Recent highlights
TR-54 - Sextortion scam emails - I know your password- 2nd August 2018
Meltdown and Spectre Bugs in modern computers leak passwords and sensitive data - 3rd January 2018
TR-50 - WPA2 handshake traffic can be manipulated to induce nonce and session key reuse - 16th October 2017
TR-49 - CVE-2017-7494 - A critical vulnerability in Samba - remote code execution from a writable share - 26th May 2017
MS17-010 is critical and patches MUST BE applied. including EOL Windows. - 12th May 2017
TR-46 - Information Leaks Affecting Luxembourg and Recommendations (regularly updated) - 22nd December 2016
TR-42 - CVE-2015-7755 - CVE-2015-7756 - Critical vulnerabilities in Juniper ScreenOS - 21st December 2015
TR-41 (fr) - Crypto Ransomware - Défenses proactives et réponse sur incident - 1st December 2015
TR-41 - Crypto Ransomware - Proactive defenses and incident response - 1st December 2015
TR-38 (fr) - Attaques visant les solutions bancaires d'entreprise - Recommandations - 28th May 2015
TR-38 - Attacks targeting enterprise banking solutions - recommendations and remediations - 19th May 2015
TR-37 - VENOM / CVE-2015-3456 - Critical vulnerability in QEMU Floppy Disk Controller (FDC) emulation - 14th May 2015
TR-36 Example setup of WordPress with static export Another approach to secure your WordPress CMS - 29th April 2015
TR-33 Analysis - CTB-Locker / Critroni - 18th February 2015
A new wave of crypto ransomware targeting Luxembourg - Une nouvelle vague de ransomware cible le Luxembourg - 5th February 2015
glibc: buffer overflow in gethostbyname - 27th January 2015
NTP (Network Time Protocol) daemon - ntpd - critical vulnerabilities - 22nd December 2014
TR-27 - GNU Bash Critical Vulnerability - CVE-2014-6271 - CVE-2014-7169 - 24th September 2014
CIRCL warns about spear phishing scams targeting corporate executives and their accounting department - 14th September 2014
Latest CIRCL tweets
- RT @VARIoT_project: The #VARIoT project (Vulnerability and Attack Repository for IoT) offers IoT related #OpenData and MISP integration of… 2019-10-07 13:44:13
- "Intellian Remote Access 3.18 allows remote attackers to execute arbitrary OS commands via shell metacharacters in… https://t.co/bnKsrpogMk https://twitter.com/i/web/status/1181151843742822401 2019-10-07 10:18:38
- RT @ptracesecurity: Breaking AES128 with Multi-Bit DPA https://t.co/gGWGzVV1ap #Pentesting #IoTSecurity #Hacking #Infosec https://t.co/B… https://crysec.dev/2019/08/25/breaking-aes128-with-multi-bit-dpa.html 2019-10-06 15:38:26
- "Uncontrolled deserialization of a pickled object in https://t.co/TxW5NCrq5e in Frost Ming rediswrapper (aka Redis… https://t.co/3V3uHhpHRb http://models.pyhttps://twitter.com/i/web/status/1180847832233861120 2019-10-06 14:10:36
- RT @cve_search: cve-search v2.4 released including many bugs fixed and web interface improvements. Thanks to the contributors and a special… 2019-10-06 11:11:13
- RT @MISPProject: Agenda and talks are now published for the MISP summit 0x5 which will take place Monday, Oct. 21, 2019 in Luxembourg https… 2019-10-04 14:29:37
- RT @abuse_ch: Top TrickBot infected countries. The vast amount of infections are located in the🇺🇸US, followed by 🇪🇸Spain, 🇩🇪Germany, 🇨🇦Ca… 2019-10-04 09:06:21



