The popular Firefox Send service has been a target of an active abuse by attackers to distribute malicious software aimed to damage or steal information from the victim’s device. The attacks are still ongoing and have been reported in Slovak cyberspace. Firefox Send providing users free private file transfers. It also offers optional security features that...

Responsibility for assessment of cybersecurity auditors in Slovakia was recently taken over by a brand-new Conformity Assessment Body, the Cyber Security Competence and Certification Centre. The point is that along with it: a completely new certification scheme has been introduced. The certification scheme is based on accreditation according to the ISO/IEC 17024 Conformity assessment –...

Protecting organizations from cybersecurity threats is particularly a matter of implementing security measures and, subsequently, implementing cybersecurity incident response processes. “Panta rhei” is Plato’s abbreviated interpretation of the ancient philosopher Heraclitus’ claim that everything is constantly changing. Nothing is permanent and nothing is forever. Every industry, technology or environment is gradually undergoing natural but also...

On 31 March 2020, the National Cyber Security Centre SK-CERT issued a security warning on the critical vulnerability of Vigor switches and routers from the company DrayTek. According to the company Netlab 360[1], this vulnerability has been found in approximately 100,000 devices. Although it is an older vulnerability for which updates were already provided on...

The spread of COVID – 19 has forced many companies and organizations to work remotely. While this precautionary measure is a good measure to care for employee’s health while maintaining good productivity, it also opens up opportunities for cyber attackers to exploit successful attacks. There are several ways to abuse the current situation: Unauthorized access...

A Chinese government has ordered all government offices and public institutions to withdraw software and hardware equipment coming from foreign suppliers within next three years. Replacement that involves approximately 20 to 30 million pieces of equipment and systems will be carried out according to a 3-5-2 key, i.e. 30% of the equipment will be replaced...

On 26 March, the National Cyber ​​Security Centre SK-CERT became the first certified Slovak CSIRT in the Trusted Introducer, which joins CSIRTs around the world. To achieve “Certified” status, the team must meet demanding conditions based on a CSIRT Advanced Measurement System known as SIM3 (Security Incident Management Maturity Model). This model is used as...

The model of working from home, so-called “Home-office” or teleworking is in the current situation of quarantine measures due to the spread of COVID-19, a frequently used way for a large part of society and institutions to separate their employees and reduce the risk of transmitting the disease. At the same time, some of the...

A large number of companies and institutions have in recent days introduced a compulsory policy of working from home — a “home office”. It is realistic to assume that the transition to a “home office” will become a new reality for many of us, also considering that, according to the World Health Organisation, the spread...

The National Cyber Security Centre SK-CERT (hereinafter referred to as SK-CERT) warns all public authorities, organizations of state administration and municipalities about underestimating the importance of cybersecurity in the current situation related to the spread of COVID-19. The operations (and services) of information technologies of public administration have a direct and significant impact on the...

The National Cyber Security Centre SK-CERT warns operators of essential services in the health sector (hospitals, healthcare providers, testing laboratories and other healthcare facilities), as well as all other organizations of public administration and operators of essential services in other sectors against possible increasing of cyber threats and attacks on their systems and networks. As...

On 3 March 2020, the National Cyber Security Centre SK-CERT published the first Recommendations for operators of essential services to ensure a high level of availability of their services. On Sunday, 15 March 2020, the Government of the Slovak Republic agreed on the Declaration of Emergency State according to Article 5 of the Constitutional Act...

As reported in a previous warning on February 27, 2020 attackers are trying to exploit the situation where people are afraid and uncertain about the spread of COVID-19. In such situations, people are prone to believe various and false reports about COVID-19 and thus have a reduced ability to detect harmful content. The National Cyber ​​Security...

The National Cyber Security Centre SK-CERT warns against large-scale sophisticated phishing campaigns that exploit concerns about the spread of Coronavirus Disease 2019 (COVID-19). Attackers impose the virus-induced fear atmosphere and the associated reduced people’s ability to detect malicious content. Their aim is to obtain sensitive data, spread malware, or for example scaremongering. Examples include phishing...

National Cyber Security Centre SK-CERT is warning against possible increase of activities carried out by state-supported APT (Advanced Persistent Threats) groups or individuals in the global cyber security space, including the cyber space of the Slovak Republic, due to increased tensions in the Middle East region. Increased geopolitical tensions and threats of aggression may lead to...

AFCEA association in cooperation with National Cyber Security Centre SK-CERT is organizing the first national cyber security competition. This competition is intended for secondary school students at the age from 16 to 20. Registration is free of charge and students from any schools with any specializations can enrol. The competition has three rounds within the...

In November, the Los Angeles County District Attorney’s Office issued a warning against charging devices through USB-powered charging stations, at airports, in hotels, at railway stations, and other public places. Travellers are advised to avoid using public charging stations as the ports may be infected by malicious software or malware (malicious code, or software that...

Black Friday and Cyber Monday are the days when retailers attract customers to sales and big discounts. Having said that, we would like to introduce some tips for the public, regarding fake stores, suspicious e-mails and phishing cases which are associated especially with these promotions. During these days, with extremely attractive discounts, customers often become...

On 12 and 13 November 2019 the Crowne Plaza Hotel was hosting an International Conference ITAPA 2019, the largest event on Information Technologies in public administration in Slovakia. The conference lasted three days and was full of news from the world of digitization, artificial intelligence, big data, industry 4.0., cyber ​​security, smart health and smart...

The National Cyber Security Centre SK-CERT is organising another of the series of National Table-Top Exercises that will test preparedness of particular participants for cyber threats.   The goal of the exercise will be again to test the management procedures and decisions in handling cyber security incidents and to show the overlap of cyber security...

The European Commission with the European Union Agency for Network and Information Security (ENISA) have published a high-level report on EU Coordinated Risk Assessment on Cybersecurity in Fifth Generation (5G) Networks. The risks connected with 5G networks and technologies are assessed in 5 basic areas: Threats and threat actors – the report includes threat scenarios that...

October is the European Cyber Security Month during which a campaign is organized under the auspices of the European Commission, the European Union Agency for Network and Information Security (ENISA) and their partners in order to raise interest in cyber security within the European Union and to raise awareness in this area. Awareness activities include...

On 7 October 2019 the National Cyber Security Centre SK-CERT has published The Vulnerability Reporting Guideline. This guideline is a tool for security researchers, software developers, hardware manufacturers as well as for the general public. It provides a detailed procedure and recommended steps for reporting newly discovered vulnerabilities and also a procedure for reporting already existing vulnerabilities found...

Bratislava 6 September 2019 – National Security Authority (hereinafter referred to as the Authority) established the National Cybersecurity Centre SK-CERT by transformation of the National Unit SK-CERT. By establishing the National Cybersecurity Centre SK-CERT (www.sk-cert.sk) the Authority performs the task of the Action Plan of Cybersecurity Concept Implementation of the Slovak Republic within the years...

A High Level Table-Top Exercise BlueOLEX2019 Joined Representatives of Member States in Response to Critical Cybersecurity Situation On 2 and 3 July 2019 Paris was hosting a high-level Table-Top exercise BlueOLEx 2019 based on Commission Recommendation on Coordinated response to large-scale cross-border cybersecurity incidents and crises.   The exercise was organized by French L’Agence Nationale de la...

On 17 and 18 July 2019, the Organization for Security and Co-operation in Europe hosted a conference in Vienna on cybersecurity and information and communication systems security, called Cyber/ICT Security for a safer future: The OSCE’s role in fostering regional cyber stability. The conference was attended by representatives of 36 OSCE participating countries and dozens...

On 7 June 2019 the Cybersecurity Act was published in the EU Official Journal. The Act considerably strengthens the position of ENISA Agency and recognizes it as the EU Agency for Cybersecurity. The Act will come into force on 27 June 2019. Based on this Act the Agency will be able to provide more efficient...

On 4 June 2019, a scientific conference with international participation entitled “Current Challenges of Cybersecurity” was held at the Academy of the Police Force in Bratislava (hereinafter referred to as the Academy). The conference was organized by the Management and Information Science Department of the Academy in cooperation with the National Security Authority together with...

During his visit of the Globsec 2019 Forum in Bratislava, Roman Konečný, the director of National Security Authority (NSA) announced the beginning of closer cooperation between NSA and Globsec in area of cyber security. GLOBSEC is a global think-tank committed to enhancing security, prosperity and sustainability in Europe and throughout the world. The director emphasized...

On 15 May 2019 the National Unit SK-CERT of the National Security Authority took part in the international exercise CyberSOPEx. The exercise organized by the European Network and Information Security Agency (ENISA) was aimed at enhancing of coordination and cooperation of EU Member States in handling of large scale cybersecurity incidents which is one of...

The National Unit SK-CERT of the National Security Authority conducted the first of a series of the National Table-Top exercises on 14 May 2019. The exercise was named “A Suspicious Mail is Just the Beginning”. The Table-Top exercises are a kind of non-technical exercises focusing on decision-making, as well as practising and testing of own procedures and...

A few days ago the International Telecommunication Union (ITU) published the Global Cyber Security Index (GCI) for the year 2018. The GCI is published annually. The Slovak Republic moved up 36 places in the GCI compared to the year 2017 and took 45th place. The Global Cyber Security Index in the framework of cybersecurity focuses...

EU ELEx 2019 Exercise took place on 5 April 2019 on the European Parliament ground, focusing on operational handling of cybersecurity incidents during the European Parliament elections. The exercise was organized by ENISA in cooperation with the European Parliament and European Commission. At the beginning of the exercise the vice president of the European Parliament...

This year’s Guardians 2019 gave more space to young people from Slovakia with diverse experience in the field of information security. The competition brings together people who have wide experience in this field with those who just would like to direct their carrier to the field of cybersecurity. More sophisticated attacks, more teams, real environment...

The National Security Authority via the National Unit SK-CERT and the Binary Confidence Company Ltd. co-organize the third year of the Guardians competition for young IT specialists.  Prior to the upcoming elections of the head of the state, the competition will simulate attacks on the teams of candidates and will demonstrate how they can be...

The National Unit SK-CERT has become a part of an international project CyberExchange, the coordinator of which is CSIRT.cz. The project is co-financed by the Connecting Europe Facility of the European Union. 11 CSIRT teams from all over Europe are participating in the project. The focus and target of the project is to increase the cooperation...

The European Parliament, the Council of the European Union, and the European Commission have reached a compromise on the text of the Cybersecurity Act. The Act aims to strengthen ENISA ˈs position and to recognize ENISA as main the EU Agency for Cybersecurity. This Act grants to ENISA a broad mandate in the field of cybersecurity and...

One of the largest and most comprehensive exercise in the field of NATO cyber defence Cyber Coalition 2018 was held in Estonian Tartu from 27 to 29 November 2018.  This exercise was attended by 28 countries with more than 700 participants. The Slovak Republic is already a regular participant in this exercise and this year...

40 000 login data to government portals in more than 30 countries. It is the result of investigation of the International company Group-IB dealing with cyberattack prevention. The company using the forensic analysis of malware samples found out that attackers unknown so far were capable of, through different techniques, collecting login data to government systems and...

On 13 and 14 November 2018 the Crowne Plaza Hotel is hosting an International Conference ITAPA 2018, the most famous and largest event since 2002, which is focuses on digitization of public administration.  The topics of this year’s ITAPA Conference are data and artificial intelligence, Cloud, public procurement, eGovernment, the potential of emerging technologies and cybersecurity....

The National SK-CERT Unit (hereinafter referred to as SK-CERT) has prepared a series of articles aimed at distribution of information on security vulnerabilities and the methodology used to evaluate their severity. This issue is connected with two important concepts – security warning and security bulletin. Issuing of security warnings and bulletins belongs to one of...

E-mail represents a crucial part of both corporate and private communication. Thanks to its popularity there is a plethora of different e-mail clients with advanced features that enhance the simple and originally pure text format of e-mail by features like sending of attachments (MIME), encrypted contents (S-MIME, PGP) or stylized HTML text with images. Nevertheless,...

SK-CERT national unit has become a full member of the community of Security and Incident Response Teams by gaining the Accredited status, the second level of membership within the Trusted Introducer Service on 3 May 2018, and thus has won an international recognition. More detailed information regarding the membership in TI is available at the following...

The beginning of the year 2018 has brought a constantly growing threat in the field of cyber security which impacts a huge amount of Internet users. Either societies with a large infrastructure or a teenager with a notebook. Despite the fact that it is not anything new, the growth of cases and new methods of implementation deserve a due attention. Let’s...

Locked Shields 2018, an internationally recognized exercise, was held on 24 – 26 April 2018. The exercise is annually organized by the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) in Tallinn and represents the most comprehensive and the most advanced cyber security exercise organized at international level.   Within the simulated environment the teams...

The workshop aimed at clarification of status and responsibilities of operators of essential services and digital service providers was held on 13 April 2018 in Bratislava’s hotel Bôrik.  The Act on Cybersecurity came into force on 1 April 2018. It is the first legislative act which comprehensively approaches the issue of security in the national...

The National Cyber Security Index have been expanded by inclusion of eight new countries. One of these countries is the Slovak Republic, which has also become its new leader. This position reflects the high level of efforts invested in the development of cyber security over the past years. Slovakia achieved the maximum score in 7...

Historically first legislative act, regulating the issue of cybersecurity in the Slovak Republic was published in the Collection of Laws of the Slovak Republic on 9 March 2018. On the following links you can download the complete version of the Act on Cybersecurity no. 69/2018 Coll. in Slovak and English versions. The Act systematically and...

Memcached is an open-source software which serves as a cache of the web content. Its aim is to speed up the web applications by caching often used items in memory and thus alleviate the database load. It increases the site performance and the total scalability of web applications. The cache of the web content is...