Search

Recent news show the increase of large scale attacks exploiting specific vulnerabilities of the Internet core protocols. In the latest cases, the Network Time Protocol (NTP), which allows synchronizing devices to the coordinated universal time (UTC…

In this report explores relevant challenges, vulnerabilities and attacks to the Network Function Virtualization (NFV) within the 5G network. NFV changes the network security environment due to resource pools based on cloud computing and open network…

In this paper ENISA highlights the security vulnerabilities of BGP and explains why it is so important to address them. Working closely with experts from industry ENISA derived a shortlist of 7 basic BGP security measures which are industry good…

Last week the entire web discovered the existence of the so called “Heartbleed” vulnerability affecting one of the most popular mechanisms used to secure communication with web sites: OpenSSL. The underlying problem is a programming error with…

ENISA warns about the risks of using discontinued software, not only because of the lack of support from the manufacturer, but also from third parties, like manufacturers of anti-malware or other kind of software, or computer peripherals. This will…

This document covers the following aspects of Trust Service Providers operations: • Assets: identification, classification and evaluation • Threats to assets: classification and evaluation • Vulnerabilities present in the environment • Probability…

This Threat Landscape and Good Practice Guide for Big Data provides an overview of the current state of security in the Big Data area. In particular, it identifies Big Data assets, analyses exposure of these assets to threats, lists threat agents,…

This report presents the outcome of the public consultation on the first draft of the cybersecurity certification candidate EUCC scheme. The scheme was developed following the request from the European Commission in accordance with Article 48.2 of…

This report presents the Agency's active mapping of the AI cybersecurity ecosystem and its Threat Landscape, realised with the support of the Ad-Hoc Working Group on Artificial Intelligence Cybersecurity. The ENISA AI Threat Landscape not only lays…

Following the request from the European Commission in accordance with Article 48.2 of the Cybersecurity Act, ENISA has set up an Ad Hoc Working Group to support the preparation of a candidate EU cybersecurity certification scheme as a successor to…