-
Vulnerability in SmodBIP software
Cross-Site Request Forgery vulnerability has been found in SmodBIP software (CVE-2023-4837).
Read more -
Vulnerability in UptimeDC software
CERT Poland has received a report about vulnerability in the UptimeDC software and assigned it the number CVE-2023-4997.
Read more -
Vulnerability in lua-http library
CERT Poland has received a report about vulnerability in the lua-http Library and assigned it the number CVE-2023-4540.
Read more -
CERT Polska will contribute to the CVE vulnerability database
From the beginning of August, CERT Polska, as the only institution in Poland and one of 7 CERTs in Europe, can assign CVE numbers, which are used to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities.
Read more -
Artemis vulnerability scanner is now open source
The Artemis vulnerability scanner is now open source! Artemis is a tool developed by the CERT Polska team and initiated by the KN Cyber science club of Warsaw University of Technology. The tool is built to find website misconfigurations and vulnerabilities on a large scale. Thanks to its modular architecture, it can combine the results of various other tools in a single place.
Read more -
Artemis – CERT Polska verifies the cybersecurity of Polish organizations
The New Year has brought more solutions to improve the security of the Polish Internet. One of them is Artemis, a tool developed by the CERT Polska team and initiated by the KN Cyber science club of Warsaw University of Technology. Artemis was designed to look for websites misconfigurations and vulnerabilities on a mass scale. We use it to verify infrastructure of entities for which, according to the National Cyber Security System Act, incident handling is coordinated by CSIRT NASK.
Read more -
Vidar stealer campaign targeting Baltic region and NATO entities
While working on our automatic configuration extractors, we came across a rather strange-looking Vidar sample. The decrypted strings included domain names of such organizations as the NATO Strategic Communications Centre of Excellence, Border Guard of Poland, Estonia and Latvia, and Ministry of the Interior of Lithuania. Automatically extracted strings from …
Read more -
CFP Secure 2021
Why SECURE? Do you value hard work and facing challenges? Do you want to meet people like you, share your job results, look for inspiration or partners to mutual projects? You can find it all in October on our conference. We invite you to contribute to the agenda of the …
Read more -
List of malicious domains
This article is outdated. Please navigate to the new page to read the updated version. With the help of telecommunications operators, we are starting a war against phishing sites that target personal data, banking information and social media accounts. In response to the growing number of phishing incidents related to …
Read more -
Free decryption tool for Mapo ransomware
We are happy to announce that we are releasing a free decryption tool for the Mapo (a GarrantyDecrypt/Outsider variant) ransomware today. We would also like to thank Maciej Kotowicz of Kaspersky’s GReAT for sharing his insights on the ransomware’s encryption process. Our tool works with encrypted files …
Read more