Thanks to our #TurrisSentinel #security #research program, #CZNIC #CSIRT team discovered large scale #FTP #attack. Coming from 45.78.4.0/22, it is #bruteforcing #slowly - it takes it 19 day to get through it's #passwords. Big thanks to everybody who helps us by running our #minipots on their devices! Report in #Czech is available on CSIRT website https://csirt.cz/cs/kyberbezpecnost/aktualne-z-bezpecnosti/distribuovany-ftp-bruteforcer/

脱・机上セキュリティ！開発未経験CSIRTが挑むWeb技術習得記
https://qiita.com/spooooNN/items/2eee90b3a4924c4cd73d?utm_campaign=popular_items&utm_medium=feed&utm_source=popular_items

#qiita #Webアプリ #CSIRT #学習記録 #セキュリティエンジニア #Webアプリケーション脆弱性診断

Over 22 real contributions and project outcomes came out of our two-day hackathon in Luxembourg, truly impressive work! The collaboration and energy were next-level.

Glad to share that we'll also be hosting a smaller hackathon at @firstdotorg’s annual conference in Copenhagen on Sunday 22nd June . See you there! 💥 #Hackathon #FIRSTcon25

#hackathon #opensource #csirt #cybersecurity

🔗 hackathon.lu 2025 - Outcome and results details https://hackathon.lu/2025/04/11/hackathon.lu-2025-outcome/

🔗 hackathon at FIRSTCON25 https://discourse.ossbase.org/c/hackathon-firstcon25/

A dedicated fediverse account has been created to follow the hackathon topics

@hackathonfirstcon25

@ddu and @gallypette will also coordinate the hackathon with me.

@bobmarvan.bsky.social #csirt https://csirt.cz/en/incident-reporting/form-incidents-reporting/ a nebo policie ČR

@js @paulos E-mailová adresa národního #CSIRT pro nahlašování phishingu a jiného podobného sajrajtu. V rámci možností kontaktují příslušné webhostery a další subjekty, kde se ten sajrajt provozuje.

We are excited to announce that CIRCL has three open positions available.

As a team strongly oriented towards open-source development, we value contributions that drive innovation and strengthen the cybersecurity community. These roles are open to EU citizens, with the workplace based in Luxembourg. If you’re passionate about cybersecurity and open-source collaboration, we encourage you to apply and make a meaningful impact.

• CIRCL - Software Engineer and Intelligence Analyst (software-engineering-analyst)

🔗 https://www.circl.lu/projects/position/software-engineering-analyst/

• CIRCL - Security Analyst and Researcher (Security-Analyst-and-Researcher)

🔗 https://www.circl.lu/projects/position/security-analyst-researcher/

• CIRCL - Incident and Vulnerability Disclosure Coordinator/Analyst (nis2-incident-analyst)

🔗 https://www.circl.lu/projects/position/nis2-incident-analyst/

@circl

#cybersecurity #opensource #europe #csirt #cert #nis2

🇲🇽 160,000 files with personal documents from semanai.tec.mx attendees exposed publicly.

Tried to notify multiple CSIRT teams and the University but in the end had to message a professor at Tec de Monterrey that follows my work to get some help closing this.

Read about it here: https://jltee.substack.com/p/server-from-university-tecmx-exposed-publicly

#cybersecurity #infosec #leak #data #university #mexico #privacy #csirt

FIRST hosted another successful TF-CSIRT Meeting & FIRST Regional Symposium Europe in beautiful Monte Carlo, Monaco this month, co-organized by TF-CSIRT and hosted by CERT Monaco.

The event brought together incident response experts for intensive training, informative sessions and valuable networking opportunities, fostering collaboration within the global cybersecurity community.

Special thanks to FIRST CEO Chris Gibson and our Board of Directors who attended: Dr. Serge Droz, Carlos Leonardo, Michael Hausding, Olivier Caleff, Carlos Alvarez, Mona Elisabeth Østvang, Nadia Yousef, Tracy Bills, Yukako Uchida and Audrey Mnisi Mireku.

Learn more about the event here: https://go.first.org/J5Lnf

#FIRSTEU25 #cybersecurity
#IncidentResponse #CSIRT

MISP playbooks address common use-cases encountered by SOCs, CSIRTs or CTI teams to detect, react and analyse specific intelligence received by MISP: https://misp.github.io/misp-playbooks/

#misp #playbook #soc #csirt #cti

One thing's clear: if you send an abuse notification to NiceNIC, it ends up being really 'nice' for the criminals.

This reminded me of an idea for proxy filtering: filtering based on the domain registrar. Another practical use case for the WHOIS history database.

Is there an open and public list of the worst registrars?

#networksecurity #whois #whosis #cybersecurity #abusehandling #csirt

Vincent Strubel en visite à 🇫🇷 #Toulouse #france #occitanie #csirt #threats #informatique [ https://www.ladepeche.fr/2024/12/10/personne-nest-a-labri-des-menaces-cyber-estime-le-directeur-de-lanssi-12381026.php ]

Die Landesregierung muss EU-Vorgaben zur IT-Sicherheit umsetzen. Damit lässt sich sich viel Zeit. Wie gefährlich ist das?

Die Landesregierung muss EU-Vorgaben zur IT -Sicherheit umsetzen. Damit lässt sich sich viel Zeit. Wie gefährlich ist das?#WDR #Landespolitik #Digitalisierung #IT-Sicherheit #CDU #Grüne #SPD #FDP #NIS2 #Ministerin #Scharrenbach #Opposition #Datenschutzbeauftragte #LDI #Datenschutz #CERT #CSIRT #EU-Kommission #EU-Richtline #Cyberangriff #Hacker #Informationssicherheit
Landesregierung sieht ihre IT-Sicherheit eher gemütlich

We published a blogpost summarizing recent attacks we observed in the DACH region of TA Helldown using a seemingly yet unknown vulnerability in Zyxel Firewall ATP to compromise companies rolling out ransomware. This matches with other reports we are seeing in recent weeks. https://sec-consult.com/blog/detail/ransomgroup-helldown-attacks-on-zyxel-devices/ #ransomware #threatintelligence
#csirt

Forensic analysis of bitwarden self-hosted server

https://www.synacktiv.com/en/publications/forensic-analysis-of-bitwarden-self-hosted-server

#bitwarden #foss #selfhosting #security #synacktiv #csirt

TR-89 - Guidelines for Notifying CSIRT/CERT of Red Teaming and Penetration Testing Exercises - Enhancing Detection and Coordination

🔗 https://www.circl.lu/pub/tr-89/

#csirt #redteaming #cert cybersecurity

FIRST is proud to have partnered on a new guide for policymakers: 'Digital First Responders - The Role of CSIRTs in Developing Countries' 🌐

A collaboration with The World Bank, including expert review from AfricaCERT, NRD & World Bank specialists.

Download free: https://zurl.co/AruG

#CSIRT #CyberSecurity
#infosec #security

Die #NIS2-Richtlinie stärkt die #CyberSicherheit in der #EU, indem sie nationale Cyber-Sicherheitsstrategien und Computer Security Incident Response Teams (#CSIRT) fordert. Zudem erweitert sie den Anwendungsbereich auf neue Sektoren. Lasst uns gemeinsam die Sicherheit erhöhen!

CERTs vs. CSIRTs: Know the Difference!

CERTs (Computer Emergency Response Teams) and CSIRTs (Computer Security Incident Response Teams) are both critical components of an organization’s cybersecurity strategy, but they serve distinct roles.

#Cybersecurity #CERT #CSIRT #IncidentResponse #SecurityAwareness #ProactiveDefense #ReactiveResponse #infosectrain #learntorise

Global Cybersecurity Index 2024: l’Italia e’ un "Paese modello": L’Italia risulta essere un "Paese modello" per la sua postura nella cybersicurezza. A sostenerlo e’ l’International Telecommunication Union, agenzia delle...
#GlobalCybersecurityIndex2024 #CSIRT #ACN #InternationalTelecommunicationUnion #ransomware http://dlvr.it/TFbF2D

We're glad announce the release of Flowintel v1.2.0, a powerful and flexible case management tool written in Python! This version brings key enhancements to boost efficiency and streamline workflows, with new features like MISP-objects support, subtasks, and significant UI updates.

@misp

🔗 https://github.com/flowintel/flowintel/releases/tag/1.2.0

#casemanagement #infosec #opensource #threatintel #misp #csirt #cert