Publication of Security Bulletins and Warnings
The main task in providing this service is to announce in a timely manner and distribute appropriately the information concerning the cyber security at the national and international level.
SK-CERT unit for this purpose performs filtration and evaluation of information being gathered from more information sources.
In evaluation of vulnerabilities CVSS v 3.0 metrics is used. The CVSS calculator v 3.0 can be found on FIRST webpage here.
Score | Severity |
0.1 – 3.9 | Low |
4.0 – 6.9 | Medium |
7.0 – 8.9 | High |
9.0 – 10.0 | Critical |
If it is not possible to evaluate the information by CVSS v 3.0 metrics, other metrics for information evaluation are used (for example NCISS metrics) which are internationally recognized and used in evaluation of cyber-relevant information
We can divide the respective information in order of their importance into four categories according to which the respective documents with the warning content are published:
Severity | CVSS Score (if applicable) | Warning Form |
Low | 0.1 – 3.9 | Announcement on Webpage |
Medium | 4.0 – 6.9 | Weekly Security Bulletin |
High | 7.0 – 8.9 | Weekly Security Bulletin |
Critical | 9.0 – 10.0 | Prompt Security Warning |
Announcement on Webpage contains the information with low importance which does not fundamentally affect the cyber security; anyway it is important to inform of such information.
Weekly Security Bulletin contains a set of warnings and alerts which may have an impact on the status of cyber security. The bulletin is published once a week and contains a set of information with medium and high importance from the previous week. The archive of security bulletins can be found on SK-CERT webpage.
Security Warning contains a specific warning with a critical importance which may have a fundamental impact on the status of cyber security at the national and also international level. It is issued, if necessary, in order to ensure an early warning of SK-CERT constituency as well as other potentially attacked entities. The security warning is immediately published on the SK-CERT website in the relevant section.
In case of interest to subscribe to Weekly Security Bulletins, Security Warnings and other announcements issued by SK-CERT unit, please, contact us.
In your request, please provide the name of institution or organisation in which you work, the sector in which your organisation operates, your name, function and a phone contact.