Category Archives: Security Training, Awareness and Reports
Digital Attack Map, by Google and Arbor Networks
There is an interesting new site Digital Attack Map related to DDoS attacks. Worth to have a look! From About: Digital Attack Map is a live data visualization of DDoS attacks around the globe, built through a collaboration between Google … Continue reading
Microsoft Security Intelligence Report
Security Intelligence Reports are available at Microsoft site. What it is? Microsoft Security Intelligence Report provides in-depth perspectives on software vulnerabilities in Microsoft and third-party software, exploits, malicious code threats, and potentially unwanted software. The SIR website also includes deep … Continue reading
Electronic Communication Annual Incident Reports, by ENISA
ENISA publishes annual reports about significant incidents in the electronic communications sector. ENISA is receiving these reports from National Authorities (see figure below). The latest report from 2012 incidents is now available. In total 18 countries reported 79 significant incidents, … Continue reading
2013 TMT Global Security Study, by Deloitte
Deloitte is producing interesting material. For example the 2013 TMT Global Security Study and related infographic The updates for 2014 might come in the beginning of the year? Links Technology, Media & Telecommunications Technology, Media & Telecommunications Predictions 2013 TMT … Continue reading
IT Law wiki, ICT related encyclopedia
In addition to wikipedia, IT Law wiki is a good complementary information site. And the content at IT law wiki is more specific to ICT. Comparison “IT Law wiki” <-> Wikipedia IT Law wiki Wikipedia Cybercrime Cybercrime Surveillance Surveillance Policy … Continue reading
Application Security Weaknesses, OWASP Top 10
OWASP (Open Web Application Security Project) is maintaining top 10 list of most common application vulnerabilities/weaknesses. Injection Broken Authentication and Session Management Cross-Site Scripting (XSS) Insecure Direct Object References Security Misconfiguration Sensitive Data Exposure Missing Function Level Access Control Cross-Site … Continue reading
EU Directive 2013/40/EU on attacks against information systems
There is a new EU Directive 2013/40/EU, which defines following as offences: Illegal access to information systems Illegal system interference Illegal data interference Illegal interception Tools used for committing offences Transposition: Member States shall bring into force the laws, regulations … Continue reading