Updated page 05/18/2023
The CISA link changed and I put it at the CISA spotlight page. Also changed the Fireeye link as it no longer is called FireEye, so I placed the next best thing : Mandiant blog (Mandiant used to own FireEye)
- Cybersecurity value (subjective (my prerogative) (first value)
- Industrylinks (‘Cybersecurity’ keyword) ( second value)
- Attacker information (China, Russia, and others) (third value)
- Google importance information site discusses relevant Google news) (fourth value)
- Recent updates frequency (fifth value)
- video/audio(podcasts) relevance my subjective value – I am giving Irongeek.com a 10 and going down from there, but these are initial values, Changed these values in January, 29, 22
- High cybersecurity value
I keep the list and its numbers in a spreadsheet so I can make changes when necessary.
Top informational sites 1-10
1. Searched and found a decent alternative to a high end site: Cyber Security MagazineHas a decent podcast and timely information so will try it for a while here.
2. Arstechnica has many good cybersecurity posts, there is also an interesting tag area for china..
3. Dark reading is an InformationWeek Security blog with good Security topics
4. Internet Storm Center SANS: an Industry leader in Security certification and training – the place to go to work on technical skillsets within Cybersecurity and this is their daily log of current events.
5. Cybernews.com A new link for some slightly different amalgamation of cybersecurity news. found this through a search on cyber security news.
6.SCMagazine – Security magazine consistently has good Security articles and has been honored with national honors from ASBPE http://www.scmagazine.com/sc-wins-three-top-national-honors-from-asbpe/article/511656/
7. Reddit section “netsec” https://www.reddit.com/r/netsec/ has very good posts frequently – Lots of new good posts. I switched the link to the “old” reddit look, as one can see all the posts easier in my opinion.
8. TechNewsWorld has a decent number of good articles http://www.technewsworld.com/perl/section/cyber-security/
9. With a special interest in KrebsonSecurity David Krebs has authored “SpamNation” is looked at for computer breach news – He was a journalist, now Darknet reviewer and more.
10. CISA – Cyber infrastructure Security Agency – Spotlight on at the CISA website
11. Bruce Schneier, a security expert writing about cyber security since 1998 – excellent theorist and book writer.
12. Homeland Security News Wire http://www.homelandsecuritynewswire.com/topics/cybersecurity Has many relevant cybersecurity news stories. %5-7-6-8-0=26% Some value, but high Google ranking, high updates, no video
13. Mandiant Blog – is a blog of the top Cybersecurity consulting company
14. The Hacker News – this is a headline news magazine – updates frequently. some good stuff.
15. NakedSecurity by Sophos (AV company)keeps up on malware news (antivirus etc)
16. Stay safe online, A national Cybersecurity Alliance effort to help people improve Cyber Security
17 The Register a classic IT news site has some interesting angles.
18. http://www.infosecurity-magazine.com/ Decent news topics general in nature. And don’t forget Infosec magazine’s Blogs: http://www.infosecurity-magazine.com/blogs/
19. ZDNet Zero Day blog by ZDNet – new info about hacker some value
20. SucuriBlog http://blog.sucuri.net/ WordPress developer Blog about security, Has other topics , we use this plugin has excellent WordPress insights
21. Rapid7 has a Security Blog well researched posts: https://blog.rapid7.com/
22. Securelist Blog (A Kaspersky Lab endeavor) and their Twitter feed seems to be in Germany.
23. SANS Digital Forensics Blog is a good forensics blog with some new posts
24. Rand Corp Blog is where the Cybersecurity researcher Martin Libicki writes – Rand Corp is a prestigious science research institution among other items.
25. Malwarebytes Unpacked the https://blog.malwarebytes.org/ Blog of malwarebytes (excellent AV app).
26. ISACA Now Blog http://www.isaca.org/Knowledge-Center/Blog/default.aspx which is the Information Systems Auditing and Control Association Blog
27. Realclearscience.com A site that puts together relevant links from many media outlets. Good Overview of many sites.
28. White Hat Security Blog https://www.whitehatsec.com/blog/ White Hat security is a company that consults on application security – I have seen some of their researchers.
29. https://security.googleblog.com/ Blog about Google’s efforts in Security has some good google stuff, but not much else. (brought this one back to top30)
30. TrendMicro Security Intelligence Blog less updates.
Dropped out of top30 or adding new blogs to review periodically:
Moved since the pandemic hit -too few updates had to drop out of top30 IronGeek.com as it was the video repository for constant reviews of latest Security conferences. (01/27/23)
X . removed port swigger (04/14/23) as it went dark (decided to no longer update :
The Daily Swig Cybersecurity News and Views – https://portswigger.net/daily-swig This company put burpsuite on the market many years ago.
Securosis a blog with good content (sometimes does not post frequently) less frequency got to drop (01/27/23)
** removed Talos link due to lack of updates: Cisco’s Talos Blog Excellent threat research and more (1/29/22)
Removed Defenseone link no longer works (8/22/22)
https://security.googleblog.com/ Blog about Google’s efforts in Security has some good google stuff, but not much else.
http://www.freeforensics.org/ A blog started in March 2016 – about forensics and other topics (ransomware details)
moving IBM Security out of top 30 X-Force website and the blog page X-Force bloggers is good, but updated infrequently & pro IBM of course.
Also moved BugSEC as it is not updted often but is blog decent review of Cyber threats – from a security company in Israel
Could use this link in future…
https://bugs.chromium.org/p/project-zero/issues/list
Bitdefender LABS has some good posts (including new Ransomware tool https://labs.bitdefender.com/)
MUST SEE LINKS:
US-CERT: United States Computer Emergency Response team https://www.us-cert.gov
HIPAA: http://www.hhs.gov/ocr/privacy/hipaa/understanding/srsummary.html PCI: https://www.pcisecuritystandards.org/