24th September 2014
CIRCL warns about spear phishing scams targeting corporate executives and their accounting department - 14th September 2014
Latest CIRCL tweets
- "FANTEC GmbH MWiD25-DS Firmware v2.000.030 allows unauthenticated attackers to access and download arbitrary files… https://t.co/6Md6GmeoZW https://twitter.com/i/web/status/1511964050661556229 2022-04-07 07:08:15
- RT @MISPProject: Glad to see @ServiceSsu and @NATO working together to share information and threat intelligence using MISP. https://t.co/… 2022-04-06 12:39:41
- "Apperta Foundation OpenEyes 3.5.1 allows remote attackers to view the sensitive information of patients without ha… https://t.co/tLhLYCokU8 https://twitter.com/i/web/status/1511605914293485575 2022-04-06 07:25:08
- An authentication bypass vulnerability in the CGI program of Zyxel USG/ZyWALL , USG FLEX, ATP series VPN, and NSG,… https://t.co/5LSI2H6qoS https://twitter.com/i/web/status/1511233962953388033 2022-04-05 06:47:08
- "BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR rec… https://t.co/kBlYtLBAEn https://twitter.com/i/web/status/1510871438789853185 2022-04-04 06:46:36
- FYI, the old IP ASN History is archived at @circl_lu and it is now https://t.co/XnN40CS9zO under the @d4_project and maintained over there. https://github.com/D4-project/IPASN-History 2022-04-01 14:50:39
- "GitLab Critical Security Release: 14.9.2, 14.8.5, and 14.7.7" https://t.co/jPOTY05kFn To scan your @gitlab serve… https://t.co/PBu8t8yQ6L https://about.gitlab.com/releases/2022/03/31/critical-security-release-gitlab-14-9-2-released/https://twitter.com/i/web/status/1509898433280319490 2022-04-01 14:20:13