@crowdsec.bsky.social
Account run by Alpacas CrowdSec is a CTI tool leveraging crowdsourced data to identify and block malevolent IPs in real time, worldwide. Join our Discord: http://discord.gg/crowdsec
π #CybersecurityAwarenessMonth is here, and weβve got plenty lined up for you!
Our October CrowdSec Community Office Hours will dive into how you can extend CrowdSecβs capabilities through community-driven integrations & SDKs.
ποΈ October 23rd at 5 PM CEST: app.livestorm.co/crowdsec/cro...
ποΈ π«π· For Cybersecurity Awareness Month, weβve teamed up with #OpenClassrooms to bring our French-speaking community a webinar on βDDoS, scans, exploits : comment la cybersΓ©curitΓ© collaborative a changΓ© les rΓ¨gles du jeu ?β π‘
October 15th at 1 PM CEST
Β
π Register: app.livestorm.co/openclassroo...
Weβre excited to announce our partnership with #OpenClassrooms! ππ
Together, weβre making cybersecurity education more accessible, practical, and hands-on.
Read more about the partnership: www.crowdsec.net/blog/opencla...
#cybersecurityawarenessmonth
π¨ In this week's Threat Alert Newsletter over on LinkedIn, we take a closer look at the evolving GoAnywhere MFT threat landscape.
Read the newsletter for more details: www.linkedin.com/pulse/goanyw...
Building and running your apps on #Upsun? Now you can secure them with CrowdSec!
Our new drop-in CrowdSec integration for Upsun helps you detect and stop bot attacks at the edge.Β
π Get all the details and start protecting your apps today: www.crowdsec.net/blog/preempt...
#cybersecurity
π Exciting news!
Weβll be hosting a lunch + presentation at DrupalCon Vienna on Wednesday, October 15th, in the Session Room, Hall G1.
Join CrowdSec as we explore how to protect the open web & your Drupal sites with our community-driven security.
π See more: events.drupal.org/vienna2025/s...
π¨ In this weekβs Threat Alert Newsletter, we dive into the exploit campaign classified as βNervous Burlywoord Becardβ (NBB), aggressively targeting Apache servers with Log4J and a collection of other exploits.
Read more on LinkedIn π www.linkedin.com/posts/crowds...
π§ββοΈβ¨ Become the Gandalf of your LAMP stack!
Β SQL injections, XSS, brute force, bots... they shall not pass.
In this article, written by CrowdSec Ambassador Killian, learn how to secure your applications with open source WAFs like CrowdSec & ModSecurity.
Read moreπ www.crowdsec.net/blog/become-...
Join us today at 5 PM CEST for the September session of the Community Office Hours!Β
Weβll dive into the CrowdSec WAF, open the floor to questions, and cover any topics youβd like to discuss.
πSign up now to get an alert right before the event starts: app.livestorm.co/crowdsec/cro...
#community
Are you up to date with #NIS2?
The expanded directive impacts more sectors than ever. It sets strict rules around:
β’ Proactive security over reactive fixes
β’ Continuous monitoring & reporting
β’ Leveraging the power of open source
Learn more π
www.crowdsec.net/solutions/nis2
4 reasons to secure your web apps with the CrowdSec WAF π
1. No more chasing CVEs
2. Always-on virtual patching
3.Β Powered by world-leading Threat Intelligence
4. 100% FREE & open source
Start protecting today π www.crowdsec.net/blog/strengt...Β
#WAF #opensource #cybersecurity
π¨ In this weekβs Threat Alert Newsletter, we cover a critical FreePBX authentication bypass thatβs actively being exploited, putting business phone systems at risk.
Read the newsletter on LinkedIn for full details and guidance on securing your systems π www.linkedin.com/feed/update/...
π Did you know? βΆ CrowdSec CTI includes rich metadata like whether an IP is a VPN, TOR exit node, residential proxy, or botnet actor.
π‘This makes our CTI perfect for attribution & escalation decisions.
Learn more π www.crowdsec.net/cyber-threat...Β Β
#CTI #cyberthreatintelligence #cybersecurity
β¨ Just 1 week to go for our COH: September Session!
Got questions about your CrowdSec setup? Curious about the CrowdSec WAF? Or maybe you just want to hang out with the community in a relaxed setting?
This is your chance!
π
Sept. 25th
β° 5 PM CEST
π Join us: app.livestorm.co/crowdsec/cro...
π A brand new Academy Course is live: Secure your apps with CrowdSec #WAF
- Deploy & configure the WAF
- Set up virtual patching (VPatch)
- Install & configure OWASP CRS (in-band & out-of-band)
Protect your web apps with #opensource! π»
Start learning: academy.crowdsec.net/course/crowd...
π€ Weβre proud to announce that we have partnered with Drupal Association to protect the open web!Β
From blocking spam & bots to harnessing community-powered defense, this partnership brings adaptive, open source security directly into the CMS layer.
Read more π www.crowdsec.net/blog/drupal-...
π¨ In this weekβs Threat Alert Newsletter, we dive into a new WordPress plugin vulnerability, with the CrowdSec Network detecting over 250 unique IPs actively targeting it.
Head on over to LinkedIn to read the full details π www.linkedin.com/pulse/cve-20...
#cybersecurity #threatintel #CVE
π The Drupal Association @drupalassociation.bsky.social has teamed up with CrowdSec @crowdsec.bsky.social for behavior-based, open source security.
A new module detects suspicious activity inside Drupal and shares insights with a global threat network.
π TDT coverage: https://bit.ly/3KhLRxS
Costly WAFs? π« CrowdSec #WAF is free, open source, & community-powered:
1οΈβ£ Virtual patching
2οΈβ£ OWASP CRS
3οΈβ£ Easy custom rules
4οΈβ£ Enterprise threat intel
β‘Scalable protection that grows with you.
Read the full guide πΒ www.crowdsec.net/blog/crowdse...
#cybersecurity #webapplicationfirewall
π‘οΈ How to protect your systems:
πΉ Immediately update FortiWeb to the latest versions.
πΉ Join the CrowdSec community to automatically block CVE-2025-52970 attacks. Install the CrowdSec WAF: doc.crowdsec.net/docs/next/ap...
(π§΅6/6)
π Trend analysis (cont.):
Attackers (64%) spoof user agents; 55% use data centers. 99% show exploit behavior, 97% conduct recon. Public PoC code has weaponized this for broad cybercriminal use, far beyond just APT groups. Patch immediately.
(π§΅5/6)
π Trend analysis:
According to CrowdSec intelligence, exploitation attempts for CVE-2025-52970 have intensified with 143 confirmed attacking IPs (up from 122 just days ago).
π‘ See more details here: app.crowdsec.net/cti/cve-expl...
(π§΅4/6)
βΉοΈ About the exploit:
CVE-2025-52970 "FortMajeure" is an auth bypass in FortiWeb. Flawed cookie parsing lets attackers manipulate the "Era" parameter to gain full admin access. Affects versions 7.6.3 and earlier.
(π§΅3/6)
π Key findings:
πΉCVE-2025-52970 scores 8.1/10 (HIGH).
πΉCrowdSec data reveals 143 unique IPs exploiting this vulnerability, a 17% increase in just days, with 100% being confirmed bad actors. 64% use spoofed user agents and 55% operate from data center infrastructure.
(π§΅2/6)
π¨ Critical alert: #CVE202552970 auth bypass in FortiWeb firewalls is under active exploitation. 143+ IPs are attacking. Immediate patching and infrastructure review required. (𧡠thread)
(π§΅1/6)
π A new school year means new students, new devicesβ¦ and an even heavier workload for education cybersecurity teams.
Thatβs where the CrowdSec Education Blocklist helps.
Learn more about the blocklist and our exclusive offer for educational institutions π www.crowdsec.net/solutions/ed...
πSeptember is here, and that meansβ¦ a new session of CrowdSec Community Office Hours!Β
πJoin us on September 25th at 5 PM CEST for an open discussion.Β
This monthβs focus will be on the CrowdSec WAF, but all topics and questions are welcome.Β
Sign up now: app.livestorm.co/crowdsec/cro...
π¨ In this weekβs Threat Alert Newsletter, we examine CVE-2025-34141, a cross-site scripting (XSS) vulnerability in the ETQ Reliance CG platform.
Head over to LinkedIn to read more π www.linkedin.com/pulse/cve-20...
#CVE #CVE202534141 #cybersecurity #infosec #threatintel
π Did you know? βΆ CrowdSec is one of the only threat intelligence platforms built on community defense.
π‘This means that the more you use it, the stronger it becomes for everyone.
Learn more about the largest crowdsourced CTI network π www.crowdsec.net/cyber-threat...
#CTI #cybersecurity
πStopping threats is only half the battle. Knowing the true impact of your defenses is what really matters.
CrowdSec Remediation Metrics gives security teams real visibility by turning raw data into actionable insights.
π Learn more and get started today: www.crowdsec.net/blog/cyberse...
