The Computer Incident Response Center Luxembourg (CIRCL) is a government-driven initiative designed to gather, review, report and respond to computer security threats and incidents.

OUR SERVICES
MISP Logo
Malware Information Sharing Platform (MISP) and Threat Sharing Platform
DMA Logo
Dynamic Malware Analysis Platform (DMA)
USB Logo
Clean documents from untrusted USB keys / sticks
DNS Logo
Database storing historical DNS records
More services

Recent highlights

TR-58 - CVE-2020-0796 - Critical vulnerability in Microsoft SMBv3 - status and mitigation - 11th March 2020

TR-54 - Sextortion scam emails - I know your password- 2nd August 2018

Meltdown and Spectre Bugs in modern computers leak passwords and sensitive data - 3rd January 2018

TR-50 - WPA2 handshake traffic can be manipulated to induce nonce and session key reuse - 16th October 2017

TR-49 - CVE-2017-7494 - A critical vulnerability in Samba - remote code execution from a writable share - 26th May 2017

MS17-010 is critical and patches MUST BE applied. including EOL Windows. - 12th May 2017

TR-46 - Information Leaks Affecting Luxembourg and Recommendations (regularly updated) - 22nd December 2016

TR-42 - CVE-2015-7755 - CVE-2015-7756 - Critical vulnerabilities in Juniper ScreenOS - 21st December 2015

TR-41 (fr) - Crypto Ransomware - Défenses proactives et réponse sur incident - 1st December 2015

TR-41 - Crypto Ransomware - Proactive defenses and incident response - 1st December 2015

TR-38 (fr) - Attaques visant les solutions bancaires d'entreprise - Recommandations - 28th May 2015

TR-38 - Attacks targeting enterprise banking solutions - recommendations and remediations - 19th May 2015

TR-37 - VENOM / CVE-2015-3456 - Critical vulnerability in QEMU Floppy Disk Controller (FDC) emulation - 14th May 2015

TR-36 Example setup of WordPress with static export Another approach to secure your WordPress CMS - 29th April 2015

TR-33 Analysis - CTB-Locker / Critroni - 18th February 2015

A new wave of crypto ransomware targeting Luxembourg - Une nouvelle vague de ransomware cible le Luxembourg - 5th February 2015

glibc: buffer overflow in gethostbyname - 27th January 2015

NTP (Network Time Protocol) daemon - ntpd - critical vulnerabilities - 22nd December 2014

The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, are vulnerable to critical padding oracle attack - CVE-2014-3566

TR-27 - GNU Bash Critical Vulnerability - CVE-2014-6271 - CVE-2014-7169 - 24th September 2014

CIRCL warns about spear phishing scams targeting corporate executives and their accounting department - 14th September 2014

[Previous news]

Latest CIRCL tweets

  • RT @LU_CIX: And we're back with the keynote speech of @adulau from @circl_lu: How threat intelligence and information sharing can save you… 2020-11-18 13:25:45
  • RT @GSMA: Final chance to register for the #GSMA T-ISAC MISP virtual workshop with @circl_lu! Learn how to input #telco related #cyber th… 2020-11-17 12:02:59
  • "A flaw was found in Keycloak before version 12.0.0, where it is possible to add unsafe schemes for the redirect_ur… https://t.co/8mlNhTcSaK https://twitter.com/i/web/status/1328657602641793024 2020-11-17 11:13:52
  • @AusCERT @Misp This is really cool, automation and fast information sharing in @MISPProject is always a gain for the defenders. 2020-11-17 10:25:36
  • "Multiple vulnerabilities in the Java deserialization function that is used by Cisco Security Manager could allow a… https://t.co/eRzSE0TkuG https://twitter.com/i/web/status/1328634159028432896 2020-11-17 09:40:42
  • In case you didn't patch CVE-2020-14841 because the CVSS is 7.5 ;-) https://t.co/OdhaxmqPXX https://twitter.com/pyn3rd/status/1328543537864970241 2020-11-17 08:22:44
  • RT @Iglocska: Later on today, @treyka and I will be presenting on how - and most importantly - why you should go beyond sharing simple indi… 2020-11-17 08:20:29

Search