Infosec blogs

• A Day In The Life of an Information Security Officer – http://blogs.ittoolbox.com/security/
• An Information Security Place podcast – http://infosecplace.com/blog/
• Anti-Virus rants: http://anti-virus-rants.blogspot.com/
• Anton Chuvakin Personal Blog: http://chuvakin.blogspot.com/
• Art of Hacking – http://artofhacking.com/
• Auditcast by David Hoelzer (podcasts) – http://auditcasts.com/ | RSS – http://feeds.feedburner.com/AuditcastsWithDavidHoelzer
  • # 1 : Auditing Routers and Switches with Nipper – http://auditcasts.com/screencasts/1 | MOV – http://auditcasts.com/videos/mov/videos/1/Episode%201%20-%20Routers%20and%20Switches.mov?1307548856 | Auditing Routers & Switches with Nipper Show Notes – http://it-audit.sans.org/blog/2011/06/07/auditing-routers-switches-with-nipper-show-notes
• Audit Monkey’s blog – http://auditmonkey.wordpress.com/
• Authentium Virus Blog: http://blogs.authentium.com/virusblog/
• Browser Fun: http://browserfun.blogspot.com/
• Carna0wnage blog – http://carnal0wnage.attackresearch.com/ has a lot of metasploit tricks.
• CSO Security Insights podcast – http://www.csoonline.com/podcasts
• Cisco Security (corporate) – http://blogs.cisco.com/security
• Computer Security @ Big Blog – http://bigblog.com/computer_security.html
• Connectivity – http://itknowledgeexchange.techtarget.com/connectivity/
• CYBER ARMS – Computer Security – http://cyberarms.wordpress.com/
• CyberSecurity news – http://cybersecuritynews.org/
• D90 Tools & Techniques: http://www.d90.us/toolbox/
• Darknet.org – http://www.darknet.org.uk/
• Declan McCullagh: Politech – http://www.politechbot.com/– DEFUNCT | The Iconoclast – http://www.news.com/the-iconoclast/
• Dominic White > .tHE pRODUCT: http://singe.rucus.net/blog/
• “Defensive Computing” by MIchael Horowitz (at CNet) – http://news.cnet.com/defensive-computing/ | RSS: http://news.cnet.com/2547-1_3-0-20.xml
• Emergent Chaos by Adam Shostack and ensemble – http://www.emergentchaos.com/
• Essential Computer Security – http://www.tonybradley.com/
• ::eSploit:: – http://esploit.blogspot.com/ – looks like a blog linking to the various security/hacking resources.
• Evil Bytes by John Sawyer – http://www.darkreading.com/blog/archives/evil_bytes/index.html
• Exotic Liability (podcast): http://exoticliability.libsyn.com/| http://www.exoticliability.com/| http://www.podcastalley.com/podcast_details.php?pod_id=75883
• Focus and Planning for Success in Business: http://salmankkhan.blogspot.com/
• Fortiguard blog (corporate) – http://blog.fortinet.com/
• Frequency X (ISS) blog (corporate) – http://blogs.iss.net/
• Graham Cluley’s (Sophos) blog – http://www.sophos.com/blogs/gc/
• How To Combat Spam Blog. By Anti-Spam Activist Ryan Pitylak: http://combatspam.blogspot.com/
• I Think….Therefore This Blog – http://vasim.blogspot.com/
• InvisibleThings: http://theinvisiblethings.blogspot.com/
• Information Security Resources: http://information-security-resources.com/
  • Physical security: http://information-security-resources.com/category/physical-security/
• Insights Into Information Security – http://www.randybias.com/
• Jeremiah Grossman’s (White Hat Security) blog: http://jeremiahgrossman.blogspot.com/
• Jesper’s Blog: http://msinfluentials.com/blogs/jesper/
• Jibbering musings: http://jibbering.com/blog/
• Kaos.Theory: Fractal blog: http://theory.kaos.to/blog/
• Krebs on Security – http://www.krebsonsecurity.com/
• “The Laws of Vulnerabilities” by Wolfgang Kandek (Qualys) – http://laws.qualys.com/
• Lenny Zeltser security blog – http://zeltser.com/
  • Critical Log Review Checklist for Security Incidents – http://zeltser.com/log-management/security-incident-log-review-checklist.html
  • Analyzing Malicious Documents Cheat Sheet – http://zeltser.com/reverse-malware/analyzing-malicious-documents.html
  • Security Architecture Cheat Sheet for Internet Applications – http://zeltser.com/security-management/security-architecture-cheat-sheet.html
  • Troubleshooting Human Communications – http://zeltser.com/cheat-sheets/human-communications-cheat-sheet.html
  • Security Incident Survey Cheat Sheet for Server Administrators – http://zeltser.com/network-os-security/security-incident-survey-cheat-sheet.html
  • Initial Security Incident Questionnaire for Responders – http://zeltser.com/network-os-security/security-incident-questionnaire-cheat-sheet.html
  • Reverse-Engineering Malware Cheat Sheet – http://zeltser.com/reverse-malware/reverse-malware-cheat-sheet.html
  • Network DDoS Incident Response Cheat Sheet – http://zeltser.com/network-os-security/ddos-incident-cheat-sheet.html
  • Information Security Assessment RFP Cheat Sheet – http://zeltser.com/security-assessments/security-assessment-rfp-cheat-sheet.html
• Light Blue Touchpaper: http://www.lightbluetouchpaper.org/; Security Research, Computer Laboratory, University of Cambridge
• Marcus Ranum – http://www.ranum.com/
• Mark Rusinovich:
  • Mark’s blog: http://blogs.technet.com/markrussinovich/
  • Sysinternals blog: http://blogs.technet.com/sysinternals/
  • Sysinternals forum: http://forum.sysinternals.com/
• McAfee Avert Labs Blog: http://www.avertlabs.com/research/blog/
• Metasploit: http://metasploit.blogspot.com/
• Microsoft security response center (corporate) – http://blogs.technet.com/msrc/
• Mister Reiner – http://misterreiner.wordpress.com/
• Network Security Blog – http://www.mckeay.net/
• Network Security Consulting Blog – http://blog.emagined.com/
• Ninda Diary: http://nindadiary.wordpress.com/: cryptography| database hacking| hack tools, utilities and exploits| hardware hacking| virology| web hacking
• Patch Day Review – http://www.patchdayreview.com/
• PaulDotCom (Paul Asadoorian): site/blog – http://pauldotcom.com/| podcast (“Security Weekly”) – http://pauldotcom.com/security-weekly/, http://itunes.apple.com/us/podcast/pauldotcom-hack-naked-tv/id121896233
• Praetorian Prefect – http://praetorianprefect.com/
• Qaddisin Security Blog – http://blog.qaddisin.com/
• Rational Survivability by Chris Hoff – http://www.rationalsurvivability.com/blog/
• Ryan Pitylak’s Personal Blog – Current Events: http://ryanpitylak.blogspot.com/
• SANS Audit Blog – http://it-audit.sans.org/blog
• SANS ISC Stormcast (podcast) – http://isc.sans.org/podcast.html
• SANS Internet Storm Center – http://isc.sans.org/
• SecuriTeam Blogs: http://blogs.securiteam.com/
• Security Week – http://www.securityweek.com/
• SecBarbie by Erin Jacobs – http://www.secsocial.com/blog/
• Security Catalyst podcast – http://www.securitycatalyst.com/blog/security-catalyst-podcast/
• Security Incite by Mike Rothman – http://securityincite.com/blog/mike-rothman
• Security Uncorked – http://securityuncorked.com/
• Shell is only the Beginning: http://www.darkoperator.com/
• Schneier On Security – Bruce Scheier’s blog: http://www.schneier.com/| Cryptogram newsletter archive: http://www.schneier.com/crypto-gram-back.html| Cryptogram security podcast: http://crypto-gram.libsyn.com/
• Slight Paranoia – http://paranoia.dubfire.net/ – Analysis and opinion by Christopher Soghoian, security and privacy researcher.
• SpyChips blog by Katherine Albrecht – http://www.spychips.com/blog/index.html
• strawberryJAMM’s Security and User Experience WebLog – http://blogs.technet.com/strawberryjamm/default.aspx
• SunbeltBLOG: http://sunbeltblog.blogspot.com/, http://www.sunbeltblog.blogspot.com/
• TaoSecurity (by Richard Bejtlich) – http://taosecurity.blogspot.com/
• The Security Blog (SIC!) – http://www.thesecurityblog.com/
• ThreatPost – http://www.threatpost.com/
• Troy Jessup’s Security Blog – http://www.ndnn.org/blog/
• Troy Hunt’s blog – http://www.troyhunt.com/
  • A brief Sony password analysis – http://www.troyhunt.com/2011/06/brief-sony-password-analysis.html
  • The only secure password is the one you can’t remember – http://www.troyhunt.com/2011/03/only-secure-password-is-one-you-cant.html
  • The 3 reasons you’re forced into creating weak passwords – http://www.troyhunt.com/2011/03/3-reasons-youre-forced-into-creating.html
  • Bad passwords are not fun and good entropy is always important: demystifying security fallacies – http://www.troyhunt.com/2011/04/bad-passwords-are-not-fun-and-good.html
• Uncommon Sense Security by Jack Daniel – http://blog.uncommonsensesecurity.com/
• Unspecific – http://www.unspecific.com/
  • Nmap tools – http://www.unspecific.com/nmap/
• Usable Security – http://usablesecurity.com/
• Wirewatcher – http://wirewatcher.wordpress.com/
• Zero Day (by Ryan Naraine and Dancho Danchev) – http://www.zdnet.com/blog/security

—–
Similar collections (and partial sources) of links:

• Security Blog Log – http://wikihead.wordpress.com/2010/02/20/security-blog-log/