Real Time Security Links
Incidents.org -- http://www.incidents.org/
Real time map of attacks being observed Right Now on the Internet. Be sure to read the "Handler's Log".
Trend Micro World Virus Tracking -- http://wtc.trendmicro.com/wtc/
Trend Micro has an excellent map to show recent virus activity and a "Top Ten" currently observed viruses.
McAfee North American Viruses -- http://vil.mcafee.com/mast/viruses_by_continent.asp?continent_k=1&track_by=2&period_id=1
McAfee table showing how many North American computers (using their web-based scan tool) were infected by each of the top ten viruses in the past 24 hours.
Security Advisories
Computer Incident Advisory Capability -- http://www.ciac.org/ciac/
Department of Energy advisories on computer security risks. Very current. Available via email.
Computer Emergency Response Team -- http://www.cert.org/
Carnegie Mellon's Software Engineering Institute maintains the original and most active
security advisory list. Very well researched advisories. Available via email.
BugTraq Vulnerabilities Database -- http://www.securityfocus.com/cgi-bin/vulns.pl
SecurityFocus.com provides absolutely the most complete advisory listing, but carries many "minor" advisories that
may not be of interest to all. Unlike CIAC and CERT, the SecurityFocus advisories contain Exploit
descriptions and links to code that makes the attack possible. Much more useful if your scanning your
logs, since you can now know what the attack actually looks like. (Obviously, many object to this type
of "Full Disclosure"). Available via email.
Packetstorm Last 20 Advisories -- http://packetstormsecurity.org/advisories20.shtml
Packetstorm takes Full Disclosure even further than SecurityFocus. Generally considered a "hacker site"
this site is a great way to keep track of what the underground may be bringing to bear against your
network. Tools are divided between "Assessment" (attack) tools and "Defense" tools.
Security News Links
Help Net Security -- http://www.net-security.org/
Many news sites today have the "auto-feed" security headlines coming from some newswire
where the same news is hit by ten different sources with very little value add. The guys at
HNS do a good job of selecting and evaluating the news stories they link, with an introductory
paragraph by their editorial staff. Constantly fresh, and skips the crap.
WhiteHats.com -- http://www.whitehats.com/
This site has one of those "auto-feed" news sites, and lets face it, we only need one.
The site is dedicated to Intrusion Detection signature development, but has slowed down on this
side since its founder went to the Federal Pen.
White Hat - Black Hat - Grey Hat Security Links -- http://www.wbglinks.net/
Hacker news from an Insider perspective . . . the news articles linked are all Hacker related.
The list of "Exploits" sites is very complete -- though some are inactive.
VNUNet News: Hacking -- http://www.vnunet.com/Security/Hacking
Hacking section from UK Technology news source - low volume, but kept current with high interest stories
Computer Security News Daily -- http://www.mountainwave.com/
From Mountain Wave -- updated daily -- nice addition of "Government" stories in their own section.
All the "high risk" vulnerabilities listed, with links to advisories.
NewsNow: Encryption + Security -- http://www.newsnow.co.uk/cgi/NewsNow/NewsLink.News.htm?Theme=Encryption+/+Security
Encryption & Security section from UK: Hourly updates, but high "noise" level (same news stories retold from many news sources).
@stake - Formerly Hacker News Network -- http://www.atstake.com/security_news/
The most highly regarded White Hat hacker group. Famous for depth of research. Not as current, but worth the read when they speak.
Full Tech Resources
Black Hat Conference Presentations -- http://www.blackhat.com/html/bh-multi-media-archives.html
Black Hat, originally an underground hackers conference, has grown to be considered one of the
definitive security conferences for law enforcement and corporate security engineers as well. Full
powerpoint, audio, and video, of almost all their presentations are online here. Presentations range
from informative to very technical.
Rain Forest Puppy -- http://www.wiretrip.net/rfp/4/index.asp
A true scientist of security researchers, Rain Forest Puppy is a full-disclosure security
analyst respected by black and white hat alike for the depth of his research.
DefCon Conference Presentations -- http://www.defcon.org/defcon-media-archives-defcon.html
DefCon has tried very hard not to "go corporate". Full video of many hacker presentations
ranging from "Newbie" to "Hacker" and "Uber Hacker" presentations.
|
|
