Home      Settings 
RSS English Slovensky

Aktuálne
Mesačná správa CSIRT.SK - Január 2021
Tlačové správy
23.02.2021
Mesačný prehľad zraniteľností za mesiac január 2021
Tlačové správy
08.02.2021
Mesačná správa CSIRT.SK - December 2020
Tlačové správy
25.01.2021
Staršie správy
Oznámenia a varovania
Spoločnosť Microsoft vydáva núdzové opravy aktívne zneužívaných zraniteľností serveru Microsoft Exchange
Varovanie
03.03.2021
Bola opravená kritická zraniteľnosť v prehliadači Chrome
Varovanie
03.03.2021
V komponente V8 prehliadača Chrome bola opravená aktívne zneužívaná zero-day zraniteľnosť
Varovanie
23.02.2021
Staršie oznámenia
Zahraničné zdroje
Nahlásené incidenty
1.1.2019 - 31.12.2019

Graf

How to report security incident

You can report a security incident by sending an e-mail to incident (at) csirt.gov.sk. You may add an attachment and use the file File TXT PGP key (6,25 kB) if encryption is necessary (you may use free GNU GPG tool).

For incident reporting the following rules apply:

  • It is necessary to give the correct email address, which will serve as the primary contact.
  • The description of the incident has to be unambiguous.
  • Please indicate as much information as possible for further analysis and proceedings and subsequent processing. Even seemingly useless information may be very useful.

Description of the incident should contain the following:

  • Information about the reporter of the incident:
    • title / position,
    • name of organization, type of organization (government, private, educational, ...),
    • other affected organizations;
  • Information about the incident:
    • start time of the incident (if known),
    • time and way of finding,
    • is this is an ongoing incident? (yes/no/maybe),
    • any known vulnerabilities were abused? (yes/no/maybe),
    • what countermeasures were made,
    • detailed description - description of the course of the incident, what types of attacks have been used, where was the attack coming from, what controls were implemented (firewall, antivirus, ...), were they breached, etc.,
    • regarding spam - please attach the full header and body of the email message,
    • regarding virus - please add affected file to protected ZIP archive and secure it using password „incident“,
    • regarding phishing or pharming - please attach complete URL,
    • regarding network scanning or denial of service (DoS) type of attack - please attach time stamps, time zone, source and destination IP (or MAC) addresses and ports, protocol type (TCP, UDP, ICMP, ...), and samples of captured packets (using Wireshark or other packet analyzer) if possible;
  • Information on affected devices and impacts:
    • type and function of device,
    • IP address, hostname,
    • destination protocol and port,
    • description of hardware,
    • operating system (type, version),
    • affected software or files,
    • is it critical device in terms of business continuity?,
    • is affected device still in use?,
    • contact person responsible for providing access to affected device,
    • o does the device contain nonpublic information?

How to identify the type of incident?
Hint

Report incident Report vulnerability
Links
Content adminstrator (CSIRT.SK) | Technical support (DataCentrum) | Accessibility statement
W3 CSS validator W3 HTML validator Blind friendly