O'Connor Consulting

Computer Security Resources

Apple Computer Product Security Incident Response Website

Apple Security Updates
Outlines security updates for Apple products.

CERT Coordination Center
Established in 1988, the CERT® Coordination Center (CERT/CC) is a center of Internet security expertise, located at the Software Engineering Institute, a federally funded research and development center operated by Carnegie Mellon University.

Computer Crime Research Center
Daily updated news about computer crimes, internet fraud and cyber terrorism.

Cybercrime
Computer Crime and Intellectual Property Section (CCIPS) of the Criminal Division of the U.S. Department of Justice.

ha.ckers
Web application security blog. If you want an insite to how security vulnerabilities are identifed and can be used for exploits, this is the blog to read.

Internet Storm Center
The ISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with Internet Service Providers to fight back against the most malicious attackers.

Microsoft Security Bulletins
Microsoft issues a security bulletin when a security update becomes available for Microsoft software. This page contains links to the summary announcements posted on Microsoft.com for widely released security updates, as well as the bulletin numbers for these releases.

Macromedia Security Zone
Macromedia uses the Security Zone to periodically publish security bulletins and technical briefs that provide information to customers about issues they believe are significant. The Security Zone only lists hot fixes and updates relating to security issues.

The National Information Assurance Partnership
A U.S. Government initiative originated to meet the security testing needs of both information technology (IT) consumers and producers.

National Institute of Standards and Technology Computer Security Division and Computer Resource Security Center
The mission of NIST's Computer Security Division is to improve information systems security by raising awareness of IT risks, vulnerabilities and protection requirements, particularly for new and emerging technologies; researching, studying, and advising agencies of IT vulnerabilities and devising techniques for the cost-effective security and privacy of sensitive Federal systems; developing standards, metrics, tests and validation programs to promote, measure, and validate security in systems and services, to educate consumers and to establish minimum security requirements for Federal systems; developing guidance to increase secure IT planning, implementation, management and operation.

NOVELL Security Alerts

OSVDB: The Open Source Vulnerability Database
An unbiased, vendor neutral vulnerability database for utilization by individuals involved in the information security community. The project collects information on vulnerabilities on all types of products, including commercial software.

SecurityFocus
A vendor-neutral site that provides objective, timely and comprehensive security information to all members of the security community, from end users, security hobbyists and network administrators to security consultants, IT Managers, CIOs and CSOs.

Secunia
A Danish computer security service provider best known for tracking vulnerabilities in more than 12,400 pieces of software and operating systems. Secunia also tracks currently active computer viruses, and has gained publicity and a notable reputation with the discovery of major zero day attack vulnerabilities in Internet Explorer and other widely used programs. Their an online security inspector relies on carefully crafted Secunia File Signatures to recognise applications on your system. The detected applications are then matched against our Secunia Advisory Intelligence to determine whether an application is up-to-date or not. The results are then used to advise you on how to update to more secure releases of the insecure applications.

Security Advisories for SCO Products

Sun Security Coordination Team
The Sun Security Coordination Team investigates reports of security vulnerabilities, responds to customer inquiries about security problems with Sun software, and publishes Sun Alerts for security issues.

United States Computer Emergency Readiness Team (US-CERT)
US-CERT is a partnership between the Department of Homeland Security and the public and private sectors. Established to protect the nation's Internet infrastructure, US-CERT coordinates defense against and responses to cyber attacks across the nation.

U.S. DOE-CIAC (Computer Incident Advisory Capability) Website

Computer Help and Resources