🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

Sunday morning musings. Many of our security "standards" are written in the form of "Have good dental hygeine" instead of "brush x2/day, floss, see dentist yearly". Then, when we get a security "cavity", we are shocked and appalled. Some examples (plz correct if I'm wrong) 1/x

The first wave of acceptance notifications for workshops, training sessions, and talks has been sent to the speakers. The initial version of the agenda will be published on Monday. #hacklu #infosec #conference #cybersecurity

AIL Project version 5.7 released with many improvements with 2FA support, multi-organisation support, improved chat monitoring and more. ail-project.org/blog/2024/09/1… #darkweb #threatintelligence #threatintel #telegram #infosec

Post by Black Lotus Labs on a large multi-tiered botnet operated by Flax Typhoon. Tier2 nodes can be identified by TLS certificate with random alphanumeric domain name in subject/issuer DN. blog.lumen.com/derailing-the-… #CTI #botnet #iot

The first version of the #hacklu 2024 agenda is now live. Check it out here: 2024.hack.lu/agenda/ Don't miss out—join us for this year's edition! #infosec #conference #Luxembourg

Omg, Saâd Kadhi (M: https://infosec.exchange/@saadk) , Adel Ka , Alexandre Dulaunoy @[email protected] , Raphaël Vinot - @[email protected], Thomas Patzke, tomchop, David -- 🇪🇺 😈 🇧🇪 , Ange , Hilko Bengen / @[email protected] and so many more. What is this, a conference or a DREAM team from all recorded speakers ever from Cooper? What a line up.

hack.lu 2024 Wraps Up a Thrilling 18th Edition with Global Participation and Networking Highlights hack.lu/blog/hack.lu-2… #infosec #hacklu2024 #hacklu #conference #threatintelligence

New features in vulnerability lookup includes sighting from different sources including MISP (@[email protected]) communities. The example below is a vulnerability in Android but the CVE is not yet published. You can track the sighting evolution. vulnerability.circl.lu/vuln/CVE-2024-… #vulnerability #cve

CVEs have now been assigned: unit42.paloaltonetworks.com/cve-2024-0012-… security.paloaltonetworks.com/CVE-2024-0012 security.paloaltonetworks.com/CVE-2024-9474 6642 IPs found exposed on 2024-11-17 (down from around 11K): dashboard.shadowserver.org/statistics/iot… As a reminder, IP data is shared in our Device ID report daily: shadowserver.org/what-we-do/net…

We see CVE-2024-0012 exploitation attempts since Nov 18th. We are now also observing CVE-2024-9474. IoCs: unit42.paloaltonetworks.com/cve-2024-0012-… Check for signs of compromise and patch: security.paloaltonetworks.com/CVE-2024-0012 security.paloaltonetworks.com/CVE-2024-9474 For additional background - labs.watchtowr.com/pots-and-pans-…

MISP 2.4.200 and 2.5.2 released - Post Hack.lu release with many new features. New feature such as Ad-Hoc Workflows, Private Custom Galaxies, Tags on Event Report, new features in event report & improved PDF export. misp-project.org/2024/11/19/MIS… #ThreatIntel #cti

Apple Fixes Two Exploited Vulnerabilities on Intel-based Mac System #vulnerability #vulnerabilities #cybersecurity #infosec #apple 🔗 vulnerability.circl.lu/bundle/ad1ae2c…

We’re delighted to announce the release of Vulnerability-Lookup 2.2.0, packed with enhancements, new features, and bug fixes. Online version: vulnerability.circl.lu Release notes: github.com/cve-search/vul… #cve #vulnerability #vulnerabilities #opensource #CyberSecurity

There's a wealth of useful threat data available via Rösti, Repackaged Öpen Source Threat Intelligence. Formats include STIX, JSON, CSV and MISP. Provided by Johannes Bader . And now also available as a default MISP (@[email protected]) feed. Check out rosti.bin.re

If you’re using Let's Encrypt certificates it becomes time to setup a certificate expiration monitor (if you haven’t done already).

💡Operational teams responsible for #cybersecurity in European Union countries will be equipped with an AI-based toolkit that will significantly facilitate their work. We are proud that the NASK Institute is leading the international consortium that will implement the project

Did you know that since v3.0.0 of misp-modules and v3.0.1 of misp-docker/misp-modules it is possible to load custom misp-modules without building your own image? Just drop them in the corresponding /custom/ directory. github.com/MISP/misp-dock… github.com/MISP/misp-dock…

I created a small parser for Minimedusa (the MegaMedusa configuration, an L7 DDoS tool). It uses TEAM CYMRU Whois, CIRCL - @[email protected] Passive DNS service and an RDNS lookup for enrichment. There's also a MISP JSON to import the feed in MISP (@[email protected]) github.com/cudeso/tools/t…

CFP REMINDER: D-15 Hurry up, it's time to submit your Security & Free SW talk or workshop! ➡️ cfp.pass-the-salt.org/pts2025/cfp 📅 deadline: sunday March, 30 midnight! ✉️ a question? send it to [email protected] 👍 🙏RT appreciated!

For the last few days we are also scanning & reporting out exposed Ingress NGINX Controller for Kubernetes (Admission Controller feature). These may possibly be also vulnerable to CVE-2025-1974 & other recently disclosed vulnerabilities. We see around 4000 IPs exposed.