General Interest
@RISK: Security Vulnerability Alerts
Web Spoofing
A White Paper describing privacy issues of World Wide Web users and the
integrity of user data.
Web spoofing allows an attacker to create a “shadow copy” of a website.
Accesses to the shadow Web are funneled through the attacker’s machine,
allowing the attacker to monitor all of the victim’s activities including
any passwords or account numbers the victim enters.
In short, the attacker observes and controls everything the victim does on the Web.
Web Spoofing White Paper
Open-Source Security Testing Methodology Manual
ISECOM, the Institute for Security and Open Methodologies is a Non-Profit
Organization seeking to exceed international legislation and regulations
regarding security as well as those from many participating organizations
to assure compliancy.
ISECOM Manual
-------
ISECOM Website
Computer Security News Sites
The Register
The Register offers daily news
affecting the internet, IT and
security industries. They typically
offer a dose of dry wit in all of
their stories, while still providing
an informative news coverage.
http://www.theregister.co.uk/
Security Focus
SecurityFocus.com is designed to
facilitate discussion on security
related topics, create security
awareness, and to provide one of the
Internet's largest and most
comprehensive database of security
knowledge and resources to the
public.
http://www.securityfocus.com/
Secunia
This is a nice site that keeps track
of the latest viruses, threats and
vulnerabilities.
http://secunia.com/advisories/
Infosec Writers
Infosec Writers are online
publishers of information security
papers and projects, working with
established and unestablished
writers in the industry. The overall
community has the opportunity to
rate submissions and partake in
related forum discussions.
http://www.infosecwriters.com/
Start Plaza
A large compilation of security
links including Security News sites,
Security Advisory sites, Security
Scanners, Programming sites,
Anti-virus, Phreaking sites, E-Zine
sites, and more. All sites are rated
for quality.
http://www.startplaza.nu/
Secure
Mac
SecureMac.com contains Macintosh
security news, reviews, advisories,
and security tools for Mac OS and OS X.
http://www.securemac.com/
WindowSecurity.com
Windows security site which provides
Windows security news, articles,
tutorials, software listings and
reviews for information security
professionals covering topics such
as firewalls, viruses, intrusion
detection and other security topics.
http://www.windowsecurity.com/
Help Net Security
Help Net Security has been online
since 1998. Initially conceived as a
download archive, the site has grown
into a daily updated security
related news site with lots of
additional content.
http://net-security.org/
SecurityTracker
Security Tracker is a site devoted
to tracking security
vulnerabilities, and nothing else.
http://www.securitytracker.com/
Computer Emergency Response Team
The CERT Coordination Center is part
of the Survivable Systems Initiative
at the Software Engineering
Institute, a federally funded
research and development center at
Carnegie Mellon University.
Originally started by DARPA in 1988,
their primary focus is on incident
response.
http://www.cert.org/
Government Computer Security Sites
Computer Crime and Intellectual Property Section
CCIPS focuses exclusively on the
issues raised by computer and
intellectual property crime. They
advise federal prosecutors and law
enforcement agents; comment upon and
propose legislation; coordinate
international efforts to combat
computer crime; litigate cases; and
train all law enforcement groups.
http://www.cybercrime.gov/
US-Cert
United States Computer Emergency
Readiness Team (US-CERT) is a
partnership between the Department
of Homeland Security and the public
and private sectors. Established in
2003 to protect the nation's
Internet infrastructure, US-CERT
coordinates defense against and
responses to cyber attacks across
the nation.
http://www.us-cert.gov/
CSRC
is designed to collect and
disseminate computer security
information and resources to help
users, systems administrators,
managers, and security professionals
better protect their data and
systems.
http://csrc.nist.gov/
National Vulnerability Database
The NVD is the U.S.
government repository of standards
based vulnerability management data.
This data enables automation of
vulnerability management, security
measurement, and compliance
http://nvd.nist.gov/nvd.cfm
Call
443-506-3813
today for a no-cost, no obligation external assessment of your network or
email
us for more information.
Visitor
|
 |
