ADVISORIES AND PATCHES

**Admin** Thu Jun 09, 2011 8:43 am

CERT Coordination Center - http://www.cert.org
Studies Internet security vulnerabilities, provides incident response services to sites that have been the victims of attack, publishes a variety of security alerts, researches security and survivability in wide-area-networked computing, and develops information to improve site security.

US-CERT - http://www.us-cert.gov/
Established in 2003 to protect the nation's Internet infrastructure, US-CERT coordinates defense against and responses to cyber attacks across the nation.

CERIAS - http://www.cerias.purdue.edu/
Center for Education and Research in Information Assurance and Security. University center for multidisciplinary research and education in areas of information security.

Apache HTTP Server Vulnerability Lists - http://httpd.apache.org/security_report.html
Lists of security problems fixed in released versions of the Apache HTTP Server.

Secunia - http://secunia.com/
Provides security advisories and information about patches, and provides software for vulnerability management.

Bugtraq - http://www.securityfocus.com/archive/1
Independent source for security vulnerabilities, alerts, and threats.

AusCERT - http://www.auscert.org.au
Australian Computer Emergency Response Team. Advisories and tools.

ISS X-Force - http://xforce.iss.net/xforce/alerts
Security alerts, advisories, and alert summaries from ISS.

Open Source Vulnerability Database - http://www.osvdb.org/
Searchable database of vulnerabilities. Offers data for download in XML format as well as via website. Details of how to submit new vulnerabilities, database schema and FAQ.

VUPEN Security - http://www.vupen.com/english/
Provides security advisories and real-time information about vulnerabilities, exploits, and threats. Also provides vulnerability management and pentesting solutions.

PatchAdvisor - http://www.patchadvisor.com
Fee based patch alert service.

PatchManagement.org - http://www.patchmanagement.org/
Mailing list dedicated to the discussion of patch management.

Linux Security Group - http://www.linux-security.us/
Security Advisories, Anti Hackers, programming books and related links.

New Zealand Computer Emergency Readiness Team - http://www.nzcert.org.nz/
Charitable trust established to improve the general information security posture of New Zealand society. Provides news, alerts, trends and statistics.

Patch Management Forum - http://groups.yahoo.com/group/patchmgmt/
Mailing list facilitates networking and information exchange related to patch management: announcements, testing, verification, operations processes, and vulnerabilities.

SANS Internet Storm Center - http://isc.sans.org/
Cooperative cyber threat monitor and alert system. Features daily handler diaries that summarize and analyze new threats and events.

Oracle Security Center - http://www.oracle.com/technology/deploy/security/index.html
Tips, tools, and technologies to keep Oracle products safe, secure, and patched.

SecurityFocus: Bugtraq - http://www.securityfocus.com/rss/vulnerabilities.xml
Full disclosure computer security vulnerabilities feed.

Symantec DeepSight Threat Management System - http://www.symantec.com/Products/enterprise?c=prodinfo&refId=988
Fee based security alert service that provides early warning of active attacks.

PatchEasy - http://www.patcheasy.com/
Software vendor for patch management.

CASESContact - tips and tricks - http://casescontact.org/rss_tips.php
CASEScontact is an information security site providing tips and tricks for home users and SMEs (Small and Medium-Sized Enterprises) for FREE (How to protect against threats, vulnerabilities, privacy, encryption, viruses, worms, Trojans, spyware etc.).