博客
CTF战队的blog
ruCTF第二名,比较厉害
http://h4des.org/blog/
挺厉害的外国人,对oauth这个漏洞写了很多分析的文章
http://homakov.blogspot.com/
技术
杂谈
网站
英文的
http://communities.coverity.com
freebuf找资料
http://resources.infosecinstitute.com/category/hacking-2/(这个科普很多)
http://hackersnewsbulletin.com/ (这个也不错)
http://www.darkreading.com
https://www.eff.org (这好像是个组织,不明套路)
http://krebsonsecurity.com/ (和银行相关的比较多)
http://blog.spiderlabs.com/(技术文章较多)
http://www.routerpwn.com/ (专门讲数据库的入侵手法和测试结果看起来比较不错)
http://securityaffairs.co/wordpress/ (翻译过一篇资讯类的)
http://thehackernews.com/ 同上
http://www.net-security.org/ 同上
中文的
最佳安全播客提名:
SANS 的ISC每日播报 Stormcast:
https://isc.sans.edu/podcast.html
MiSec, OWASP Detroit, BSides Detroit的播客:
http://podcast.michsec.org/
Security Slice:
http://www.tripwire.com/state-of-security/topics/security-slice-podcast/
Threat Post:
https://www.threatpost.com
Security Ledger:
https://securityledger.com/category/podcasts/
The Risk Science Podcast:
http://riskscience.net/
SecurityWeekly:
http://pauldotcom.com/
Securosis, Firestarter:
https://securosis.com/blog/firestarter-the-nsa-and-rsa
SANS 的ISC每日播报 Stormcast:
MiSec, OWASP Detroit, BSides Detroit的播客:
Security Slice:
Threat Post:
Security Ledger:
The Risk Science Podcast:
SecurityWeekly:
Securosis, Firestarter: