InfoSec briefings

Cloud computing

Detailed information security briefing on cloud computing, focusing on the potential benefits and risks as well as identifying mitigation advice to reduce vulnerability.

Cloud computing - information security briefing - PDF

Social engineering against information systems

This briefing details social engineering methodologies, the psychological triggers employed by attackers to target vulnerable staff and gives advice on protective measures.

Social engineering against information systems - PDF

Secure web applications

This document aims to provide insight into the secure development and installation of web applications by exposing the pitfalls of web application design and addressing how to stop future attackers.

Secure web applications - PDF

Botnets - the threat to the critical national infrastructure

This paper focuses on the threat posed to the critical national infrastructure by Botnets. It discusses the current scope and scale of the Botnet problem, and offers simple mitigation advice.

Botnets - the threat to the critical national infrastructure - PDF

Targeted Trojan email attacks

This paper warns of trojanised email attacks that are targeting companies and the UK Government. Issued in June 2005 it describes the attack and provides detection and protection advice.

Targeted Trojan email attacks - PDF

Current advice

This paper is an ideal starting point for those wanting to mitigate malicious software. It outlines the key topics and provides links to the best available sources of advice.

Current advice - PDF