Security and Security Research

Written by Stefan on . Modified on . Posted in bookmarks.

News Web Sites

Heise Security - Heise Online security news (deutsch)

The Register Security - The Register security news (english)

Golem.de Security - Golem.de security news (deutsch)

CERT-BUND Meldungen - CERT-Bund Security Meldungen (deutsch)

Cybernews.com - Cybernews.com is a research-based online publication that helps people navigate a safe path through their increasingly complex digital lives.

Manufacturers

Cisco Security Advisories and Alerts - Cisco Security Advisories and Alerts

Cisco Talos Intelligence - Vulnerability reports of Cisco Talos

ESET Security blog - Neuigkeiten, Analysen und Tipps der ESET Sicherheitsexperten

Security research

The Exploit Database - Ultimate archive of Exploits, Shellcode, and Security Papers

CVE Details - The ultimate security vulnerability datasource

Krebs on Security - Brian Krebs web site, in-depth security news and investigation

Schneier on Security - Bruce Schneier’s web site

SHAttered - SHA-1 broken in practice.

Key Reinstallation Attacks - Decrypting RSA with Obsolete and Weakened eNcryption

The Heartbleed Bug - Serious vulnerability in the popular OpenSSL cryptographic software library

CallStranger - CVE-2020-12695 Data Exfiltration & Reflected Amplified TCP DDOS & Port Scan via UPnP SUBSCRIBE Callback

Ripple20 - 19 Zero-Day Vulnerabilities Amplified by the Supply Chain

SIGRed - SIGRed – Resolving Your Way into Domain Admin: Exploiting a 17 Year-old Bug in Windows DNS Servers

Real-time communications security - Security, vulnerabilities and attacks affecting VoIP and WebRTC applications and infrastructure

zerforschung - zerforschung ist eine freundliche Gruppe an Menschen, die Spaß daran haben, Technik auseinander zu nehmen um zu verstehen, wie diese funktioniert.

Security checks

securityheaders.io - Check a web servers security-related configuration

VirusTotal - Analyze suspicious files and URLs

Qualys SSL Server test - Analyze TLS (SSL) Certificates

crt.sh Certificate Search - Check Certificates ID’s of web servers

CSP Evaluator - Check Content Security Policy to mitigate cross-site scripting attacks

Crypto

Let’s encrypt - A free, automated and open Certificate Authority

EFF Certbot - EFF’s Certbot for Let’s encrypt

Xca - X - Certificate and key management, start your own PKI today

Privacy

webbkoll dataskydd.net - Privacy check for websites

have i been pwned - Search data breaches if your e-mail address has been compromised

Identity Leak Checker - Identity Leak Checker (Hasso Plattner Institut)

Internet

bgpstream.com - Hijacks, leaks and outages for BGP (Border Gateway Protocol)

peeringdb.com - Lookup of global interconnection of networks at Internet Exchange Points (IXPs)

wigle.net - Wireless Geographic Logging Engine

DNSdumpster - dns recon & research, find & lookup dns records

Threadcrowd - Open source threat intelligence

Share: