CERT Publication - Úvod Cyber Campaigns Operation CERT Alert CERT Analysy New CERT Publication New
Understanding Voice over Internet Protocol (VoIP)
Voice over Internet Protocol (VoIP) is a form of communication that allows you to make phone calls over a broadband internet connection instead of typical analog telephone lines. Some VoIP services require a computer or a dedicated VoIP phone, while others allow you to use your landline phone to place VoIP calls through a special adapter.
Banking Securely Online
Online banking continues to present challenges to your financial security and personal privacy. Millions of people have had their checking accounts compromised, mainly as a result of online banking. If you are going to use online banking to conduct financial transactions, make yourself aware of the risks and take precautions to minimize them.
Playing it Safe: Avoiding Online Gaming Risks
New technologies and high-speed internet connections have helped online gaming become a popular pastime on the internet. Because gamers invest large amounts of time and money in today’s sophisticated games, others see an opportunity for mischief or illicit profit
Protecting Aggregated Data
In their ongoing quest for improved operational efficiency, organizations have come to rely on the ability to collect, access, and process large volumes of electronic data (aggregated data). This reliance has evolved with the development of sophisticated database software and the growing availability of hardware with storage capacity measured in terabytes. By possessing such large volumes of data, however, organizations assume certain risks and responsibilities. Large data stores are valuable informational assets that have become targets for cyber criminals.
Introduction to Information Security
The internet is a worldwide collection of loosely connected networks that are accessible to anyone with a computer and a network connection. Thus, individuals and organizations can reach any point on the internet without regard to national or geographic boundaries or time of day
South Korean Malware Attack
Reporting and technical details surrounding the malware used in the March 20, 2013, attack on South Korean assets have been varied and inconsistent. This paper outlines the attack's common attributes, gives guidance to U.S. Cricital Infrastructure and Key Resource owners and operators, and lists defensive measures against the DarkSeoul malware
The Risks of Using Portable Devices
Portable devices such as jump drives, personal audio players, and tablets give users convenient access to business and personal data on the go. As their use increases, however, so do the associated risks.
Cyber Threats to Mobile Phones
Smartphones and personal digital assistants (PDAs) give users mobile access to email, the internet, GPS navigation, and many other applications. However, smartphone security has not kept pace with traditional computer security.
Understanding and Protecting Yourself Against Money Mule Schemes
“Money mules” are people who are used to transport and launder stolen money or some kind of merchandise. Criminals may even recruit money mules to use stolen credit card information. People who are used as money mules may be willing participants; however, many money mules are not aware that they are being used to commit fraud
Socializing Securely: Using Social Networking Services
Social networking is a way for people to connect and share information with each other online. Millions of people worldwide regularly access these types of services from mobile devices, applications, and websites.
Common Vulnerabilities and Exposures List (CVE)
Search vulnerabilities by CVE name or browse the US-CERT list of vulnerabilities for specific CVEs.
National Infrastructure Advisory Council's Vulnerability Disclosure Framework
Improve your understanding of vulnerability management practices.
National Vulnerability Database (NVD)
Search U.S. government vulnerability resources for information about vulnerabilities on your systems.
Open Vulnerability Assessment Language (OVAL)
Identify vulnerabilities on your local systems using OVAL vulnerability definitions.
Build Security In
BSI provides a collection of software assurance and security information to help software developers, architects, and security practitioners create secure systems.
Center for Education and Research in Information Assurance and Security (CERIAS)
CERIAS offers tools and resources to the security community at large.
DHS Science and Technology Directorate Cyber Security Division Resources
DHS provides public documents relevant to the planning of cybersecurity research and development.
Information Sharing Specifications
TAXII, STIX, and CybOX are technical specifications designed to enable automated information sharing for cybersecurity situational awareness, real-time network defense and sophisticated threat analysis.
National Institute of Standards and Technology (NIST)
NIST offers various publications to promulgate computer security standards and guidelines and present relevant supporting information and research.
Operationally Critical Threat and Vulnerability Evaluation (OCTAVE)
OCTAVE includes tools and techniques for risk-based assessment and planning.
Software Assurance: Community Resources and Information Clearinghouse
The Software Assurance Program provides resources to encourage cyber resilience.
Federal Cyber Service: Scholarship for Service Program (SFS)
The SFS program seeks to increase the number of skilled students entering the fields of information assurance and computer security.
National Centers of Academic Excellence in Information Assurance Education
The Centers of Academic Excellence program strengthens higher education in information assurance programs to meet America's growing requirements for cybersecurity professionals.
National Initiative for Cybersecurity Careers and Studies (NICCS)
A one-stop shop for cybersecurity careers and studies, NICCS connects the public with information on cybersecurity awareness, degree programs, training, careers, and talent management.
Practical tips from the Federal Government and technology industry to help consumers guard against Internet fraud, secure their computers, and protect personal information
Stay Safe Online
Resources sponsored by the National Cyber Security Alliance (NCSA) to promote safe behavior online
The NetSmartz Workshop
Educational materials for children and teens
Stop. Think. Connect. || Get Involved and Informed | Tips and Advice
A national public awareness campaign aimed at increasing the understanding of cyber threats and empowering the American public to be safer and more secure online
NCCIC Cyber Incident Scoring System
The NCCIC Cyber Incident Scoring System (NCISS) is a framework designed to provide a repeatable and consistent mechanism for estimating the impact of a cyber incident.
Comprehensive National Cybersecurity Initiative
The CNCI consists of initiatives and goals designed to help secure the United States in cyberspace.
E-Government Act of 2002 including Title III - The Federal Information Security Management (FISMA) Act
The purpose of this Act is to enhance the management and promotion of electronic government services and processes. Title III of this act is the Federal Information Security Management Act of 2002. The E-Government Act permanently supersedes the Homeland Security Act in those instances where both Acts prescribe different amendments to the same provisions of the United States Code.
International Strategy for Cyberspace
The International Strategy for Cyberspace outlines a vision for cyberspace and an agenda for realizing it.
IT Sector Baseline Risk Assessment
The ITSRA identifies and prioritizes national-level risks to critical functions delivered and maintained by the IT Sector and relied on by all critical infrastructure sectors.
National Infrastructure Protection Plan
NIPP 2013 outlines how government and private sector participants in the critical infrastructure community work together to manage risks and achieve security and resilience outcomes.
National Security Strategy
The National Security Strategy articulates four enduring national interests advanced by the five missions of DHS.
Office of Management and Budget Guidance on FISMA
Presidential Homeland Security Issues
This web page describes guiding principles for securing the United States from 21st-century threats.
Presidential Policy Directive – Critical Infrastructure Security and Resilience
Released in February 2013, PPD-21 provides guidance for a national unity of effort to strengthen and maintain secure, functioning, and resilient critical infrastructure.
Quadrennial Homeland Security Review
Published in 2014, the QHSR reaffirms the five homeland security missions set forth in the previous QHSR, while acknowledging the evolving landscape of homeland security threats and hazards.
US-CERT Year In Review CY 2012
US-CERT 2012 Trends In Retrospect