Home      Settings 
RSS English Slovensky

Aktuálne
Mesačný prehľad za mesiac júl 2020
Tlačové správy
05.08.2020
Mesačná správa CSIRT.SK - Jún 2020
Tlačové správy
23.07.2020
Mesačná správa CSIRT.SK - Máj 2020
Tlačové správy
21.07.2020
Staršie správy
Oznámenia a varovania
Kritické zraniteľnosti v produktoch spoločnosti Adobe
Varovanie
28.07.2020
Chyba vo funkcii Vanity URL aplikácie Zoom umožňuje vydávať sa za používateľa tejto funkcie
Varovanie
28.07.2020
SIGRed - kritická zraniteľnosť Windows DNS serverov
Varovanie
17.07.2020
Staršie oznámenia
Zahraničné zdroje
Nahlásené incidenty
1.1.2019 - 31.12.2019

Graf

How to report security incident

You can report a security incident by sending an e-mail to incident (at) csirt.gov.sk. You may add an attachment and use the file File TXT PGP key (6,25 kB) if encryption is necessary (you may use free GNU GPG tool).

For incident reporting the following rules apply:

  • It is necessary to give the correct email address, which will serve as the primary contact.
  • The description of the incident has to be unambiguous.
  • Please indicate as much information as possible for further analysis and proceedings and subsequent processing. Even seemingly useless information may be very useful.

Description of the incident should contain the following:

  • Information about the reporter of the incident:
    • title / position,
    • name of organization, type of organization (government, private, educational, ...),
    • other affected organizations;
  • Information about the incident:
    • start time of the incident (if known),
    • time and way of finding,
    • is this is an ongoing incident? (yes/no/maybe),
    • any known vulnerabilities were abused? (yes/no/maybe),
    • what countermeasures were made,
    • detailed description - description of the course of the incident, what types of attacks have been used, where was the attack coming from, what controls were implemented (firewall, antivirus, ...), were they breached, etc.,
    • regarding spam - please attach the full header and body of the email message,
    • regarding virus - please add affected file to protected ZIP archive and secure it using password „incident“,
    • regarding phishing or pharming - please attach complete URL,
    • regarding network scanning or denial of service (DoS) type of attack - please attach time stamps, time zone, source and destination IP (or MAC) addresses and ports, protocol type (TCP, UDP, ICMP, ...), and samples of captured packets (using Wireshark or other packet analyzer) if possible;
  • Information on affected devices and impacts:
    • type and function of device,
    • IP address, hostname,
    • destination protocol and port,
    • description of hardware,
    • operating system (type, version),
    • affected software or files,
    • is it critical device in terms of business continuity?,
    • is affected device still in use?,
    • contact person responsible for providing access to affected device,
    • o does the device contain nonpublic information?

How to identify the type of incident?
Hint

Report incident Report vulnerability
Links
Content adminstrator (CSIRT.SK) | Technical support (DataCentrum) | Accessibility statement
W3 CSS validator W3 HTML validator Blind friendly