News

Our Annual Report for 2012 is based mostly on data feeds from various automated systems. They provided us with information on more than 10.5 million of incidents in Polish networks last year. Most of this data is consequently passed on via n6 platform to corresponding Internet providers for handling …

At the end of February 2013 Polish Research and Academic Computer Network and CERT Polska took over 3 domains used by one of the Citadel botnets, known as “plitfi”. All the network traffic from these domains was directed to a sinkhole server controlled by CERT Polska. Today we publish a …

Brute-force (dictionary) attacks on Secure Shell (SSH) services remain popular on the Internet. Although hardly a sophisticated type of attack, it is relatively effective, and one of the most common intrusion vectors for UNIX servers. Kippo is a low-interaction honeypot emulating the SSH service. The honeypot can be used to …

SECURE is a conference dedicated entirely to IT security and addressed to administrators, security team members and practitioners in this field. SECURE’s unique feature is the organisers’ commitment to providing participants with reliable information about everything that is current and meaningful in IT security. A high professional level of …

At the end of January and the beginning of February 2013 NASK (Research and Academic Computer Network) — the .pl ccTLD Registry — and its security team CERT Polska took over 43 .pl domains used to control the Virut botnet and to spread malicious applications. As a result of this action, all …

The project is a joint venture between NASK/CERT Polska (Poland) and National Cyber Security Centre (Netherlands). Goal of this system is to determine whether a site is malicious to the end-user. Scalability and ability to combine output from multiple client honeypots makes it an effective way of detecting malicious …

NASK has taken over multiple domains used for cybercrime activities, making their further usage for illegal purposes impossible. The domain names were used to spread and control dangerous malware known as “Virut” . NASK’s actions are aimed at protecting Internet users from threats that involved the botnet built with Virut-infected …

In September this year CERT Polska participated in the “Information Assurance and Cyber Defense” symposium organized by NATO’s Science and Technology Organization. Our paper, titled “Proactive Detection and Automated Exchange of Network Security Incidents”, investigates issues related to sharing security-related data among CERTs and other organizations. We attempted to …

Recently there have been numerous reports about a new malware spreading through Skype. Since a couple of days, CERT Polska has also been taking an active role in disabling the Dorknet worm. A Polish security portal Niebezpiecznik.pl (article in Polish) mentioned that it also targets Polish users. We acquired …

In late August, Oracle has decided to release Java updates before the planned publication date on October 16 CPU (Critical Patch Update). According to reports update contains four security fixes. This year Oracle has already introduced 32 security fixes across all Java SE products. The immediate cause for the release …