PR8

Resources related to information security, including news and opinion and more on software and application flaws and fixes, data breaches, the inside threat the latest hacker attacks.

TechRepublic helps IT decision-makers identify technologies and strategies to empower workers and streamline business processes. Their security section dives into the latest threats surrounding cyber security.

US-CERT’s mission is to improve the nation’s cybersecurity posture, coordinate cyber information sharing, and proactively manage cyber risks.

Privacy, crime, and online security are the topics that carry the headlines here. You’ll find everything from opinionated pieces, to the latest threat alerts.

Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks. The Zero Day blog on ZDNet is a must for anyone keeping track of the industry.

PR7

The Center for Education and Research in Information Assurance and Security blog is where Gene Spafford shares his expertise. It’s called the center for multidisciplinary research for a reason.

Areas of focus include information security, physical security, business continuity, identity and access management, loss prevention and more.

Dark Reading is a comprehensive news and information portal that focuses on IT security, helping information security professionals manage the balance between data protection and user access.

This is Google’s own security blog, which focuses on all of the latest developments in the security world. Get the latest news and insights from Google on security and safety on the Internet.

NBC News Red Tape Chronicles brings you news stories and information on the latest developments in the cyber security space. Find topics that range from privacy to security.

You can expect all of the latest news and zero day alerts from this IT security news site. The content is updated daily and is a major news source for everything to do with cyber security.

The Internet Storm Center gathers millions of intrusion detection log entries every day, from sensors covering over 500,000 IP addresses in over 50 countries.

Bruce Schneier is an internationally renowned security technologist, and called a “security guru” by The Economist. He knows his stuff and is a voice in the cyber security industry.

This is another Kaspersky Lab web property that focuses on malware, phishing, and the cyber security industry. There is no shortage of information and news on what’s happening in the cyber world.

The Symantec Weblog uses global research to provide unparalleled analysis of and protection from malware, security risks, vulnerabilities, and spam.

The Guardian is a respectful, global media company that highlights issues across many areas. Their Information Security Hub lives up to the coverage they offer in other areas and focuses on security.

Information on malware and protecting yourself online. From malware alerts to practical online security tips, the Zone Alarm blog will keep you briefed on the latest industry news.

PR6

BH Consulting’s Security Watch Blog was formed to regular, informed with content detailing everything you would want to know about information security and web threats.

Contagio is a collection of the latest malware samples, threats, observations, and analyses. Get informed, technical education on the newest forms of malware.

CyberCrime & Doing Time ia a blog about cyber crime and justice related issues. Gary Warner from Malcovery owns this blog and offers up educational and engaging posts on the latest threats.

David Lacey’s IT Security Blog offers the latest ideas, best practices, and business issues associated with managing security. The blog is hosted on ComputerWeekly.com.

Dell Securework’s Security & Compliance blog is dedicated to providing up-to-date news and information to help IT professionals and others keep their business secure online.

Safe and Savvy blogs about how to protect your online life and the irreplaceable content on your computer. They write about real-life experiences while providing helpful tips on security issues.

Information technology is the main topic on the Fox IT security blog. From news to opinions, Fox IT provides excellent content for anyone interested in technology and security.

The Fortinet cyber security blog has something for everyone. There are articles on security research and industry trends, as well as, a healthy section focusing entirely on Security 101.

Help Net Security has been a prime resource for information security news since 1998. The site always hosts fresh content including articles, new product releases, latest industry news, podcasts and more.

What more can you ask for? It’s an online magazine dedicated entirely to the strategy, insight, and techniques that are a daily part of the cyber security industry.

Brian Krebs is the face of cyber security journalism. As a former writer for the Washington Post, Krebs is able to take is skills as an investigative journalist to the task and provide the most in-depth coverage of security.

Malwarebytes is at the forefront of malware protection, which makes this the perfect blog to stay up-to-date with the latest zero day threats and cyber security news.

The McAfee security blog talks about research and threat analysis, as well as, provides knowledgeable insight into malware and zero day threats that plague businesses and consumers.

The Microsoft Malware Protection Center (MMPC) is committed to helping Microsoft customers keep their computers secure. The MMPC stays agile to combat evolving threats.

Naked Security is Sophos’s award-winning threat news room, giving you news, opinion, advice and research on computer security issues and the latest internet threats.

Network Computing’s content adheres to the valuable “For IT, By IT” methodology, delivering timely strategy & tactics, news, in-depth features, expert reviews, and opinionated blogs.

SANS Software Security focuses the deep resources of SANS on the growing threats to the application layer by providing training, certification, research, and community initiatives.

SC Magazine arms information security professionals with the in-depth, unbiased business and technical information they need to tackle the countless security challenges they face.

Search Security provides immediate access to breaking industry news, virus alerts, new hacker threats and attacks, security and certification training resources.

SANS is the most trusted and by far the largest source for information security training and security certification in the world, which makes their blog a must read for security professionals.

Neil Rubenking heads the charge on PC Mag’s Security Watch. His style is witty and he post frequently, so you’ll always find something worthwhile to read.

StopBadware is a nonprofit anti-malware organization whose work makes the Web safer through the prevention, mitigation, and remediation of badware websites.

Sucuri knows all about malware and WordPress security. It’s what they do. You’ll find no shortage of expert advise on how to secure your WordPress site and keep it malware-free.

Richard Bejtlich’s blog on digital security, concentrating on global challenges posed by China and other targeted adversaries. Definitely a blog that has been a fixture in the security community.

The cyber security section on Techworld.com covers news on the latest threats and zero-day exploits. They also offer an abundance of topics ranging from security to how-tos, as well as, technology reviews.

The Honeynet Project members engage the broader security community and educate the public about threats to systems and information.

Threatpost, The Kaspersky Lab security news service, is an independent news site which is a leading source of information about IT and business security for hundreds of thousands of professionals worldwide.

Threat Track Security’s IT blog has its thumb on the pulse of the industry. Whether you are in the IT industry or not, if you are interested in security, this blog is for you.

Trend Micro Simply Security offers independent news and views as well as expert insight from Trend’s security experts. The site covers topics ranging from cloud security, data protection, security and privacy.

Veracode Security Blog: Application security research, security trends and opinions. Everything you want to know about if you work in infosec or online.

Unmask Parasites focuses on reviewing the latest security threats, zero days, and exploits. There is everything from security-related news, to information on keeping your site secure and malware-free.

We Live Security is a site about research and information, not products. We Live Security’s writers represent the cream of ESET’s researchers and writers. They deliver in-depth research and analysis on security.

Tracking and demystifying cybercrime is what happens here. The author never fails to produce consistent, detailed breakdowns of the latest malware and security tools.

PR5

BankInfoSecurity is a multi-media website published by Information Security Media Group, Corp. (ISMG), a company specializing in coverage of information security, risk management, privacy and fraud.

From sophisticated DDoS botnet attacks to phishing, the Cyveillance blog will keep you up-to-date with breaking cyber security news and information on everything related to web threats, malware and security.

Forbe’s Firewall covers cyber security news and information on the latest exploits and trends affecting the industry. The articles are on point and informative, with the quality you can expect from Forbes.

GovInfoSecurity is a multi-media website published by Information Security Media Group, Corp. (ISMG), a company specializing in coverage of information security, risk management, privacy and fraud.

Graham Cluley is an award winning cyber security blogger and independent computer security analyst. His blog reflects his knowledge and experience in the industry.

Security Now is a weekly podcast hosted by Steve Gibson and Leo Laporte. The show is sponsored by Gibson Research Corporation, a company specializing in data recovery and security.

This blog covers the sizzling world of computer security. You’ll find plenty of steamy stories from the dynamic world of internet fraud, scams, and malware.

From analyst reports to case studies, to blog posts and white papers, the Imperva blog keeps step with the latest malware and security threats. You’ll find information on DDoS, malware, and zero day threats.

Written by the staff of SearchSecurity.com and Information Security magazine, Security Bytes covers topics across the spectrum of security, privacy and compliance.

ITProPortal.com was one of the very first technology websites to launch in the UK back in 1999 and has grown to become one of the UK’s leading and most respected technology information resources.

This blog by Lenny Zeltser focuses on information security. Lenny is a business and tech leader with extensive hands-on experience in IT and information security.

One man’s views on security, privacy – and anything else for that matter. Trends, information, news: you’ll find it all on the Network Security blog, and what’s more is it’s delivered with style.

This blog covers everything you need to know about internet threats. The PandaLabs blog keeps you abreast of the latest developments in cyber security.

PaulDotCom Security weekly’s mission is to provide free content within the subject matter of IT security news, vulnerabilities, hacking, and research.

The views of one man on security, privacy and anything else that catches his attention. Security expert Martin McKeay talks about malware, privacy and security on this blog.

Hoff’s ramblings about information survivability, information centricity, risk management and disruptive innovation. Hoff was a CISSP, CISA, CISM and NSA IAM, he now spends the AMF money on coffee.

Risky.biz is another security podcast that focuses on covering recent developments in cyber security and the threat landscape. The show has been around since 2007, and takes a light approach to security news.

Their research provides cutting-edge insight into solving tough security problems. There are countless articles on the latest cyber security trends and threats.

The Seculert blog is a security blog with a focus on Advanced Persistent Threats and malware. There is no shortage of network security tips and insider information on the latest zero days.

Rapid7 provides vulnerability management, compliance and penetration testing solutions for web applications, network and database security. Their community, Security Street covers all of these issues.

Securosis is the world’s leading independent security research and advisory firm, offering unparalleled insight and unique value to meet the challenges of managing security and compliance in a Web 2.0 world.

SilverSky is a cloud security services provider with a lot of knowledge in the industry. Their blog, the Altitude blog, is updated regularly with news and information every security professional should be aware of.

SpiderLabs is an elite team of ethical hackers, investigators and researchers at Trustwave advancing the security capabilities of leading businesses and organizations throughout the world. The site covers the latest security news.

Social-Engineering.org is a cyber security blog that covers a wide range of security related topics. The site is also home to a podcast and a team of security professionals who share their expertise on all things security.

The Security Skeptic blogs about all matters related to Internet Security, from domain names (DNS), firewalls and network security to phishing, malware and social engineering.

Moxie Marlinspike’s blog covers computer security and software development, particularly in the areas of secure protocols, cryptography, privacy, and anonymity.

Software architect and Microsoft MVP, you’ll find Troy Hunt writing about security concepts and process improvement in software delivery. The quality of content found here makes this blog worth visiting.

PR4

Gunnar Peterson weaves his thoughts on distributed systems, security, and software together on his blog 1 Raindrop. The blog is both informative and insightful, and the coverage is on point.

Andrew Hay is the Director of Applied Security Research and Chief Evangelist at CloudPassage, Inc. This is his personal blog where he talks about security and other news.

Carnal Ownage is a must stop for security researchers and hackers alike. This cyber security blog goes into excruciating detail on attack methodology and highlights the threats your organization should be aware of.

This blog covers fun, useful, interesting, security related (and non-security related) tips and tricks associated with the command line. Find tips on OS X, Linux and Windows.

This blog covers trends and fads, tactics and strategies, intersecting with third-party research, speculations and real-time CYBERINT assessments, all packed with sarcastic attitude.

Don’t Learn to HACK – Hack to LEARN. That`s the motto at Darknet. The site covers ethical hacking, penetration testing, and computer security. Learn about interesting infosec related news, tools and more.

Errata Security is a team of dedicated security researchers that practice offensive security. The insight gained from research is delivered on the blog, which covers a variety of topics and real world scenarios.

Chris Nickerson and Ryan Jones take it up a notch in their cyber security podcast. They routinely thumb their nose at the typical industry rhetoric and offer insight and commentary you won’t hear anywhere else.

HackSurfer was formed by a group of businessmen and women, engineers, mathematicians, linguists and information analysts with a passion for making simple, powerful use of big data.

The InfoSec Institute resources section has a broad selection of content and research on cyber security, threats, and of course, infosec. You’ll also find tutorials, training videos and more.

Javvad Malik has worked in information security for his entire career and covers different aspects of security on his blog, J4vv4D. He also regularly offers his insight through entertaining and informative YouTube videos.

In a world that seems to be losing the notion of journalism, Liquidmatrix Security Digest remains committed to long form articles that dig into the major issues affecting the industry with Feature articles.

This is Malcovery Security’s contribution to the knowledgebase of information security issues. They provide relevant insight and opinions on all of the newest threats faced by the industry.

Malware Don’t Need Coffee is a cyber security blog that focuses on malware research and provides educated commentary on all the latest exploits and security bugs. The site covers research in all areas of network security.

Wesley McGrew understands security and the nature of today’s digital landscape, especially its impact on infrastructure and business security. His blog covers all of the important cyber security stuff.

Since 2007, the Network Security Podcast has been dishing out the dirt on cyber threats and security issues faced by the industry. It’s a great resource if you want to hear a discussion on what’s happening in infosec.

This blog is inspired by the book and the movement towards a New School. The New School of Information Security is a book by Adam Shostack and Andrew Stewart, published in 2008.

Founded in January of 2008 on a Saturday evening, NovaInfosec.com is dedicated to the community of Northern Virginia-, Washington, DC-, and southern Maryland-based security professionals.

The Packet Pushers Podcast offers deeply technical, hardcore discussions on the latest security trends. Co-hosts Greg Ferro and Ethan Banks lead the show with their many years of network engineering.

Pierluigi Paganini is a company director, researcher, security evangelist, security analyst and freelance writer. His blog Security Affairs stays abreast of all the latest in cyber security.

Security Bistro is where security experts come together for good talk, information on the latest ingenious threats and, one hopes, the latest clever ways to counter them.

Find tips on computer security, choosing a password properly, and other practical online security tips. No shortage of interesting content circling the technology space here.

Gemini Security Solutions, Inc. is an information security consulting firm that applies creativity, passion, and insight to defend against today’s growing threats. Their blog, Security Musings, covers everything security.

Jennifer (Jabbusch) Minella aka JJ is a network security engineer and consultant with 15 years of experience. She shares her knowledge on infosec on her blog and offers plenty of information on the latest security trends.

This blog has been on the cyber security scene since as far back as 2006. The blog covers malware, rogues, ransomeware and everything else related to cyber security.

StillSecureAfterAllTheseYears.com (yes, a really long domain!) is the AShimmy Blog, Alan Shimel’s personal blogger blog on security, work, and family life.

Ben Tomhave is a security professional that has served the industry in a variety of roles and security positions. This is reflected in his writing and the knowledge shared on his cyber security blog.

You’ll find links and commentary related mostly to online privacy and security, particularly with social networking. The blog started back in 2007 and has been going ever since.

The SFS Podcast is designed to be an information security podcast that fills the gap between technical security podcasts and Security Now. This podcast offers respectful insight on the state of security.

Small business information security has been an oxymoron for too long. Uncommon Sense Security is attempting to change that. The blog is entertaining, and informative at the same time.

PR3

Andy Ellis is the Chief Security Officer of Akamai Technologies. Opinions here are mostly his own. His blog dives into the issues centered around cyber security and technology.

A U.S. Army Retired Chief Warrant Officer with more than 40 years in information technology and 35 years in information security leads the charge on this blog, offering daily news on the industry.

The UK based IT Security Expert blog by Dave Whitelegg CISSP CCSP providing general Information Security advice & help in securing the home PC & home computer user, as well as business IT systems.

A virtual community of social networks for IT professionals located throughout the world. A great way to connect and collaborate with others in the cyber security industry.

Michael D. Peters has been an independent information security consultant, executive, researcher, author, and catalyst with many years of information technology and shares that information on his site.

Rivalhost is a DDOS mitigation company and web host that takes an active stance on updating their customers and community with a mix of topics on technology, cyber security, and DDOS.

This is a place to catch some opines on a pretty weird combination of topics. You’ll likely see topics ranging from IT/Information Risk Management to iOS, Node.js, and everything in-between.

SecurityXploded – the community division of XenArmor – is a popular Infosec Research & Development organization offering free security software, latest research articles and free cyber security training.

An information security professional, award winning blogger, and industry commentator. Thom Langford talks about topics relating to information security, risk management and compliance.

On his cyber security blog Brooks talks about mitigating risks and business strategies as they relate to IT. There is never a dull post and the author finds plenty of interesting security topics to dissect.

PR2

Ehacking.net explores ethical hacking, penetration testing, and hacking. You’ll also find a wealth of tutorials on BackTrack and other penetration testing tips. An ideal site for information security researchers.

An IT security blog that features general knowledge of IT security, online crime news, and tips on how to deal with online and computer threats. Plus, listings of information security threats and defenses.

This site is about computer and information security. It is maintained by Kevin Townsend, the original founder of ITsecurity.com and a freelance journalist and writer with more than 10 years experience.

Peter Silva covers security for F5 Networks Technical Marketing Team. With his theatre background and knowledge of security his blog makes for an interesting pit stop for security news.

Websense Security Labs does a great job of sharing information and insight on the latest cyber security news. Their blog has been around since ’07. There is plenty of material to dig through for research.

PR1

A blog that centers around the threat posed by distributed denial of service (DDoS) attacks. You’ll find a news section that offers a snapshot of the latest security trends, as well as, epic posts highlighting the industry.

Dave Waterson is an experienced IT security technologist, inventor of patented and patent-pending security technology in the anti-key logging and anti-phishing fields.

Rafal Los has been working in the defensive side of security for over 10 years. His blog, Following The Wh1t3 Rabbit, focuses on clearing the confusion around security and offering tools to improve security.

PR0

FireEye has invented a purpose-built, virtual machine-based security platform that provides real-time threat protection. FireEye has been called a “hot security firm” — their blog backs that up.

# 127 How They Hack

HowTheyHack is a general tech blog surrounding themes related to hacking and network security. Most of the posts are centered around tutorials, hacking news, security exploits and the author’s opinions.

Technology.info combines the best of ITProPortal.com and IP EXPO, offering a resource for IT professionals and those interested in security. The boasts a wide variety of information security research and topics.