Updated page 1/14/2020
Security news must be kept up, here is a list of top websites, blogs, ezines, and more. Interaction and review is critical to learn more about security.
Added new link – CISA the new homeland security agency called Cybersecurity and Infrastructure Security Agency:
CISA is the Nation’s risk advisor, working with partners to defend against today’s threats and collaborating to build more secure and resilient infrastructure for the future.
I did not want to overdo it so gave some conservative numbers and it still landed in #18 – will have to revisit this as more data comes in. definitely has some good value though.
- Cybersecurity value (subjective (my prerogative) (first value)
- Industrylinks (‘Cybersecurity’ keyword) ( second value)
- Attacker information (China, Russia, and others) (third value)
- Google importance information site discusses relevant Google news) (fourth value)
- Recent updates frequency (fifth value)
- video/audio(podcasts) relevance my subjective value – I am giving Irongeek.com a 10 and going down from there, but these are initial values, Changed these values in June 1, 2018
I keep the list and its numbers in a spreadsheet so I can make changes when necessary.
Top informational sites 1-10
1. Fire Eye Blog – A blog from the company that found the initial China attack angle.
2. Threatpost has many good posts.
3. TechNewsWorld has a decent number of good articles http://www.technewsworld.com/perl/section/cyber-security/
4. Internet Storm Center SANS: an Industry leader in Security certification and training – the place to go to work on technical skillsets within Cybersecurity and this is their daily log of current events.
5. Dark readingis an InformationWeek Security blog with good Security topics
6. ZDNet Zero Day blog by ZDNet – new info about hacker some value
7. defenseone.com a news site of global security topics.
8. SCMagazine – Security magazine consistently has good Security articles and has been honored with national honors from ASBPE http://www.scmagazine.com/sc-wins-three-top-national-honors-from-asbpe/article/511656/
9. Reddit section “netsec” https://www.reddit.com/r/netsec/ has very good posts frequently – Lots of new good posts. I switched the link to the “old” reddit look, as one can see all the posts easier in my opinion.
10. With a special interest in KrebsonSecurity David Krebs has authored “SpamNation” is looked at for computer breach news – He was a journalist, now Darknet reviewer and more.
11. Adding IronGeek.com as it is the video repository for constant reviews of latest Security conferences. If you want to stay up to speed on detailed and up-to-date Cybersecurity information then you must check this out frequently.
12. NakedSecurity by Sophos (AV company)keeps up on malware news (antivirus etc)
13. Homeland Security News Wire http://www.homelandsecuritynewswire.com/topics/cybersecurity Has many relevant cybersecurity news stories. %5-7-6-8-0=26% Some value, but high Google ranking, high updates, no video
14. Bruce Schneier, a security expert writing about cyber security since 1998 – excellent theorist and book writer.
15. The Register a classic IT news site has some interesting angles.
16. http://www.infosecurity-magazine.com/ Decent news topics general in nature. And don’t forget Infosec magazine’s Blogs: http://www.infosecurity-magazine.com/blogs/
17. Rand Corp Blog is where the Cybersecurity researcher Martin Libicki writes – Rand Corp is a prestigious science research institution among other items.
18. CISA – Cyber infrastructure current activity – latest information of many vendors security updates
19. Cisco’s Talos Blog Excellent threat research and more
20. Stay safe online, A national Cybersecurity Alliance effort to help people improve Cyber Security
21. Securelist Blog (A Kaspersky Lab endeavor) and their Twitter feed seems to be in Germany.
22. SucuriBlog http://blog.sucuri.net/ WordPress developer Blog about security, Has other topics , we use this plugin has excellent WordPress insights
23. https://security.googleblog.com/ Blog about Google’s efforts in Security
24. ISACA Now Blog http://www.isaca.org/Knowledge-Center/Blog/default.aspx which is the Information Systems Auditing and Control Association Blog
25. SANS Digital Forensics Blog is a good forensics blog with some new posts
26. Malwarebytes Unpacked the https://blog.malwarebytes.org/ Blog of malwarebytes (excellent AV app).
27. Rapid7 has a Security Blog well researched posts: https://blog.rapid7.com/
28. TrendMicro Security Intelligence Blog is kept up and has good topics
29. White Hat Security Blog https://www.whitehatsec.com/blog/ White Hat security is a company that consults on application security – I have seen some of their researchers.
30. Bitdefender LABS has some good posts (including new Ransomware tool https://labs.bitdefender.com/)
30. Securosis a blog with good content (sometimes does not post frequently)
Adding new blogs to review periodically:
http://www.freeforensics.org/ A blog started in March 2016 – about forensics and other topics (ransomware details)
moving IBM Security out of top 30 X-Force website and the blog page X-Force bloggers is good, but updated infrequently & pro IBM of course.
Also moved BugSEC as it is not updted often but is blog decent review of Cyber threats – from a security company in Israel
Could use this link in future…
https://bugs.chromium.org/p/project-zero/issues/list
MUST SEE LINKS:
US-CERT: United States Computer Emergency Response team https://www.us-cert.gov
HIPAA: http://www.hhs.gov/ocr/privacy/hipaa/understanding/srsummary.html PCI: https://www.pcisecuritystandards.org/