In this blog CERT.at's employees can post research and thoughts. This is done with least possible oversight, so opinions in blogposts are not necessary opinions of CERT.at

Alternatively you can receive CERT.at's blog as a feed.

Mar 28

New PGP keys

At CERT.at we had to phase out some old 1024 bit DSA keys as well as create new master-signing keys.  This turned out to be a major effort. Key roll-overs are never easy.

In order to easy the key roll-over pains, we created a key transition document. This document is signed by the old keys in order ...

Read more
Dec 04

Completed: Maintenance work on Wednesday, December 4th, 2013

Because of required changes in our power-infrastructure, all Internet-reachable services of CERT.at will be unavailable for some time on Wednesday, December 4th, 2013. An "emergency" website with restricted functionality will be made available.

In urgent cases please contact us by telephone: +43 ...

Read more
Jul 30

Completed: Maintenance work on Tuesday, July 30th, 2013

Because of necessary changes in our power-infrastructure, all Internet-reachable services of CERT.at will be unavailable for some time on Tuesday (July 30th, 2013). An "emergency" website with restricted functionality will be made available.

In urgent cases please contact us by telephone: +43 1 505 ...

Read more
Jul 17

Maintainance work on Wednesday, July 17th, 2013

Because of urgent changes in our power-infrastructure, all Internet-reachable services of CERT.at will be unavailable for some time tomorrow (July 17th, 2013). An "emergency" website with restricted functionality will be made available.

In urgent cases please contact us by telephone: +43 1 505 64 ...

Read more
Jun 18

ProcDOT 1.0 released

I am happy to announce that the first release (1.0) of my visual malware analysis tool ProcDOT (I already mentioned the beta in a recent blog post) is now available.

Get it for free from our website: ProcDOT 1.0

Author: Christian Wojner

Read more
Apr 12

Lessons from the Stophaus/CloudFlare/Spamhaus DDoS for ISPs

Update: our full report on this incident is now available (in German)

No, the Internet is not breaking down, we did not have a doomsday scenario over the last week.

We did have an interesting situation, there were some disruption in some parts of the Internet, and there were a good number of ...

Read more
Mar 19

ProcDOT - Visual Malware Analysis

Dear like-minded people,

I'm very proud to announce that our latest contribution to the malware analysis community is finally available as open beta.

It's called ProcDOT - I already gave a preview of the alpha version some months ago at SANS Forensics Summit in Prague - and it is an absolute ...

Read more
Sep 21

Spikes in Austrian CCM number in Q4/2011

Microsoft's Security Intelligence Report 12 uses the computers cleaned per mille (CCM) metric to compare the infection rates over time and between countries.

This is, of course, no perfect measurement of the actual infection rates due to a number of factors, but nevertheless an interesting data-point. ...

Read more
Dec 19

IE6 Death Watch

Internet Explorer 6 has outlived its "good-before"-date for years now and both Web-programmers (living hell to support) and Microsoft (a security-nightmare for them) were keen to put a stake through its heart for the last years.

It finally seem to have worked: Austria is now at < 1% IE6 according ...

Read more
Apr 26

Tipping our Hats

It's not an everyday occurrence that an Austrian Company finds an important security issue. If they then follow responsible disclosure towards the vendor and also inform the local CERT, that's something that should be openly acknowledged.

Thus: A round of applause from CERT.at goes to Johannes Greil ...

Read more