15 of the best Internet security blogs
by Jago Maniscalchi // August 20, 2011 // Reviews // No comments
In order to keep up to date, I scan daily across an incredible number of Internet or security focussed news sites and blogs. I use Google Reader to aggregate the posts and facilitate easy access to them all in one place. It seems, however, that the articles I dig into are always from the same sites. I’d like to share a handful of those sites with you today. Most you will probably be familiar with, though some may be unknown. I’d highly recommend adding them all to your RSS reader if you have one.
The sites are presented in alphabetical order. I’ve chosen 15 in total.
Darknet was launched in 2006 but its origins lie in a network of friends that first formed on EFNet IRC in 1999. With the tagline “Don’t learn to HACK, hack to LEARN”, the site is now a blog that covers Ethical Hacking, Penetration Testing and Computer Security. It features excellent tool reviews, analysis of new vulnerabilities and comment on topics in the press.
Dark Reading is a “security dashboard for IT professionals who don’t have the time or the luxury of combing wirefeeds, multiple bug feeds, or vendor Websites to find out what’s new or how well it works”. It combines up to the minute news from a variety of sources with excellent analysis from a series of blogs like the excellent Evil Bytes by John Sawyer.
Dancho Danchev’s blog contains in depth technical analysis of the latest technical security trends and malware threats. Danchev is a specialist in open-source intelligence (OSINT), gathering intelligence from the web on the personalities behind current threats. He also specialises in sarcasm. Danchev also contributes to ZDNet’s Zero Day blog with Ryan Naraine from Threatpost (see below).
We’ve been following Open Source Intelligence (OSINT) expert Jeffrey Carr through a number of his project. He authored an extremely insightful blog – IntelFusion – before launching the Grey Goose Project, an initiative that investigated instances of state-on-state cyber warfare by fusing all available open source intelligence. Wired covered the launch of the report. Having launched a commercial consultancy off that back of that work, he has switched his blogging efforts to The Firewall blog at Forbes, where he joins 54 other contributors. The blog is a news service with a strong focus on government, particularly cyber security as a tool of foreign policy.
Mikko H. Hyppönen is the Chief Research Officer at Internet security firm F-Secure. His team of security researchers – personnel responsible for analyzing virus, phishing, spyware, and spam attacks – contribute to the F-Secure Weblog. The topics covered are broad – tools, techniques, botnet analysis, comment – and all the posts are easily accessible for non-technical readers.
Jeremiah Grossman, a former IT Security Officer at Yahoo!, is the Founder and Chief Technology Officer of specialist website security consultancy WhiteHat Security. Grossman, a technical research and development specialist, is a regular speaker at industry events and is a leading commentator in the mainstream media. His blog articles are based on his cutting-edge technical analysis of web browser and website vulnerabilities.
No reading list would be complete without reference to Paul Asadoorian and company over at pauldotcom.com. A weekly podcast rather than a blog, PaulDotCom features the latest news, in depth technical segments and plenty of humour (and beer). He is joined by Larry Pesce, John Strand, Mick Douglas and Carlos Perez.
A regular keynote speaker and industry commentator, Chris Hoff specialises in “emerging and disruptive innovation and what it means to security”. At the moment that means Cloud Security and Virtualisation. In fact, Hoff is currently Director of Cloud & Virtualization Solutions of the Security Technology Business Unit at Cisco Systems. Rational Survivability is essential reading for any team making use of emerging technologies in the enterprise and who wants to understand the risks associated with them.
His bio is worth a read too.
The Internet Storm Center is a SANS project that has been running since 2001 having been formalised following the successful detection, by SANS Incident Handlers, of the Li0n worm. The handlers had isolated the worm and begun analysis within 3 hours of the outbreak, and had released a diagnostic tool and informed the FBI within 14 hours. With this success as its justification, the ISC was created with a remit to spot similar attacks and provide a global warning service. The ISC Diary is populated with the real-time analysis of the volunteer duty “handlers” who monitor feeds coming in from SANS’ DShield worldwide sensor network.
Bruce Schneier is the author of Applied Cryptography (and 10 other internationally bestselling books), creator of the Blowfish encryption algorithm (which has never been broken), author of the Crypto-gram newsletter (with 150,000 subscribers), a regular contributor to Wired Magazine and, if all that is not enough, is also Chief Security Technology Officer for British Telecom. Schneier describes his interests as an evolving series of generalisations – from mathematical security to computer security, from computer security to general security and now to the psychology of security. Schneier on Securitycontains essays, comment and links to interesting articles elsewhere on the web. It should be at the top of your list, with no exceptions.
Securelist (formerly viruslist) is a website managed by anti-virus vendor Kaspersky. It contains articles outlining common threats, in depth analysis of malware, viruses, the underground economy and trends, and a regularly updated blog. Anybody can contribute to the blog, but you have to have over 100 points, gained through submitting comments that are voted for by readers. There is also a refreshingly technical PDF magazine – SecureView – that can be downloaded from the site.
Secureosis is a commercial consultancy specialising in information security research and strategy. Their blog covers a broad range of security topics and features a really useful Friday summary with links to favourite webcasts, podcasts, blog articles, research reports and news articles from the previous week.
Richard Bejtlich is the author of ‘The TAO of Network Security Monitoring’, where he lays out a holistic approach to monitoring a network for security. His blog specialises in incident response and network forensics, though he also writes regularly on cyber weapons and cyber warfare.
Threatpost is a news service offered by Kaspersky and is managed by Dennis Fisher and Paul Roberts, ably assisted by Ryan Naraine. The Threatpost team scour the web for the latest stories and aggregate them into a single feed of news and expert commentary. The site offers service in English, Spanish and Portugese.
Zero In A Bit is the ZeroDay Labs Blog from Veracode, an Internet Risk Management consultancy. It isn’t updated very regularly, but when it is, the articles cover a broad range from legal and compliance issues to mobile malware.
