Infosecurity News Reel


Help Net Security - News

Sep 23, 2015

Mozilla Releases Security Updates for Firefox

The Mozilla Foundation has released security updates to address critical vulnerabilities in Firefox and Firefox ESR. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.
Available updates include:
  • Firefox 41
  • Firefox ESR 38.3
US-CERT encourages users and administrators to review the Security Advisories for Firefox and Firefox ESR and apply the necessary updates.

ENISA Cyber Europe 2014 - After Action Report — ENISA

ENISA's After Action Report of the pan-European cybersecurity exercise Cyber Europe 2014 (CE2014) was approved by the EU Member States and gives a high-level overview of the complex cybersecurity exercise that was carried out in 2014. The full after action report includes an engaging action plan which ENISA and Member States are committed to implement.


ENISA Cyber Europe 2014 - After Action Report — ENISA: ENISA Cyber Europe 2014 - After Action Report — ENISA

Sep 14, 2015

Software bugs and hardware failures disrupt telephony and internet access - ENISA Annual Incidents Report — ENISA

Press Release
ENISA publishes its Annual Incidents report which gives the aggregated analysis of the security incidents causing severe outages in 2014. Incidents are reported on an annual basis, by the Telecom Regulators under Article 13a of theFramework Directive (2009/140/EC) to the Agency and the European Commission.

The report provides an overvi137 major incidents were reported, from 24 EU countries and 1 EFTA member and countries reporting no significant incidents. Most incidents reported, involve fixed telephony. The most frequent causes for incidents are technical failures, affecting mainly switches and routers.
ew on an aggregated level of which services and network assets were impacted, and the root causes of the incidents. In 2014,

In summary, key findings indicate:
  • Fixed telephony is the most affected, nearly half of all reported incidents (47%). This is a change compared to previous      reporting years, when mobile internet and telephony were the most affected by incidents. Incidents  inmobile internet and telephony affect  most users accounting for 1.7 and 1.2 million users respectively per incident
  • Impact on emergency calls: 29 % of the incidents  illustrate problems in reaching the 112 emergency services.
  • System or technical failures cause most outages  accounting for 65% of all reported incidents, with software bugs and      hardware failures, being the most common causes affecting switches and  routers. Additionally human error  also ranks high, which calls for improved cooperation between providers,  construction workers and third party vendors of equipment and managed      services.*
  • Faulty software changes and updates have most impact  in terms of user-hours lost (user connections and duration)

These patterns are particularly important for risk and vulnerability assessments. Conclusions on the main patterns of incidents contribute at a policy level on the strategic measures to improve the security in the electronic communications sector.
ENISA’s Executive Director Udo Helmbrecht commented: “All parts of society rely on public electronic communications networks and services. Being transparent and discussing the causes of incidents, is essential for risk management and improving the level of security. ENISA is dedicated to help increase resilience in the electronic communications sector and will continue to foster and support transparency on incident reporting, promoting a systematic approach towards improved security measures in the sector.”
Within this context ENISA is assessing the impact of the Article 13a Incident Reporting Scheme in the EU, while a study is being carried out to analyse alternative indicators for measuring impact in electronic communications services. In addition, ENISA has issued the Guideline on Threats and Assets in the Telecom Sector, a glossary of the most significant threats and network assets, involved in disruptions in electronic communications networks and services.

Software bugs and hardware failures disrupt telephony and internet access - ENISA Annual Incidents Report — ENISA: Software bugs and hardware failures disrupt telephony and internet access - ENISA Annual Incidents Report — ENISA
For full reports:

IEEE Spectrum Computing Channel

Here's a phish you might not spot - 60 Sec Security

Biggest Information Security and Cybersecurity Misconceptions

Computer History Museum Videos

Slashdot: Your Rights Online

Public Key Cryptography: Diffie-Hellman Key Exchange

European Public Policy Blog