We mentioned these on the last show, but I wanted to make a posting that lists and describes each, in no particular order. I also wanted to say that this is not a list of our favorite blogs, per se, but a listing of blogs we most often pull stories for the show. We try not to talk about the news that everyone else is talking about, and the following resources give us the best material:
- http://isc.sans.org/ - Sponsored and run by the SANS Institute, the ISC incident handlers do a fantastic job of summarizing the latest security trends, research, vulnerabilities, and exploits.
- http://www.darknet.org.uk/ - Always full of the latest and greatest hacking news, Mr. Darknet reports on new security tools, updates to security tools, and other underground security topics that are interesting to read and usually not mainstream.
- http://www.schneier.com/blog/ - What can we say, Bruce's commentary is spot on, and has been for as long as I can remember. You will often find insightful commentary on stories that you may pass over or just plain miss. Don't miss the Friday squid blogging either.
- http://www.professionalsecuritytesters.org/ - Absolutely one of the best resources for penetration testers. Good news and information with a focus on quality rather than quantity. You will find tool updates and other interesting factoids for penetration testers.
- http://www.f-secure.com/weblog/ - This has become one of my favorite blogs in recent months. The F-Secure team does an outstanding job of making some of the best and most interesting security related posts. Their research team rocks, frequently posting about bluetooth security and malware analysis.
The PaulDotCom Security Weekly Crew