October 1, 2017
A subjective list of useful cybersecurity resources
In this (supposedly) frequently updated article, I list websites and publications that I find useful as a referential/background for my cybersecurity activities. Basically, this is a dump of my Feedly subscriptions list, assorted with additional elements (books that I read, links I don’t want to lose, and so on).
- General IT news – it is important to keep a broad mind when it comes to cybersecurity!
- Guillaume Kulakowski’s blog: http://blog.kulakowski.fr.
- LinuxFr.org: https://linuxfr.org/.
- Les Numériques: https://www.lesnumeriques.com.
- MacBidouille.com: http://macbidouille.com/.
- Journal du Geek: http://www.journaldugeek.com.
- Android Authority: https://www.androidauthority.com.
- Tux-planet: http://www.tux-planet.fr.
- Phoronix: http://www.phoronix.com/.
- WebUpd8: http://www.webupd8.org/.
- Génération NT: https://www.generation-nt.com.
- Korben: https://korben.info.
- Actively Direct: http://activelydirect.blogspot.com/.
- General technical publications
- ANSSI (French security agency) technical notes: https://www.ssi.gouv.fr/entreprise/bonnes-pratiques/. They publish a ton of well-structured and very consistent technical notes on various topics, mostly operating systems security. A good go to to find a starting point for implementing your server and workstation infrastructure security.
- Cybersecurity news
- Security Affairs: http://securityaffairs.co/wordpress. The blog of the excellent Pierluigi Paganini. The guy works at the ENISA and has some of the best analysis I’ve read so far. Everything Talos does, every big headline that comes out regarding security, passes through his acute mind. He creates high quality content that’s really worth your time.
- SANS Cyber Defense blog: https://cyber-defense.sans.org/blog.
- The State of Security: https://www.tripwire.com/state-of-security.
- Infosec Island: https://www.infosecisland.com.
- The CISCO TALOS blog: https://blogs.cisco.com. A must read for anyone concerned with Threat Intelligence. They spend a lot of time finding actual solutions to current threats and, most of time, they’re published as freewares!
- Infosecurity Magazine: https://www.infosecurity-magazine.com/news/.
- US-CERT bulletins: https://www.us-cert.gov/.
- Cryptography
- A Few Thoughts on Cryptographic Engineering: https://blog.cryptographyengineering.com. A well thought out blog about cryptograpic implementations in everyday pieces of hardware and software, focused on their shortcoming and the lessons that can be learned.
- The Cryptography channel of Topix: http://www.topix.com/science/cryptography. Topix is a kind of a news aggregator. Not all the content is relevant but it’s a nice source of information to avoid missing important events.
- The Cryptography subReddit: https://www.reddit.com/r/crypto/. Well, that’s Reddit. A collection of brilliant people that don’t always do brilliant things. That sub is very rich in content and excellent advice, so I strongly recommend giving it a shot.
- Virtualisation news
- eWeek: http://www.eweek.com.
- TVP Strategy: https://www.virtualizationpractice.com.
- VMblog: http://vmblog.com/default.aspx.
- airlied: https://airlied.livejournal.com/.
- virtualization.info: http://virtualization.info/en.