The second in our series of cybersecurity resources for 2021, this post looks at the best sources for keeping up with cybersecurity news and opinions.
If this image doesn't scream out "cybersecurity news reporter as a toddler", I don't know what does.
Their description: Bleeping Computer® is an information security and technology news publication created in 2004 by Lawrence Abrams. Millions of visitors come to BleepingComputer.com every month to learn about the latest security threats, technology news, ways to stay protected online, and how to use their computers more efficiently.
Owned by: Bleeping Computer (independent).
Reminds me of: That friend you turn to and ask “Listen, I TOTALLY know what the Windows MSHTML bug is, but see, how would you explain it to your parents in easy to understand terms?”
- Free REvil ransomware master decrypter released for past victims
- Microsoft: Windows MSHTML bug now exploited by ransomware gangs
- MikroTik shares info on securing routers hit by massive Mēris botnet
Their description: CSO serves enterprise security decision-makers and users with the critical information they need to stay ahead of evolving threats and defend against criminal cyberattacks. With incisive content that addresses all security disciplines from risk management to network defense to fraud and data loss prevention, CSO offers unparalleled depth and insight to support key decisions and investments for IT security professionals.
Owned by: IDG
Reminds me of: The Buzzfeed News of Cybersecurity, and that’s not an insult. Buzzfeed has mastered the art of the headline while simultaneously winning multiple Pulitzer Prizes, and that’s what CSO seems to be going for. A mix of serious news as well as stories like “8 must-ask security analyst interview questions” to satisfy those looking for breaking news and others looking to learn how to advance their careers.
- How APTs become long-term lurkers: Tools and techniques of a targeted attack
- How CISOs and CIOs should share cybersecurity ownership
- 8 top cloud security certifications
Their description: FedScoop is the leading tech media brand in the federal government market. With more than 3.6 million monthly unique engagements, FedScoop gathers top leaders from the White House, federal agencies, academia, and the tech industry to discuss ways technology can improve government and identify ways to achieve common goals. With our website, newsletter and events, we’ve become the community’s go-to platform for news, education and collaboration.
Owned by: SNG - Scoop News Group
Reminds me of: What would happen if a group of federal agency security experts decided to make their conversations public?
- White House nominates John Sherman as Department of Defense CIO
- Ellen Lord: ‘Don’t let the perfect be the enemy of the good’ with CMMC
- Nuclear Regulatory Commission on track to complete EIS transition by year end
Their description: Help Net Security is an independent site, focusing on information security since 1998. We don’t cater just to people searching for breaking news. We explore a wide range of content and tackle technical security challenges, management issues, and other concerns of importance to people working in every department of an organization.
Owned by: Help Net Security (independent)
Reminds me of: A security news meetup where security practitioners give lightning talks about news and then sponsors get to give short talks about why their products matter.
- Keys to the cloud: Unlocking digital transformation to enhance national security
- CVE-2021-40444 exploitation: Researchers find connections to previous attacks
- 9 tips to avoid cloud configuration conundrums
Their description: Infosecurity Magazine has over twelve years of experience providing knowledge and insight into the information security industry. Its multiple award winning editorial content provides compelling features both online and in print that focus on hot topics and trends, in-depth news analysis, and opinion columns from industry experts.
Owned by: Reed Exhibitions UK Ltd.
Reminds me of: A European events company putting on conferences ranging from flowers and gardening to plastics and woodworking created a companion site to complement their in-person events.
- Banks Slammed for Low Fraud Reimbursement Rates
- FTC: Health Apps Must Notify Consumers of Data Breaches
- Misconfigured APIs Account for Two-Thirds of Cloud Breaches
Their description: MeriTalk is a public-private partnership that leverages an award-winning editorial team and world-class events staff to produce unmatched news, analysis, and insight that improves the outcomes of government information technology.
Owned by: 300Brand
Reminds me of: If a private group of federal agency CISO and security practitioners decided to make all of their discussions public. It’s a site that is hyper-focused on information security news, policies, and opinions relevant to public sector agencies.
- In Tech We Trust: Confidence in Federal Technology Opportunity Dwarfs Faith in Government
- New AUKUS Pact Features Partnerships to Advance Emerging Tech
- VA Faces 12 Percent Unvaccinated Rate at VHA Weeks Before Deadline
Their description: SC Media is the essential resource for cybersecurity professionals — the flagship information brand of CyberRisk Alliance and the gateway to content from Security Weekly, CRA Business Intelligence, Infosec World, and SC Events.
Owned by: Cyber Risk Alliance
Reminds me of: A huge thanksgiving dinner, but everyone there works in cybersecurity. You have the opinionated uncle, cousins that love gossiping about the latest threats, the kids talking about the newest reviews in SW Labs, and the old folks talking about what cybersecurity was like when the “ILOVEYOU” virus hit.
- Security teams advised to patch ‘OMIGOD’ vulnerabilities in Azure
- Universal decryptor released for past victims of REvil ransomware group
- Security researchers skeptical we’ve seen the last of PrintNightmare
Their description: Cybersecurity news, insights, and analysis
Owned by: Wired Business Media
Reminds me of: The RSA conference as a blog and news site. Part security news headlines and industry updates. Part security professional opinion columns. Part vendor marketing pitches.
- Endpoint Security Platform Kolide Banks $17 Million Investment
- Several Access Bypass, CSRF Vulnerabilities Patched in Drupal
- How Threat Response is Evolving
Their description: The Hacker News (THN) is a leading, trusted, and widely recognized cybersecurity news platform that attracts over 8 million readers monthly, including IT professionals, researchers, hackers, technologists, and enthusiasts. At Hacker News, you'll find the latest cybersecurity news and in-depth reports on current and future Infosec trends and how they are shaping the cyber world.
Owned by: The Hacker News (independent)
Reminds me of: If a bunch of infosec practitioners that see each other at conferences decided to create a blog news site to keep in touch between shows.
- Travis CI Flaw Exposes Secrets of Thousands of Open Source Projects
- Third Critical Bug Affects Netgear Smart Switches — Details and PoC Released
- Windows MSHTML 0-Day Exploited to Deploy Cobalt Strike Beacon in Targeted Attacks
Their description: The Register is a leading and trusted global online enterprise technology news publication, reaching roughly 40 million readers worldwide. Our core audience is in America, Asia-Pacific, and the UK. We also have readers hailing from Canada, northern Europe, India, and beyond.
Owned by: Situation Publishing
Reminds me of: US Weekly with an English accent.
- If it were possible to evade facial-recognition systems using just subtle makeup, it might look something like this
- Turing Award winner Barbara Liskov on CLU and why programming is still cool
- De-identify, re-identify: Anonymised data's dirty little secret
Their description: Threatpost is a long-running, independent source of news and analysis about the cybersecurity landscape, covering breaking news and threat research, malware and vulnerability analysis, long-term trends and everything in-between.
Owned by: threatpost (independent)
Reminds me of: Russell Casse - the Randy Quaid character in the 1996 blockbuster Independence Day. You hear about all the threats and then realize that what could easily be dismissed as fear mongering conspiracy theories are actually all valid.
- HP Omen Hub Exposes Millions of Gamers to Cyberattack
- Financial Cybercrime: Following Cryptocurrency via Public Ledgers
- REvil/Sodinokibi Ransomware Universal Decryptor Key Is Out