In this blog CERT.at's employees can post research and thoughts. This is done with least possible oversight, so opinions in blogposts are not necessary opinions of CERT.at

Alternatively you can receive CERT.at's blog as a feed.

Jun 30

Tools for processing Certificate Transparency Log data of "certspotter" published

The Austrian Energy CERT and GovCERT Austria monitor the Certificate Transparency Logs ("CTL") for their constituents' domains to quickly detect and respond to any problems.

Read more
Written by: Sebastian Wagner
Jun 22

IntelMQ Releases 2.1.3 and 2.2.0

On 26th of May we released the IntelMQ Maintenance Version 2.1.3 and on 18th June the Feature Release 2.2.0. Both versions include various changes, both error corrections and new functionality. We thank all contributors and members of the IntelMQ community for their participation in this community project.

Read more
Written by: Sebastian Wagner
Apr 28

IntelMQ Manager release 2.1.1 fixes critical security issue

The IntelMQ Manager version 2.1.1 released yesterday fixes a Remote Code Execution flaw (CWE-78: 'OS Command Injection'). The documentation for version 2.1.1 and installation instructions can be found on our GitHub repository.

Read more
Written by: Sebastian Wagner
Jan 29

IntelMQ Version 2.1.2 released

On 28th January, we released the IntelMQ maintenance version 2.1.2 containing only bugfixes for the 2.1.x release series. The documentation for version 2.1.2 and installation instructions can be found on our github repository.

The upcoming version 2.2.0 - and current development version - will have several new features to offer.

Read more
Written by: Sebastian Wagner
Jan 29

TRANSITS II in Utrecht

Dimitri Robl from CERT.at attended the TRANSITS II Training in Utrecht from 21. - 23. of January 2020. It was a lot of fun :)

Read more
Aug 06

Sextortion Spam Scientifically Scrutinized

Sextortion scams are one of the big newcomers in Internet fraud of the last year. In these campaigns spammers send e-mails which claim that they have hacked into the victim's computer and used its webcam to film the victim masturbating while surfing adult websites.

Read more
Jul 16

Topinambour & Windows event logs

TL;DR:
* Block outgoing SMB traffic if you can.
* Hunt or Monitor for event ID 106 in "Microsoft-Windows-TaskScheduler%4Operational.evtx". ...
Read more
Mar 14

MeliCERTes Training in Vienna

From March 11th to March 13th CERT.at hosted an introductory MeliCERTes Training which covered the basic functionalities of the applications used in MeliCERTes as well as the topic of CSIRT maturity as laid down in the SIM3 model and covered by the CSIRT maturity self-assessment survey by ENISA.

Together ...

Read more
Mar 13

New PGP-Keys

Since our "old" (2014 vintage) PGP-keys are near their expiry date, we have generated a new set of keys. They are available via our usual CERT.at PGP keyring.

A transition-document, (inline) signed with both old & new keys, can be found at key-transition-2019.txt.

Author: Robert Waldner

Read more
Jan 16

IntelMQ 1.1.1 released

On Tuesday we have released IntelMQ version 1.1.1 which is a pure maintenance release with bugfixes only.

The documentation for the version 1.1.1 and the installation instructions can be found on our github repository.

The development of the next minor release 1.2.0 including new features is ...

Read more