CERT.at: Review of the first third of 2021

In its report, CERT.at, an initiative of the domain registry nic.at, informs about incidents, projects as well as conferences of the first third of the year.

Among other topics, the blog post reports on SilverFish APT and Microsoft Exchange emergency patches:
 
In March, the IT security company PRODAFT was able to access the infrastructure of the highly professionalized hacking group "SilverFish". In the course of their work, PRODAFT also identified victims. Among other national CERTs/CSIRTs of countries that had been affected, CERT.at was contacted and received a list with the (few) victims in Austria, which were immediately informed.
 
Also in March, Microsoft published emergency patches for its e-mail server "Microsoft Exchange". However, these contained several weaknesses, enabling attackers to execute arbitrary code as NT Authority\SYSTEM on unleased servers without any authentication. With the help of a script published by Microsoft, in which vulnerable installations could be identified externally, CERT.at was able to quickly create a scan for Austria and inform potentially affected persons.
 
These and other topics can be explored in the blog post.

Learn more

Further Information

The netidee Call 2022 is on!

Read more about The netidee Call 2022 is on!

These are the funding recipients of Call 16!

Read more about These are the funding recipients of Call 16!

nic.at: New peak of.at-domains

Read more about nic.at: New peak of.at-domains

RcodeZero DNS: 10th anniversary 

Read more about RcodeZero DNS: 10th anniversary 

netidee SCIENCE: Call 6 is on!

Read more about netidee SCIENCE: Call 6 is on!

CERT.at: Review of the second third of 2021

Read more about CERT.at: Review of the second third of 2021
All news

Internet Stiftung

The Internet Stiftung promotes the development of the internet in Austria and an unrestricted and orderly access to networks and services in compliance with international obligations. In particular, the Internet Stiftung is responsible for the administration of the .at domain.