Security Websites

General Technology and Security trends:

• ISC
• NetCraft
• US-CERT
• Schneier on Security Blog
• Krebs on Security
• Security Dark Reading
• Securosis

Threat Intelligence

Microsoft Security Intelligence Report: http://www.microsoft.com/security/sir/default.aspx
Team Cymru (also has subscription service): www.team-cymru.org
FBI Cybercrime information: http://www.fbi.gov/about-us/investigate/cyber/cyber

Malware and threats:

Threat Expert: http://threatexpert.com
Microsoft Malware Protection Center: http://www.microsoft.com/security/portal/default.aspx
SANS Internet Storm Center: http://Isc.sans.edu
Symantec Threat Explorer: http://www.symantec.com/norton/security_response/threatexplorer/index.jsp
Symantec Internet Threat Report: http://www.symantec.com/business/theme.jsp?themeid=threatreport
McAfee Threat Center: http://www.mcafee.com/us/threat_center/
Metasploit Blog: https://community.rapid7.com/community/metasploit?view=blog
Security Focus: http://www.securityfocus.com/
Dshield: http://www.dshield.org/
Offensive Security’s Exploit Database: http://www.exploit-db.com/
Worldwide Observatory of Malicious Behaviors and Attack Threats (WOMBAT):
http://wombat-project.eu/246
Symantec’s Worldwide Intelligence Network Environment (WINE): http://www.
symantec.com/about/profile/universityresearch/sharing.jsp
Mandiant M-Trends: https://www.mandiant.com/resources/mandiant-reports/
Bad domains, IP addresses, and other indicators:
Malware Domain Blocklist: http://www.malwaredomains.com/
Malware Domain List: http://www.malwaredomainlist.com/
Unspam Technologies Project Honeypot: http://www.projecthoneypot.org/index.php
EXPOSURE (Exposing Malicious Domains): http://exposure.iseclab.org/
Shadowserver Foundation: http://www.shadowserver.org/wiki/

Automatic threat analyzers:

Anubis (Analyzing Unknown Binaries): http://anubis.iseclab.org/
Virustotal: http://www.virustotal.com/
Metascan online: http://www.metascan-online.com/

Threats with signatures:

IBM ISS X-Force: http://xforce.iss.net
BotHunter Internet Distribution Page: http://www.bothunter.net/
Latest Snort publicly available Snort rules (most recent rules require subscription):
http://www.snort.org/snort-rules/
Emerging Threats signature list: http://www.emergingthreats.net/
Latest Tenable Nessus plugins (requires subscription): http://www.nessus.org/
plugins/

Patches and vulnerabilities:

MITRE’s CVE: http://cve.mitre.org
NIST’s National Vulnerability Database: http://nvd.nist.gov/
US-CERT Technical Cyber Security Alerts: http://www.us-cert.gov/cas/techalerts
Microsoft Security TechCenter: http://technet.microsoft.com/en-us/security/default.aspx