Table of Contents

top business concern for security

http://securityreactions.tumblr.com/post/135125776940/management-is-so-busy-developing-security-metrics

ddos_attacks_growing

digital attack map

make_rhel7_pci-dss

zdnet_api_code_security

gartner_security_predictions

cybersecurity_skills_gap

ics-cert

owasp_video owasp_zap_video sophos_videos fortinet_videos tpsc_video
firewalls_channel secure_ninja_tv network_security_video kali_linux_video NetSecNow sophos_iberia_video

Security

Awesome Security Lists

CVE Common Vulnerabilities and Exposures

cve_details

OWASP Open Web Application Security Project

owasp_testing_guide

Seguridad Web


PHP Security

OpenSCAP and Lynis. Open Source security auditing tools

Cisco Security Advisories and Responses

Security Blogs

hack_in_the_security_conference


Security articles

Blogs de Seguridad Informรกtica

Network Security

Security on Twitter

Seguridad en Twitter




Security Podcasts

Security Toolkits and Policies. Penetration Testing

Antivirus and malware

nomoreransom

mac users malware

sophos_security_podcast

software with most vulnerabilities

dell_ransomware




XSS and CSRF attacks


Mobile Security

mobile_security

Private Browsing

HTTPs and HSTS

Database encryption and security

Identity Management

passwords




Session Hijacking Detection


Big Data Security

Application Security: Web App Firewall. Blocking bots





Breaking Firewalls, Shellcode Injection, SQL Injection

Shellcode Injection

Email security. Anti Spam protection

Server Hardening

Next Generation Firewalls

NTP

Security Checklist

Major Security Vulnerabilities

Keyloggers

Red Hat Vulnerabilities Catalog. Red Hat CVE Database.

  • Vulnerability Responses ๐ŸŒŸ๐ŸŒŸ Large scale security vulnerabilities like the ones below receive special attention from Red Hat Product Security. In order to create the best experience possible for our customers during these critical moments, a specialized vulnerability page is created within the Red Hat Product Security Center which aggregates information, diagnostic tools, and updates in one easy-to-use interface. This list is a catalog of these pages.

SQL injection

Windows Vulnerabilities

Linux Vulnerabilities


Heartbleed. April 2014

Shellshock. September 2014

Java Serialization Vulnerability. November 2015

HTTPS Bicycle Attack. December 2015

Backdoors. December 2015

LastPass. January 2016

  • LastPass I have discovered a phishing attack against LastPass that allows an attacker to steal a LastPass user's email, password, and even two-factor auth code, giving full access to all passwords and documents stored in LastPass. I call this attack LostPass.
  • ZDNet: LastPass phishing attack avoids two-factor authentication in data theft The exploited security flaw is severe enough that successful attacks compromise two-factor authentication codes.

OpenSSH Roaming Bug. January 2016

OpenSSL. January 2016

Linode SSH. February 2016

glibc stack based buffer overflow. February 2016

DROWN Attack. Cross protocol attack on TLS using SSLv2. March 2016

OpenSSH Security Advisory. March 2016

SSH attempts

Bad Tunnel. June 2016

HTTP/2. August 2016

DDos

DNS Attack Analysis


Shadow IT security risks

httpoxy. July 2016

Flip Feng Shui SSH Cross VM Exploit. August 2016

Top security initiatives for 2016

HEIST technique

Container security. Whoโ€™s fixing containers? February 2016

DDos and Project Shield. February 2016

glibc vulnerability docker

hot potato windows privilege escalation

intrusion response procedures


Disk Encryption