Segurança Informática

Blog com comentários e notícias sobre segurança informática e confiabilidade de computadores e redes - http://www.seguranca-informatica.net/

Mais um relatório sobre "security trends"

Muito interessante, da IBM X-Force:

http://www.iss.net/documents/literature/x-force_2007_trend_statistics_report.pdf
* Miguel Correia - 14.2.08
Email ThisBlogThis!Share to TwitterShare to FacebookShare to Pinterest
Newer Post Older Post Home

Contribuidores

  • Henrique Moniz
  • Miguel Correia
  • Paulo Sousa

Segurança no Software - Livro

Segurança no Software - Livro

Popular Posts

  • forum PTSec
    interessante: http://forums.ptsec.net/ http://www.ptsec.net/
  • vantagens da análise estática de código
    uma lista muito interessante no blog http://sylvanvonstuppe.blogspot.com/ : ... Before I begin, know that I believe that there is no silve...
  • Common Body of Knowledge for Information Security
    Common Body of Knowledge for Information Security Marianthi Theoharidou and Dimitris Gritzalis "The need for skilled information secur...
  • 1º Fórum de Software Livre de Lisboa, na FCUL
    1º Fórum de Software Livre de Lisboa, na FCUL http://www.softwarelivre.com.pt/ O Software Livre (GNU/Linux, FreeBSD, OpenBSD, NetBSD e ou...

Notícias: ZDNet Zero Day

Loading...

Notícias: DarkReading

Loading...

Notícias: Schneier on Security

Loading...

Notícias: OWASP AppSec

Loading...

Notícias: ENISA

Loading...

Notícias: Yahoo! Security

Loading...

Notícias: HPCintheCloud: Security

Loading...

Blogroll

  • 1 Raindrop
  • A Passion for .NET Security
  • ARCHIMEDIUS
  • Alex's Corner
  • Amrit Williams Blog
  • Analytical Engine
  • Anurag Agarwal
  • Apps and Security
  • Billy (BK) Rios
  • Blogsecurity
  • BlueHat Security Briefings
  • C4I.org
  • CERIAS
  • CGISecurity
  • CISCO Security
  • CSO Security&Risk
  • CYPHERSEC
  • Chris Shiflett
  • Cloud Security Blog
  • Coding Insecurity
  • Computer Defense
  • Critical Infrastructure Protection blog
  • Cryptosmith
  • DCS Security
  • Damn Vulnerable Blog
  • Dan Kaminsky
  • Dark Reading Evil Bytes
  • David LeBlanc's Web Log
  • DigitalBond
  • Dinis Cruz blog
  • Disenchant’s Blog
  • Dragos Lungu Dot Com
  • ESG - Jon Oltsik
  • Emergent Chaos
  • F-Secure weblog
  • Finantial Cryptography
  • Fortinet Security Blog
  • Freedom to Tinker
  • Geekonomics
  • Google Online Security Blog
  • HolisticInfoSec.org
  • Honeyblog
  • IBM Rational Application Security Insider
  • Information Security Software Tools
  • Intelfusion.net
  • It's Bugs All the Way Down
  • It's a shampoo world anyway
  • Ivan Ristic
  • JW on Test
  • Jeremiah Grossman
  • Jesper's Blog
  • Krebs on Security
  • Lance Spitzner - A Strategic Approach...
  • Larholm.com
  • Light Blue Touchpaper
  • Manicode
  • Mary Ann Davidson Blog - Oracle
  • McAfee Avert Labs Blog
  • Michael Howard's Web Log
  • Microsoft Malware Protection Center
  • Mike Andrews
  • Mind Streams of Information Security Knowledge
  • Mozilla Security
  • Musings on Information Security
  • NP-Incomplete
  • Naked Security
  • Nart Villeneuve
  • Neil MacDonald
  • New School Information Security
  • Official Google Blog
  • PandaLabs
  • Perilocity
  • Plynt
  • Political Hacking
  • Princess of Antiquity
  • Rational Survivability
  • RiskAnalys.is
  • Ruby on Rails Security Project
  • S21sec
  • Schneier on Security
  • Secunia
  • Secure Software Zone
  • Securiteam
  • Security Bytes
  • Security Curve
  • Security Incite
  • Security Is Simple: Only Use Perfect Software
  • Security Retentive
  • Security Sauce
  • Security Update
  • Security Vulnerability Research & Defense
  • Security to the Core
  • Security-Protocols
  • SecurityBuddha.com
  • SecurityFix
  • Securosis
  • Smart Security
  • Social Hacking
  • Speaking of Security - RSA
  • Spire Security Viewpoint
  • Stay Safe
  • Steve Bellovin
  • Suitable Security
  • Suspekt...
  • Sylvan von Stuppe
  • Symantec Connect
  • Tactical Web Application Security
  • TaoSecurity
  • The Day Before Zero
  • The Firewall
  • The Risk Factor
  • The Security Development Lifecycle
  • The Spanner
  • The Turkey Curse
  • Threat Caos
  • Threat Expert
  • Threat Level (Wired)
  • Threat Post (Kaspersky Lab)
  • ThreatPost
  • Uncommon Sense Security
  • VMware Security Blog
  • Veracode blog
  • View From the Bunker
  • Village Elder
  • Vulnerability Analysis Blog
  • Websense
  • Windows Virtualization Team Blog
  • Writing Secure Software
  • Zero Day
  • abuse.ch
  • blog.xen.org
  • cat slave diary
  • christian's weblog
  • danielmiessler.com
  • deep inside security & tools
  • gnucitizen
  • ha.ckers
  • hackathology
  • invisiblethings
  • lcamtuf's blog
  • modsecurity
  • omg.wtf.bbq.
  • philosecurity
  • random dross
  • root labs rdist
  • security thoughts
  • sirdarckcat
  • terminal23
  • tssci security
  • un-excogitate.org
  • untangling the future

Blogroll em Português

  • Além da Imaginação
  • AnchisesLandia
  • BrainSniffer
  • Camargoneves.com
  • Carlos Serrão
  • CrkPortugal
  • Daniel's Blog
  • Dirk Frehse - IT Professional blog
  • Gustavo Bittencourt
  • Hugo Ferreira
  • Infosec Portugal
  • Marcello Zillo Neto e amigos
  • Miguel Almeida
  • Milagres.com
  • Negócio de Risco
  • Nuno Perry
  • Pedro Quintanilha's Security Blog
  • Phact.IN
  • Resposta a Incidentes e Forense Computacional
  • Revista Programar
  • RootSecurity
  • SSegurança
  • SegInfo
  • Segurança Online - SAPO
  • Segurança Web BR
  • Software Seguro
  • Sp0oKeR Labs
  • SysBlog
  • Sérgio Dias
  • Wagner Elias - Think Security First
  • WebAppSec (OWASP PT)
  • WebSegura
  • aramos.org
  • blog.macmagazine
  • extremesecurity
  • lâmpada azul
  • sec::h0p /* by Alberto Fabiano */

Conferências

  • ACM Symposium on Operating Systems Principles (SOSP)
  • ACM Conference on Computer and Communications Security (CCS)
  • ACSA Annual Computer Security Applications Conference
  • IEEE International Symposium on Secure Software Engineering
  • IEEE Symposium on Security and Privacy (Oakland)
  • INForum
  • International Conference on Dependable Systems and Networks (DSN)
  • ISOC Network and Distributed System Security Symposium (NDSS)
  • USENIX Security Symposium

Arquivo do Blog

  • ►  2016 (7)
    • ►  April (2)
    • ►  February (4)
    • ►  January (1)
  • ►  2015 (48)
    • ►  December (1)
    • ►  November (2)
    • ►  October (2)
    • ►  September (4)
    • ►  August (3)
    • ►  July (2)
    • ►  June (1)
    • ►  May (3)
    • ►  April (2)
    • ►  March (11)
    • ►  February (8)
    • ►  January (9)
  • ►  2014 (109)
    • ►  December (6)
    • ►  November (7)
    • ►  October (14)
    • ►  September (11)
    • ►  August (7)
    • ►  July (10)
    • ►  June (10)
    • ►  May (9)
    • ►  April (12)
    • ►  March (5)
    • ►  February (10)
    • ►  January (8)
  • ►  2013 (95)
    • ►  December (15)
    • ►  November (11)
    • ►  October (13)
    • ►  September (12)
    • ►  August (2)
    • ►  July (4)
    • ►  June (7)
    • ►  May (6)
    • ►  April (7)
    • ►  March (7)
    • ►  February (4)
    • ►  January (7)
  • ►  2012 (109)
    • ►  December (7)
    • ►  November (7)
    • ►  October (12)
    • ►  September (7)
    • ►  August (7)
    • ►  July (7)
    • ►  June (14)
    • ►  May (14)
    • ►  April (11)
    • ►  March (10)
    • ►  February (6)
    • ►  January (7)
  • ►  2011 (106)
    • ►  December (15)
    • ►  November (10)
    • ►  October (10)
    • ►  September (9)
    • ►  August (7)
    • ►  July (13)
    • ►  June (6)
    • ►  May (2)
    • ►  April (4)
    • ►  March (5)
    • ►  February (15)
    • ►  January (10)
  • ►  2010 (78)
    • ►  December (9)
    • ►  November (18)
    • ►  October (9)
    • ►  September (6)
    • ►  July (4)
    • ►  June (2)
    • ►  May (7)
    • ►  April (3)
    • ►  March (2)
    • ►  February (4)
    • ►  January (14)
  • ►  2009 (97)
    • ►  December (2)
    • ►  November (4)
    • ►  October (7)
    • ►  September (7)
    • ►  June (10)
    • ►  May (17)
    • ►  April (7)
    • ►  March (24)
    • ►  February (10)
    • ►  January (9)
  • ▼  2008 (111)
    • ►  December (22)
    • ►  November (19)
    • ►  October (6)
    • ►  September (7)
    • ►  August (1)
    • ►  June (15)
    • ►  May (8)
    • ►  April (10)
    • ►  March (10)
    • ▼  February (10)
      • Cifra de discos quebrada
      • Modelação de ameaças ou de ataques
      • Segurança de infraestruturas críticas
      • Mais um relatório sobre "security trends"
      • Top 3 de erros de programação
      • seclists.org
      • SQL injection em massa
      • Segurança nos aviões e aeroportos
      • Um site de Phishing visto por dentro
      • Mais ataques Cross Site Scripting (XSS)
    • ►  January (3)
  • ►  2007 (171)
    • ►  November (9)
    • ►  October (3)
    • ►  September (2)
    • ►  July (12)
    • ►  June (5)
    • ►  May (25)
    • ►  April (25)
    • ►  March (42)
    • ►  February (40)
    • ►  January (8)

Segurança Informática @Facebook

Segurança Informática @Facebook

SANS Information Security Reading Room

Loading...

Symantec Connect - Security - Blog Entries

Loading...

Etiquetas

vulnerabilidades (151) segurança na internet (127) ataques (100) segurança de aplicações web (97) malware (93) ameaças (91) hacking (88) Portugal e segurança (75) privacidade (73) segurança de software (73) espionagem (54) segurança de infraestruturas críticas (53) ferramentas de segurança (44) ciber-crime (41) wifi (35) criptografia (34) ciber-guerra (32) redes sem fios (30) segurança de redes sem fios (30) botnets (27) phishing (25) top (25) relatórios de segurança (23) virus (23) negação de serviço (21) protecção (21) windows (19) browsers (18) confidencialidade (18) pirataria (18) cross site scripting (17) injecção de SQL (17) vermes (17) eventos (16) firewall (16) OWASP (15) saúde (15) teste de segurança (15) autenticação (14) dns (14) segurança de bases de dados (14) segurança de hardware (14) análise estática (13) cloud computing (12) mestrado em segurança (11) spam (11) telemóveis (11) patch (10) tolerância a intrusões (10) complexidade e segurança (9) exploits (9) java (9) segurança na empresa (9) buffer overflows (8) ciber-activismo (8) fuzzing (8) injecção de ataques (8) livros de segurança (8) risco (8) teste de penetração (8) backdoor (7) certificados digitais (7) routing (7) virtualização (7) correio electrónico (6) desenvolvimento de software (6) detecção de intrusões (6) linux (6) supply chain problem (6) voip (6) BIOS (5) Tor (4) android (4) cartão de crédito (4) disponibilidade (4) gps (4) legislação (4) roubo de identidade (4) standards (4) HTTP (3) controles de segurança (3) fraude (3) hash (3) iPhone (3) mac os (3) rootkits (3) segurança automóvel (3) PS3 e segurança (2) USB (2) ameaças internas (2) ataques ciber-físicos (2) cartão do cidadão (2) ciber-terrorismo (2) controle de acesso (2) cookies (2) filmes (2) fotocopiadoras (2) gadgets (2) investigação (2) modelo de maturidade (2) programação (2) rfid (2) scanners (2) trusted computing (2) DMA (1) IPS (1) Internet of Things (1) SIEM (1) TPM (1) análise forense (1) bancos (1) bitcoins (1) cartão de débito (1) confiabilidade (1) crime-sourcing (1) crimepacks (1) defesa em profundidade (1) diversidade (1) economia (1) factor humano (1) gestão de risco (1) har (1) injecção de faltas (1) insider malicioso (1) jamming (1) kernel (1) mobile (1) passaporte (1) passwords (1) rc4 (1) segurança de redes 3G (1) skype (1) telefones VoIP (1) visualização (1)

Nível de Ameaça

  • CERT Technical Cyber Security Alerts
  • ISS X-Force
  • Internet Storm Center - DShield
  • McAfee Threat Center
  • Panda Virus Information
  • SANS Internet Storm Center
  • Symantec DeepSight Threat Management System

Vulnerabilidades

  • Bugtraq
  • CERT.PT
  • Common Vulnerability and Exposures - CVE
  • Common Weakness Enumeration- CWE
  • Exploit-DB
  • Industrial Control Systems CERT
  • National Vulnerability Database
  • Open Source Vulnerability Database - OSVDB
  • Security Response
  • Securityfocus database
  • Top 20
  • VUPEN blog

Podcasts

  • CERT's Podcast Series: Security for Business Leaders
  • Exotic Liability
  • I Shot the Sheriff (em Português)
  • Pauldotcom
  • The Silver Bullet Security Podcast
  • The Southern Fried Security Podcast

Links

  • ACEP - Associação do Comércio Electrónico em Portugal
  • APDSI
  • Ars Technica - Security
  • BuildSecurityIn
  • CERT Coordination Center
  • CERT-IPN
  • CERT.PT
  • Collection of Security Community Standardization Activities and Initiatives
  • Comissão Nacional de Protecção de Dados
  • Common Criteria
  • Departamento de Engenharia Informática - Instituto Superior Técnico
  • Departamento de Informática da FCUL
  • Ensino e Investigação
  • European Network and Information Security Agency
  • Gabinete Nacional de Segurança
  • Google
  • Google Scholar
  • Google code for educators
  • Grupo de Sistemas Distribuídos - INESC-ID
  • Homeland Security News Wire
  • IATAC - Information Assurance Technology Analysis Center
  • IEEE Security & Privacy Mag.
  • INESC-ID
  • Identity Theft Resource Center
  • InfoSec ONline.pt
  • InforWar Monitor
  • InformIT Security Reference Guide
  • Intrusion Tolerance
  • Leurrecom.org Honeypot project
  • Licenciatura em Engenharia Informática e de Computadores
  • MSDN Security Developer Center
  • Mestrado em Segurança Informática
  • Microsoft Security Response Center
  • National Information Assurance Partnership
  • Navigators
  • OWASP
  • OWASP Portugal
  • Open Trusted Computing
  • PHP Security Consortium
  • PJ - Unidade de Telecomunicações e Informática
  • PT Security Lab
  • Procuradoria Geral da República - Gabinete Cibercrime
  • SAFECode - Software Assurance Forum for Excellence in Code
  • SAMATE - Software Assurance Metrics And Tool Evaluation
  • SANS Institute
  • SecTools.Org: Top 125 Network Security Tools
  • SecurityFocus newsletter
  • Slashdot
  • The Register - Security
  • WASC - Web Application Security Consortium
  • Yahoo! Security Center

Comic strips

  • Brainstuck
  • bug bash
  • Geek and Poke
  • phdcomics
  • xkcd

Seguidores

Subscrever

Posts
Atom
Posts
Comments
Atom
Comments
Simple theme. Powered by Blogger.