TR-88 - Motivation, procedure and rational for leaked credential notifications |
30 August 2024 |
Learning from the Recent Windows/Falcon Sensor Outage: Causes and Potential Improvement Strategies in Linux Using Open Source Solutions |
23rd July 2024 |
TR-87 - CrowdStrike Agent causing BSOD loop on Windows - Faulty Update on Falcon Sensor |
19th July 2024 |
TR-86 - Check Point VPN Information Disclosure (CVE-2024-24919) - Actively Exploited |
31st May 2024 |
TR-85 - Three vulnerabilities in Cisco ASA software/applicance and FTD software being exploited |
25th April 2024 |
TR-84 - PAN-OS (Palo Alto Networks) OS Command Injection Vulnerability in GlobalProtect Gateway - CVE-2024-3400 |
12th April 2024 |
TR-83 - Linux Boot Hardening HOWTO |
3rd April 2024 |
TR-82 - backdoor discovered in xz-utils - CVE-2024-3094 |
30th March 2024 |
TR-81 - Critical FortiOS vulnerabilities in sslvpnd and fgfmd |
9 February 2024 |
TR-80 - Targeted SMS and fake phone center call targeting financial/banking services |
7 February 2024 |
TR-79 - AnyDesk Incident and Potential Associated Supply Chain Attack |
5 February 2024 |
TR-78 - CVE-2023-46805 (Authentication Bypass) & CVE-2024-21887 (Command Injection) for Ivanti Connect Secure and Ivanti Policy Secure Gateways |
11 January 2024 |
TR-77 - Spear phishing and voice call scams targeting corporate executives and their accounting department |
30 August 2023 |
TR-76 - Multiple high severity vulnerabilities in CODESYS V3 SDK could lead to RCE or DoS |
14 August 2023 |
TR-75 - Unauthenticated remote code execution vulnerability in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) - CVE-2023-3519 |
21 July 2023 |
TR-74 - A heap-based buffer overflow vulnerability (CWE-122) in FortiOS - CVE-2023-27997 |
5 July 2023 |
TR-73 - Ransomware FAQ |
7 March 2023 |
TR-72 - Vulnerable Microsoft Exchange server metrics leading to alarming situation |
21 February 2023 |
TR-71 - FortiOS - heap-based buffer overflow in sslvpnd (exploited) - FortiOS SSL-VPN - CVE-2022-42475 |
13 December 2022 |
TR-70 - Vulnerabilities in Microsoft Exchange CVE-2022-41040 - CVE-2022-41082 |
30 September 2022 |
TR-69 - How to choose an ICT supplier from a security perspective |
13 June 2022 |
TR-68 - Best practices in times of tense geopolitical situations |
28 February 2022 |
TR-67 - local privilege escalation vulnerability in polkit’s pkexec utility |
26 January 2022 |
TR-66 - Webservers with mod_status like debug modules publicly available leak information |
15 December 2021 |
TR-65 - Vulnerabilities and Exploitation of Log4j (Remote code injection in Log4j) |
10 December 2021 |
TR-64 - Exploited Exchange Servers - Mails with links to malware from known/valid senders |
10 November 2021 |
TR-63 - Vulnerabilities and Exploitation of Pulse Connect Secure |
21 April 2021 |
TR-62 - Leak of Facebook Data from 533 Million Users |
6 April 2021 |
TR-61 - Critical vulnerabilities in Microsoft Exchange |
12 March 2021 |
TR-60 - Phishing - Effects and precautions |
26 June 2020 |
TR-59 - Remote Work - In times of a crisis |
18 March 2020 |
TR-58 - CVE-2020-0796 - Critical vulnerability in Microsoft SMBv3 - status and mitigation |
11 March 2020 |
TR-57 - Ransomware - Effects and precautions |
10 December 2019 |
TR-56 - HTTP Strict Transport Security |
19 March 2019 |
TR-55 - SquashFu - an alternate Open Source Backup solution, resilient to Crypto Ransomware attacks |
12 September 2018 |
TR-54 - Sextortion scam emails - I know your password |
3 August 2018 |
TR-53 - Statement about WHOIS and GDPR |
12 April 2018 |
TR-52 - Forensic Analysis of an HID Attack |
5 February 2018 |
TR-51 - How to react to fraudulent acts of third party invoicing or requesting funds without showing any purchase order |
23 November 2017 |
TR-50 - WPA2 handshake traffic can be manipulated to induce nonce and session key reuse |
16 October 2017 |
TR-49 - CVE-2017-7494 - A critical vulnerability in Samba - remote code execution from a writable share |
26 May 2017 |
TR-48 - Cyber-Threats Indicators Sharing, security-related actionable information and future of Personal Data Protection framework in the EU - MISP and GDPR |
6 March 2017 |
TR-47 - Recommendations regarding Abuse handling for ISPs and registrars |
23 February 2017 |
TR-46 - Information Leaks Affecting Luxembourg and Recommendations |
17 February 2017 |
TR-45 - Data recovery techniques |
12 May 2016 |
TR-44 - Information security - laws and specific rulings in the Grand Duchy of Luxembourg |
15 March 2016 |
TR-43 - Installing MPSS 3.6.1 to use a Intel Xeon Phi Coprocessor on Ubuntu Trusty 14.04 LTS |
11 January 2016 |
TR-42 - CVE-2015-7755 - CVE-2015-7756 - Critical vulnerabilities in Juniper ScreenOS |
21 December 2015 |
TR-41 (de) - Crypto Ransomware - Vorsichtsmaßnahmen und Verhalten im Infektionsfall |
19 May 2016 |
TR-41 (fr) - Crypto Ransomware - Défenses proactives et de réponse sur incident |
19 May 2016 |
TR-41 - Crypto Ransomware - Proactive defenses and incident response |
13 May 2017 |
TR-40 - Allaple worm activity in 2015 and long-term persistence of worm (malware) in Local Area Networks |
24 September 2015 |
TR-39 - CIRCL-SOPs Standard Operational Procedures |
30 July 2015 |
TR-38 - Attacks targeting enterprise banking solutions - recommendations and remediations |
9 May 2017 |
TR-37 - VENOM / CVE-2015-3456 - Critical vulnerability in QEMU Floppy Disk Controller (FDC) emulation |
14 May 2015 |
TR-36 - Example setup of WordPress with static export |
28 April 2015 |
TR-34 - How to view and extract raw messages in common email clients |
13 March 2015 |
TR-33 - Analysis - CTB-Locker / Critroni |
17 February 2015 |
TR-32 - key-value store and NoSQL security recommendations |
10 February 2015 |
TR-31 - GHOST / CVE-2015-0235 - glibc vulnerability - gethostbyname |
29 January 2015 |
TR-30 - Acquisition Support Tools for Local Incident Response Teams (LIRT) |
16 December 2020 |
TR-29 - NTP (Network Time Protocol) daemon - ntpd - critical vulnerabilities |
2 January 2015 |
TR-28 - The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, are vulnerable to critical padding oracle attack - CVE-2014-3566 |
15 October 2014 |
TR-27 - GNU Bash Critical Vulnerability - CVE-2014-6271 - CVE-2014-7169 |
10 October 2014 |
TR-26 - Security Recommendations for Web Content Management Systems and Web Servers |
28 April 2015 |
TR-25 - Analysis - Turla/Pfinet/Snake/Uroburos/Pfinet |
10 July 2014 |
TR-24 - Analysis - Destory RAT family |
3 June 2014 |
TR-23 - Analysis - NetWiredRC malware |
26 November 2014 |
TR-22 - Practical Recommendations for Readiness to Handle Computer Security Incidents |
15 December 2020 |
TR-21 - OpenSSL Heartbeat Critical Vulnerability |
17 April 2014 |
TR-20 - Port evolution: a software to find the shady IP profiles in Netflow |
18 February 2014 |
Training And Technical Courses Catalogue 2014 |
29 January 2014 |
TR-19 - UDP Protocols Security - Recommendations To Avoid or Limit DDoS amplification |
8 July 2015 |
TR-18 - PBX and VoIP Security - Recommendations |
19 February 2014 |
TR-17 - Java.Tomdep (Apache Tomcat Malware) - Information, Detection and Recommendation |
22 November 2013 |
TR-16 - HoneyBot Services - Client Data Collection |
14 October 2013 |
TR-15 - Hand of Thief/Hanthie Linux Malware - Detection and Remediation |
29 August 2013 |
TR-14 - Analysis of a stage 3 Miniduke malware sample |
3 July 2014 |
TR-13 - Malware analysis report of a Backdoor.Snifula variant |
29 May 2013 |
TR-12 - Analysis of a PlugX malware variant used for targeted attacks |
17 January 2014 |
TR-11 - Security Flaws in Universal Plug and Play (UPnP) |
30 January 2013 |
TR-10 - Red October / Sputnik malware |
16 January 2013 |
TR-09 - Malware Discovery and potential Removal (Windows 7) |
31 August 2012 |
CIRCL 2011 trend report |
29 August 2012 |
TR-08 - CIRCL automatic launch object detection for Mac OS X |
23 January 2015 |
TR-07 - HOWTO find SMTP headers in common Email clients |
13 March 2015 |
TR-06 - DigiNotar incident and general SSL/TLS security consequences |
7 September 2011 |
TR-05 - SSL/TLS Security of Servers in Luxembourg |
22 August 2011 |