CERT Coordination Center
The Computer Emergency Response Team at Carnegie Mellon University. Another must have link, featuring lots of unique information you won't find anywhere else. Check out their Anti-Virus and Security Incident and Survivability reports.
The US Energy Department's Computer Incident Advisory Capability. Great resources on Virus Hoaxes, Network vulnerabilities, etc., with online documents and tools.
Project to research, develop, publicize and promote an authoritative, up-to-date, international set of generally accepted IT Control Objectives for day-to-day use by business managers as well as security, control and audit practitioners. COBIT has been developed as a generally
applicable and accepted standard for good Information Technology (IT) security and control practices that provides a reference framework for management, users, and IS audit, control and security practitioners.
DOD CERT InfoSec
With an acronym like that, you know it has to be a military page, and it is: The Department of Defense Computer Emergency Response Team's Information Security Home Page.
The Federal Computer Incident Response Capability. The US Government's Main Page on Computer Security. You can download the infamous Rainbow Book Series here.
An international consortium of computer incident response and security teams who work together to handle computer security incidents and to promote preventive activities
A great resource! ICSA is known worldwide as the objective source for security assurance services and shares security information with security product manufacturers, developers, security experts, academia and corporations. Be sure
to check out their Information Super Library
Microsoft's Security Advisor
The "official" NT guide to security holes, vulnerabilities, and fixes. You'll find some good information here, especially their tutorials and security checklists. But they're usually a little behind the Hacker News Pages
National Institute of Standards and Technology, Computer Security Resource Clearing House.
The SANS (System Administration, Networking, and Security) Institute is a cooperative research and education organization through which more than 62,000 system administrators, security professionals, and network administrators share the lessons they are learning and find solutions
for challenges they face. As a part of this effort, SANS offers a series of exceptional educational conferences featuring up to eight days of in-depth courses and multi-track technical conferences focusing on user experiences and problem solving. SANS also produces a series of
cooperative research reports, electronic digests, posters of authoritative answers to current questions, and cooperatively-created software.
UC Davis Computer Security Lab
Great Whitepapers! Check it out.