Security News Analyzed

Updated page 10/22/2020

Since the current scene reflects a much lower conference schedule it pains me to reduce the importance of irongeek, but since no conferences he has not done any videos.  Since I did not know exactly where to move irongeek, I modified a few and then decided to do a wholesale rearranging with threatpost making it to #1 spot again.


  1. Cybersecurity value (subjective (my prerogative) (first value)
  2. Industrylinks (‘Cybersecurity’ keyword) ( second value)
  3. Attacker information (China, Russia, and others) (third value)
  4. Google importance information site discusses relevant Google news)  (fourth value)
  5. Recent updates frequency   (fifth value)
  6. video/audio(podcasts) relevance my subjective value – I am giving a 10 and going down from there, but these are initial values, Changed these values in June 1, 2018

I keep the list and its numbers in a spreadsheet so I can make changes when necessary.

Top informational sites 1-10

1. Threatpost  has many good posts. 

2.  Dark readingis an InformationWeek Security blog with good Security topics

3.   Internet Storm Center SANS: an Industry leader in Security certification and training – the place to go to work on technical skillsets within Cybersecurity and this is their daily log of current events.

4. Fire Eye Blog  – A blog from the company that found the initial China  attack angle.

5. SCMagazine – Security magazine consistently has good Security articles and has been honored with national honors from ASBPE

6.  TechNewsWorld has a decent number of good articles  

7.   Reddit section “netsec”  has very good posts frequently – Lots of new good posts. I switched the link to the “old” reddit look, as one can see all the posts easier in my opinion.  
8. With a special interest in KrebsonSecurity  David Krebs has authored “SpamNation” is looked at for computer breach news – He was a journalist, now Darknet reviewer and more.  

9. CISA – Cyber infrastructure Security Agency – latest information of many vendors security updates

10.  Stay safe online, A national Cybersecurity Alliance effort to help people improve Cyber Security

11.  NakedSecurity by Sophos (AV company)keeps up on malware news (antivirus etc)

12.  Bruce Schneier, a security expert writing about cyber security since 1998 – excellent theorist and book writer.

13.  Homeland Security News Wire  Has many relevant cybersecurity news stories.  %5-7-6-8-0=26%  Some value, but high Google ranking, high updates, no video

14. a news site of global security topics.

15.  The Register a classic IT news site   has some interesting angles. 

16.  Decent news topics general in nature.  And don’t forget Infosec magazine’s Blogs:  

17. ZDNet Zero Day blog by ZDNet – new info about hacker some value

18.  SucuriBlog WordPress developer Blog about security, Has other topics , we use this plugin has excellent WordPress insights

19. Securelist Blog  (A Kaspersky Lab endeavor)  and their Twitter feed seems to be in Germany.

20.  A site that puts together relevant links from many media outlets. Good Overview of many sites.

21. Cisco’s Talos Blog   Excellent threat research and more

22. SANS Digital Forensics Blog is a good forensics blog with some new posts

23. Rand Corp Blog is where the Cybersecurity researcher Martin Libicki writes – Rand Corp is a prestigious science research institution among other items.

24.  Malwarebytes Unpacked the Blog of malwarebytes (excellent AV app).


25. Rapid7 has a Security Blog well researched posts:

26.   TrendMicro Security Intelligence Blog is kept up and has good topics

27. White Hat Security Blog  White Hat security is a company that consults on application security – I have seen some of their researchers. 

28. ISACA Now Blog  which is the Information Systems Auditing and Control Association Blog

29.  Securosis a blog with good content (sometimes does not post frequently)

30. Had to move since the pandemic hit – no conferences  as it is the video repository for constant reviews of latest Security conferences. If you want to stay up to speed on detailed and up-to-date Cybersecurity information then you must check this out frequently.

Dropped out of top30 or adding new blogs to review periodically: Blog about Google’s efforts in Security   has some good google stuff, but not much else. A blog started in March 2016 – about forensics and other topics (ransomware details)

moving IBM Security  out of top 30 X-Force website and the blog page X-Force bloggers  is good, but updated infrequently & pro IBM of course.

Also moved BugSEC as it is not updted often but is blog decent review of Cyber threats – from a security company in Israel

Could use this link in future…

  Bitdefender LABS has  some good posts (including new Ransomware tool
US-CERT: United States Computer Emergency Response team


New addition(12/3/15): Amazon Web Services Bulletins(AWS) 
removing Twitter and other stuff 01/19/16  keeping the repositories of interesting Cyber items.
NIST Publications  are important as they get referenced by a lot of compliance standards 800-115 is the one for pentesting  :
Technical Guide to Information Security Testing and Assessment SP 800-115   Papers on exploiting operating systems and other items like Stack-based buffer and memory overflow.  (does not get updated often)
  1. to test your cybersecurity