[1. Nikiforakis, N., L. Invernizzi, A. Kapravelos, S. Van Acker, W. Joosen, C. Kruegel et al. You Are What You Include: Large-Scale Evaluation of Remote Javascript Inclusions. – In: Proc. of 2012 ACM Conference on Computer and Communications Security (CCS’12), New York, NY, USA, ACM Press, 2012, p. 736.10.1145/2382196.2382274]Search in Google Scholar
[2. Uesugi, S. You Could’ve Submitted a Pull Request to Inject Arbitrary JS Code into Donald Trump’s Site. – In: Medium [Internet]. Medium, 18 August 2016 [Cited 21 August 2018]. https://medium.com/@chibicode/you-can-submit-a-pull-request-to-inject-arbitrary-js-code-into-donald-trumps-site-here-s-how-782aa6a17a56]Search in Google Scholar
[3. Hunt, T. The JavaScript Supply Chain Paradox: SRI, CSP and Trust in Third Party Libraries. – In: Troy Hunt Blog [Internet]. Troy Hunt, 12 February 2018 [Cited 21 August 2018]. https://www.troyhunt.com/the-javascript-supply-chain-paradox-sri-csp-and-trust-in-third-party-libraries/]Search in Google Scholar
[4. Zhou, N. Cryptojacking Attack Hits Australian Government Websites. – The Guardian, 12 February 2018. Accessed 21 August 2018. http://www.theguardian.com/technology/2018/feb/12/cryptojacking-attack-hits-australian-government-websites]Search in Google Scholar
[5. Lomas, N. Cryptojacking Attack Hits ~4,000 Websites, Including UK’s Data Watchdog. TechCrunch. TechCrunch; 12 February 2018. Accessed 21 August 2018. http://social.techcrunch.com/2018/02/12/ico-snafu/]Search in Google Scholar
[6. Russian Government Website Was Affected by a Malicious Cryptocurrency Mining Script. – In: Altcoin Today [Internet]. 12 Jun 2018 [Cited 24 August 2018]. https://altcointoday.com/russian-government-website-was-affected-by-a-malicious-cryptocurrency-mining-script/]Search in Google Scholar
[7. US Government Site Was Hosting Ransomware. – In: Threatpost [Internet]. 1 September 2017 [Cited 24 August 2018]. https://threatpost.com/us-government-site-removes-link-to-cerber-ransomware-downloader/127767/]Search in Google Scholar
[8. Baker, P. “Malicious Attack” on Government Site Hijacked Computers to Mine XMR – The Market Mogul. – In: The Market Mogul [Internet]. 16 March 2018 [Cited 24 August 2018]. https://themarketmogul.com/crypto-jack-malicious-attack/]Search in Google Scholar
[9. L K k: T. Regulating Cross-Border Dependencies of Critical Information Infrastructure [Internet]. 2015. https://ccdcoe.org/sites/default/files/multimedia/pdf/CII_dependencies_2015.pdf]Search in Google Scholar
[10. Harašta, J. Legally Critical: Defining Critical Infrastructure in an Interconnected World. – Int. J. Crit. Infrastruct Prot., Vol. 21, 2018, pp. 47-56.10.1016/j.ijcip.2018.05.007]Search in Google Scholar
[11. Windelberg, M. Objectives for Managing Cyber Supply Chain Risk. – Int. J. Crit Infrastruct Prot. Vol. 12, 2016, pp. 4-11.10.1016/j.ijcip.2015.11.003]Search in Google Scholar
[12. Kumar, R. P., P. H. Raj, P. Jelciana. Exploring Security Issues and Solutions in Cloud Computing Services – A Survey. – Cybernetics and Information Technologies, Vol. 17, 2017, No 4, pp. 3-31. http://www.cit.iit.bas.bg/CIT_2017/v-17-4/01_paper.pdf10.1515/cait-2017-0039]Search in Google Scholar
[13. Maggi, F., M. Balduzzi, R. Flores, L. Gu, V. Ciancaglini. Investigating Web Defacement Campaigns at Large. – In: Proc. of 2018 on Asia Conference on Computer and Communications Security. New York, NY, USA, ACM, 2018, pp. 443-456.10.1145/3196494.3196542]Search in Google Scholar
[14. Borgolte, K., C. Kruegel, G. Vigna. Meerkat: Detecting Website Defacements through Image-Based Object Recognition. – USENIX Security Symposium. usenix.org, 2015, pp. 595-610.]Search in Google Scholar
[15. Bartoli, A., G. Davanzo, E. Medvet. A Framework for Large-Scale Detection of Web Site Defacements. – ACM Trans. Internet Technol. New York, NY, USA, ACM, 2010, 10: 10:1–10:37.10.1145/1852096.1852098]Search in Google Scholar
[16. Bartoli, A., G. Davanzo, E. Medvet. The Reaction Time to Web Site Defacements. – IEEE Internet Comput. ieeexplore.ieee.org, 2009, 13, pp. 52-58.10.1109/MIC.2009.91]Search in Google Scholar
[17. Davanzo, G., E. Medvet, A. Bartoli. Anomaly Detection Techniques for a Web Defacement Monitoring Service. – Expert Syst. Appl. Elsevier, 2011, 38, pp. 12521-12530.10.1016/j.eswa.2011.04.038]Search in Google Scholar
[18. Content Security Policy Level 3 [Internet]. [Cited 4 September 2018]. https://www.w3.org/TR/CSP/]Search in Google Scholar
[19. Weissbacher, M., T. Lauinger, W. Robertson. Why Is CSP Failing? Trends and Challenges in CSP Adoption. Research in Attacks, Intrusions and Defenses. – Springer International Publishing, 2014, pp. 212-233.10.1007/978-3-319-11379-1_11]Search in Google Scholar
[20. Pan, X., Y. Cao, S. Liu, Y. Zhou, Y. Chen, T. Zhou. CSPAutoGen: Black-Box Enforcement of Content Security Policy Upon Real-World Websites. – In: Proc. of 2016 ACM SIGSAC Conference on Computer and Communications Security, New York, NY, USA, ACM, 2016, pp. 653-665.10.1145/2976749.2978384]Search in Google Scholar
[21. Weichselbaum, L., M. Spagnuolo, S. Lekies, A. Janc. CSP is Dead, Long Live CSP! On the Insecurity of Whitelists and the Future of Content Security Policy. – In: Proc. of 2016 ACM SIGSAC Conference on Computer and Communications Security, ACM, 2016, pp. 1376-1387.10.1145/2976749.2978363]Search in Google Scholar
[22. Vai sul sito ANVUR? Uno script maligno registra il tuo profilo e lo manda a Singapore. – In: ROARS [Internet]. 18 April 2017 [Cited 22 Aug 2018]. https://www.roars.it/online/vai-sul-sito-anvur-uno-script-maligno-registra-il-tuo-profilo-e-lo-manda-a-singapore/]Search in Google Scholar
[23. Borgolte, K., C. Kruegel, G. Vigna. Delta: Automatic Identification of Unknown Web-Based Infection Campaigns. – In: Proc. of 2013 ACM SIGSAC Conference on Computer & Communications Security (CCS’13), New York, New York, USA, ACM Press, 2013, pp. 109-120.10.1145/2508859.2516725]Search in Google Scholar
[24. Lauinger, T., A. Chaabane, S. Arshad, W. Robertson, C. Wilson, E. Kirda. Thou Shalt Not Depend on Me: Analysing the Use of Outdated Javascript Libraries on the Web. – In: Proc. of 24th Annual Network and Distributed System Security Symposium (NDSS’17) The Internet Society. pdfs.semanticscholar.org, 2017. https://pdfs.semanticscholar.org/50b5/56396ebc887461015b48ce89c572424bcedf.pdf]Search in Google Scholar
[25. Soni, P., E. Budianto, P. Saxena. The SICILIAN Defense: Signature-Based Whitelisting of Web JavaScript. – In: Proc. of 2nd ACM SIGSAC Conference on Computer and Communications Security, New York, NY, USA, ACM, 2015. pp. 1542-1557.10.1145/2810103.2813710]Search in Google Scholar
[26. Cova, M., C. Kruegel, G. Vigna. Detection and Analysis of Drive-by-download Attacks and Malicious JavaScript Code. – In: Proc. of 19th International Conference on World Wide Web, New York, NY, USA, ACM, 2010, pp. 281-290.10.1145/1772690.1772720]Search in Google Scholar
[27. Li, Z., K. Zhang, Y. Xie, F. Yu, X. Wang. Knowing Your Enemy: Understanding and Detecting Malicious Web Advertising. – In: Proc. of 2012 ACM Conference on Computer and Communications Security (CCS’12), New York, NY, USA, ACM Press, 2012, p. 674.10.1145/2382196.2382267]Search in Google Scholar
[28. Vaas, L. Massive Malvertising Attack Poisons 288 Sites. – In: Naked Security [Internet]. 12 April 2016 [Cited 4 Sep 2018]. https://nakedsecurity.sophos.com/2016/04/12/massive-malvertising-attack-poisons-288-sites/]Search in Google Scholar
[29. Goodin, D. Home Routers under Attack in Ongoing Malvertisement Blitz. – In: Ars Technica [Internet]. 16 December 2016 [Cited 4 September 2018]. https://arstechnica.com/information-technology/2016/12/home-routers-under-attack-in-ongoing-malvertisement-blitz/]Search in Google Scholar
[30. Microsoft Patches Zero Day Flaw Used in Two Massive Malvertising Campaigns. – In: Dark Reading [Internet] [Cited 4 September 2018]. https://www.darkreading.com/attacks-breaches/microsoft-patches-zero-day-flaw-used-in-two-massive-malvertising-campaigns/d/d-id/1326908]Search in Google Scholar
[31. ThreatLabz, M. Piercy, A. Singh. China’s NCGA Government Site Infected with Hidden Malicious Iframe | Zscaler Blog. – In: Zscaler [Internet] [Cited 24 August 2018]. https://www.zscaler.com/blogs/research/chinas-ncga-government-site-infected-hidden-malicious-iframe]Search in Google Scholar
[32. Mavrommatis NPP, Monrose MARF. All Your Iframes Point to Us. – In: USENIX Security Symposium USENIX. usenix.org, 2008, pp. 1-16.]Search in Google Scholar
[33. Arshad, S., S. A. Mirheidari, T. Lauinger, B. Crispo, E. Kirda, W. Robertson. Large-Scale Analysis of Style Injection by Relative Path Overwrite. – In: Proc. of 2018 World Wide Web Conference. Republic and Canton of Geneva, Switzerland: International World Wide Web Conferences Steering Committee, 2018, pp. 237-246.10.1145/3178876.3186090]Search in Google Scholar
[34. Heiderich, M., M. Niemietz, F. Schuster, T. Holz, J. Schwenk. Scriptless Attacks: Stealing the Pie Without Touching the Sill. – In: Proc. of 2012 ACM Conference on Computer and Communications Security, New York, NY, USA, ACM, 2012, pp. 760-771.10.1145/2382196.2382276]Search in Google Scholar
[35. Hashim, A. Microsoft Edge Vulnerability Could Allow for Email and Facebook Data Scraping. – In: Latest Hacking News [Internet]. 22 Jun 2018 [Cited 23 August 2018]. https://latesthackingnews.com/2018/06/22/microsoft-edge-vulnerability-could-allow-for-email-and-facebook-data-scraping/]Search in Google Scholar
[36. Cimpanu, C. Chrome Bug Lets Attackers Steal Web Secrets via Audio or Video HTML Tags. – In: BleepingComputer [Internet]. BleepingComputer.com; 15 August 2018 [Cited 23 August 2018]. https://www.bleepingcomputer.com/news/security/chrome-bug-lets-attackers-steal-web-secrets-via-audio-or-video-html-tags/]Search in Google Scholar
[37. Van Goethem, T., P. Chen, N. Nikiforakis, L. Desmet, W. Joosen. Large-Scale Security Analysis of the Web: Challenges and Findings. Trust and Trustworthy Computing. – Springer International Publishing, 2014, pp. 110-126.10.1007/978-3-319-08593-7_8]Search in Google Scholar
[38. De Nicola, A., M. L. Villani, M. C. Brugnoli, G. D’Agostino. A Methodology for Modeling and Measuring Interdependencies of Information and Communications Systems Used for Public Administration and e-Government Services. – Int. J. Crit. Infrastruct. Prot., Vol. 14, 2016, pp. 18-27.10.1016/j.ijcip.2016.06.001]Search in Google Scholar
[39. Kirilov, R. Effectiveness of Information Security in the Banks. – Cybernetics and Information Technologies, Vol. 6, 2006, No 2, pp. 70-85. http://www.cit.iit.bas.bg/CIT_06/v6-2/70-85.pdf]Search in Google Scholar
[40. Medvet, E., A. Bartoli, G. Davanzo, A. D. Lorenzo. Automatic Face Annotation in News Images by Mining the Web. – In: 2011 IEEE/WIC/ACM International Conferences on Web Intelligence and Intelligent Agent Technology, 2011, pp. 47-54.10.1109/WI-IAT.2011.101]Search in Google Scholar
[41. Medvet, E., A. Bartoli, G. Piccinin. Publication Venue Recommendation Based on Paper Abstract. – In: 2014 IEEE 26th International Conference on Tools with Artificial Intelligence, 2014, pp. 1004-1010.10.1109/ICTAI.2014.152]Search in Google Scholar
[42. Meguebli, Y., M. Kacimi, B.-L. Doan, F. Popineau. Unsupervised Approach for Identifying Users’ Political Orientations. Advances in Information Retrieval. – Springer International Publishing, 2014, pp. 507-512.10.1007/978-3-319-06028-6_49]Search in Google Scholar
[43. Tremblay, M. C., C. Parra, A. Castellanos. Analyzing Corporate Social Responsibility Reports Using Unsupervised and Supervised Text Data Mining. New Horizons in Design Science: Broadening the Research Agenda. – Springer International Publishing, 2015, pp. 439-446.10.1007/978-3-319-18714-3_36]Search in Google Scholar