HunCERT group

Together for Hungary's cybersecurity

In its 20th year, HunCERT is Hungary's leading cybersecurity emergency response team, with the mission of assisting and providing information to the Hungarian online society.

Fókuszban

Kép email ikonokról egy laptop előtt, DNS4EU logó és stakeholder group felirat.

17 May 2024

Article

You can now join the DNS4EU stakeholder group

The DNS4EU project has opened the application form for their stakeholder group. Members are kept up to date with events, news and blog posts, and can also find out about the project's plans and current progress at the regular meetings.

DNS4EU

Türkiz háttér, IVSZ SMART 2024 felirat, SZTAKI logó, monitor alakú keretben Rigó Ernő prezentálás közben.

22 Apr 2024

Article

HUN-REN SZTAKI researchers also presented at the IVSZ Smart 2024 conference

Ernő Rigó, Head of the Network Security and Internet Technologies Unit (HBIT) and Dániel Horváth, Researcher at the Engineering and Business Intelligence Research Laboratory (EMI), gave presentations in the Cyber Defence and Data Arena sessions.

Networkshop logó, alatta DNS4EU logó a kék nyílban ami digitális biztonságot szimbolizáló ikonra mutat

10 Apr 2024

Article

DNS4EU at Networkshop 2024

This year marked the 33rd edition of NETWORKSHOP (NWS), Hungary's most prestigious IT conference for the higher education, public education, research and public collections sectors. The conference was held over 3 days, with presentations on the DNS4EU project featured on the second day, during session 6, which focused on topics related to the broader issue of digital transformation.

www.joindns4.eu

Két kézben 1-1 puzzle darab, mellette DNS!EU és HUNCERT logók

8 Apr 2024

Article

The Role of HunCERT in the DNS4EU Project

HUN-REN SZTAKI, which provides HunCERT's technical team, is actively involved in the DNS4EU project, which aims to offer an alternative to the public DNS resolvers that currently dominate the market. By participating in this project, we contribute to the EU's digital sovereignty by providing a private, secure and independent European DNA resolver.

joindns4.eu

5 Apr 2024

Biztonsági szemle

New HTTP/2 Vulnerability Exposes Web Servers to DoS Attacks

New research has found that the CONTINUATION frame in the HTTP/2 protocol can be exploited to conduct denial-of-service (DoS) attacks.

thehackernews.com

Egy tableten folyó videóhívásról, a billenytűzeten éppen gépelnek. A kép jobb oldalán DNS4EU felirat.

22 Mar 2024

Article

Webinar: DNS4EU introduction for ISPs

On January 31st, Whalebone hosted a pivotal webinar on the DNS4EU project, drawing over 70 participants from EuroISPA membership and the ISP segment.

joindns4.eu

DNS4EU

Két laptop türkiz háttér előtt, köztük hurkot jelölő nyilak, a kép közepén Loop DoS felirat.

22 Mar 2024

Biztonsági szemle

New 'Loop DoS' Attack Impacts Hundreds of Thousands of Systems

A novel denial-of-service (DoS) attack vector has been found to target application-layer protocols based on User Datagram Protocol (UDP), putting hundreds of thousands of hosts likely at risk.

Alerts

Urgent alerts

5 Dec 2024

Riasztás

CVE-2024-11477

7-Zip Zstandard Decompression Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip.

nvd.nist.gov

12 Nov 2024

Riasztás

Ensure Access to Management Interface is Secured

Palo Alto Networks is aware of a claim of a remote code execution vulnerability via the PAN-OS management interface.

security.paloaltonetworks.com

19 Jun 2024

Riasztás

CVE-2024-37080

vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially...

nvd.nist.gov

Latest alerts

21 Dec 2024

Riasztás

Medium - CVE-2024-12591 - The MagicPost plugin for WordPress is...

The MagicPost plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wb_share_social shortcode in all versions up to, and including, 1.2.1 due to insufficient input...

security-database.com

21 Dec 2024

Riasztás

Medium - CVE-2024-12558 - The WP BASE Booking of Appointments, Services...

The WP BASE Booking of Appointments, Services and Events plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the export_db function in all...

security-database.com

21 Dec 2024

Riasztás

Medium - CVE-2024-12408 - The WP on AWS plugin for WordPress is...

The WP on AWS plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via $_POST data in all versions up to, and including, 5.2.1 due to insufficient input sanitization and output...

security-database.com

21 Dec 2024

Riasztás

Medium - CVE-2024-11722 - The Frontend Admin by DynamiApps plugin for...

The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to SQL Injection via the 'orderby' parameter in all versions up to, and including, 3.25.1 due to insufficient escaping...

security-database.com

21 Dec 2024

Riasztás

Medium - CVE-2024-11688 - The LaTeX2HTML plugin for WordPress is...

The LaTeX2HTML plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'ver' or 'date' parameter in all versions up to, and including, 2.5.5 due to...

security-database.com

21 Dec 2024

Riasztás

Medium - CVE-2024-10453 - The Elementor Website Builder – More than Just...

The Elementor Website Builder – More than Just a Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Typography Settings in all versions up to, and...

security-database.com