- A Day In The Life of an Information Security Officer – http://blogs.ittoolbox.com/security/
- An Information Security Place podcast – http://infosecplace.com/blog/
- Anti-Virus rants: http://anti-virus-rants.blogspot.com/
- Anton Chuvakin Personal Blog: http://chuvakin.blogspot.com/
- Art of Hacking – http://artofhacking.com/
- Auditcast by David Hoelzer (podcasts) – http://auditcasts.com/ | RSS – http://feeds.feedburner.com/AuditcastsWithDavidHoelzer
- # 1 : Auditing Routers and Switches with Nipper – http://auditcasts.com/screencasts/1 | MOV – http://auditcasts.com/videos/mov/videos/1/Episode%201%20-%20Routers%20and%20Switches.mov?1307548856 | Auditing Routers & Switches with Nipper Show Notes – http://it-audit.sans.org/blog/2011/06/07/auditing-routers-switches-with-nipper-show-notes
- Audit Monkey’s blog – http://auditmonkey.wordpress.com/
- Authentium Virus Blog: http://blogs.authentium.com/virusblog/
- Browser Fun: http://browserfun.blogspot.com/
- Carna0wnage blog – http://carnal0wnage.attackresearch.com/ has a lot of metasploit tricks.
- CSO Security Insights podcast – http://www.csoonline.com/podcasts
- Cisco Security (corporate) – http://blogs.cisco.com/security
- Computer Security @ Big Blog – http://bigblog.com/computer_security.html
- Connectivity – http://itknowledgeexchange.techtarget.com/connectivity/
- CYBER ARMS – Computer Security – http://cyberarms.wordpress.com/
- CyberSecurity news – http://cybersecuritynews.org/
- D90 Tools & Techniques: http://www.d90.us/toolbox/
- Darknet.org – http://www.darknet.org.uk/
- Declan McCullagh: Politech – http://www.politechbot.com/– DEFUNCT | The Iconoclast – http://www.news.com/the-iconoclast/
- Dominic White > .tHE pRODUCT: http://singe.rucus.net/blog/
- “Defensive Computing” by MIchael Horowitz (at CNet) – http://news.cnet.com/defensive-computing/ | RSS: http://news.cnet.com/2547-1_3-0-20.xml
- Emergent Chaos by Adam Shostack and ensemble – http://www.emergentchaos.com/
- Essential Computer Security – http://www.tonybradley.com/
- ::eSploit:: – http://esploit.blogspot.com/ – looks like a blog linking to the various security/hacking resources.
- Evil Bytes by John Sawyer – http://www.darkreading.com/blog/archives/evil_bytes/index.html
- Exotic Liability (podcast): http://exoticliability.libsyn.com/| http://www.exoticliability.com/| http://www.podcastalley.com/podcast_details.php?pod_id=75883
- Focus and Planning for Success in Business: http://salmankkhan.blogspot.com/
- Fortiguard blog (corporate) – http://blog.fortinet.com/
- Frequency X (ISS) blog (corporate) – http://blogs.iss.net/
- Graham Cluley’s (Sophos) blog – http://www.sophos.com/blogs/gc/
- How To Combat Spam Blog. By Anti-Spam Activist Ryan Pitylak: http://combatspam.blogspot.com/
- I Think….Therefore This Blog – http://vasim.blogspot.com/
- InvisibleThings: http://theinvisiblethings.blogspot.com/
- Information Security Resources: http://information-security-resources.com/
- Physical security: http://information-security-resources.com/category/physical-security/
- Insights Into Information Security – http://www.randybias.com/
- Jeremiah Grossman’s (White Hat Security) blog: http://jeremiahgrossman.blogspot.com/
- Jesper’s Blog: http://msinfluentials.com/blogs/jesper/
- Jibbering musings: http://jibbering.com/blog/
- Kaos.Theory: Fractal blog: http://theory.kaos.to/blog/
- Krebs on Security – http://www.krebsonsecurity.com/
- “The Laws of Vulnerabilities” by Wolfgang Kandek (Qualys) – http://laws.qualys.com/
- Lenny Zeltser security blog – http://zeltser.com/
- Critical Log Review Checklist for Security Incidents – http://zeltser.com/log-management/security-incident-log-review-checklist.html
- Analyzing Malicious Documents Cheat Sheet – http://zeltser.com/reverse-malware/analyzing-malicious-documents.html
- Security Architecture Cheat Sheet for Internet Applications – http://zeltser.com/security-management/security-architecture-cheat-sheet.html
- Troubleshooting Human Communications – http://zeltser.com/cheat-sheets/human-communications-cheat-sheet.html
- Security Incident Survey Cheat Sheet for Server Administrators – http://zeltser.com/network-os-security/security-incident-survey-cheat-sheet.html
- Initial Security Incident Questionnaire for Responders – http://zeltser.com/network-os-security/security-incident-questionnaire-cheat-sheet.html
- Reverse-Engineering Malware Cheat Sheet – http://zeltser.com/reverse-malware/reverse-malware-cheat-sheet.html
- Network DDoS Incident Response Cheat Sheet – http://zeltser.com/network-os-security/ddos-incident-cheat-sheet.html
- Information Security Assessment RFP Cheat Sheet – http://zeltser.com/security-assessments/security-assessment-rfp-cheat-sheet.html
- Light Blue Touchpaper: http://www.lightbluetouchpaper.org/; Security Research, Computer Laboratory, University of Cambridge
- Marcus Ranum – http://www.ranum.com/
- Mark Rusinovich:
- Mark’s blog: http://blogs.technet.com/markrussinovich/
- Sysinternals blog: http://blogs.technet.com/sysinternals/
- Sysinternals forum: http://forum.sysinternals.com/
- McAfee Avert Labs Blog: http://www.avertlabs.com/research/blog/
- Metasploit: http://metasploit.blogspot.com/
- Microsoft security response center (corporate) – http://blogs.technet.com/msrc/
- Mister Reiner – http://misterreiner.wordpress.com/
- Network Security Blog – http://www.mckeay.net/
- Network Security Consulting Blog – http://blog.emagined.com/
- Ninda Diary: http://nindadiary.wordpress.com/: cryptography| database hacking| hack tools, utilities and exploits| hardware hacking| virology| web hacking
- Patch Day Review – http://www.patchdayreview.com/
- PaulDotCom (Paul Asadoorian): site/blog – http://pauldotcom.com/| podcast (“Security Weekly”) – http://pauldotcom.com/security-weekly/, http://itunes.apple.com/us/podcast/pauldotcom-hack-naked-tv/id121896233
- Praetorian Prefect – http://praetorianprefect.com/
- Qaddisin Security Blog – http://blog.qaddisin.com/
- Rational Survivability by Chris Hoff – http://www.rationalsurvivability.com/blog/
- Ryan Pitylak’s Personal Blog – Current Events: http://ryanpitylak.blogspot.com/
- SANS Audit Blog – http://it-audit.sans.org/blog
- SANS ISC Stormcast (podcast) – http://isc.sans.org/podcast.html
- SANS Internet Storm Center – http://isc.sans.org/
- SecuriTeam Blogs: http://blogs.securiteam.com/
- Security Week – http://www.securityweek.com/
- SecBarbie by Erin Jacobs – http://www.secsocial.com/blog/
- Security Catalyst podcast – http://www.securitycatalyst.com/blog/security-catalyst-podcast/
- Security Incite by Mike Rothman – http://securityincite.com/blog/mike-rothman
- Security Uncorked – http://securityuncorked.com/
- Shell is only the Beginning: http://www.darkoperator.com/
- Schneier On Security – Bruce Scheier’s blog: http://www.schneier.com/| Cryptogram newsletter archive: http://www.schneier.com/crypto-gram-back.html| Cryptogram security podcast: http://crypto-gram.libsyn.com/
- Slight Paranoia – http://paranoia.dubfire.net/ – Analysis and opinion by Christopher Soghoian, security and privacy researcher.
- SpyChips blog by Katherine Albrecht – http://www.spychips.com/blog/index.html
- strawberryJAMM’s Security and User Experience WebLog – http://blogs.technet.com/strawberryjamm/default.aspx
- SunbeltBLOG: http://sunbeltblog.blogspot.com/, http://www.sunbeltblog.blogspot.com/
- TaoSecurity (by Richard Bejtlich) – http://taosecurity.blogspot.com/
- The Security Blog (SIC!) – http://www.thesecurityblog.com/
- ThreatPost – http://www.threatpost.com/
- Troy Jessup’s Security Blog – http://www.ndnn.org/blog/
- Troy Hunt’s blog – http://www.troyhunt.com/
- A brief Sony password analysis – http://www.troyhunt.com/2011/06/brief-sony-password-analysis.html
- The only secure password is the one you can’t remember – http://www.troyhunt.com/2011/03/only-secure-password-is-one-you-cant.html
- The 3 reasons you’re forced into creating weak passwords – http://www.troyhunt.com/2011/03/3-reasons-youre-forced-into-creating.html
- Bad passwords are not fun and good entropy is always important: demystifying security fallacies – http://www.troyhunt.com/2011/04/bad-passwords-are-not-fun-and-good.html
- Uncommon Sense Security by Jack Daniel – http://blog.uncommonsensesecurity.com/
- Unspecific – http://www.unspecific.com/
- Nmap tools – http://www.unspecific.com/nmap/
- Usable Security – http://usablesecurity.com/
- Wirewatcher – http://wirewatcher.wordpress.com/
- Zero Day (by Ryan Naraine and Dancho Danchev) – http://www.zdnet.com/blog/security
—–
Similar collections (and partial sources) of links:
- Security Blog Log – http://wikihead.wordpress.com/2010/02/20/security-blog-log/
[…] Infosec blogs […]
LikeLike
Pingback by Infosec online « Eikonal Blog — 2010.03.17 @ 09:55
[…] infosec blogs – https://eikonal.wordpress.com/2010/03/17/infosec-blogs/> […]
LikeLike
Pingback by Information Security Sites « Eikonal Blog — 2011.05.17 @ 11:38