Here are the tabs that are my homepages: http://news.cnet.com/security/ http://isc.sans.org/ http://www.doecirc.energy.gov/index.html http://www.securityfocus.com/vulnerabilities
I am also on a WSUS and patch management mailing lists (lurk mode by and large): http://www.patchmanagement.org/ Susan Bradley (on the patch management list) is good for posting quite relevant information on upcoming MS patches. Randy Smith's newsletters are useful comments on upcoming Windows patches as well as other good information, I am subscribed to that as well: http://www.ultimatewindowssecurity.com/Default.aspx (very low volume) The SMS mailing list (at least as prolific as this list) also covers patching but only perhaps 5% of it is dedicated to that. I am also on Adobe's notification lists but they come out after I have already heard from other sources... Yes, I am on a sh!tload of lists, but I feel nothing I do personally is reinventing the wheels and with some careful e-mail rules it is not overwhelming to keep up with. Dave From: Ziots, Edward [mailto:[email protected]] Sent: Tuesday, August 18, 2009 5:33 AM To: NT System Admin Issues Subject: RE: security updates/bulletins Be on Secunia and Bugtraq, those will give you basically everything you are going to need accordingly. I follow these two religiously in my patching, and security remedations, along with a few "underground" discussion groups, I am not going to name for various reasons. Z Edward Ziots Network Engineer Lifespan Organization MCSE,MCSA,MCP+I, ME, CCA, Security +, Network + [email protected]<mailto:[email protected]> Phone:401-639-3505 ________________________________ From: Benjamin Zachary - Lists [mailto:[email protected]] Sent: Tuesday, August 18, 2009 2:47 AM To: NT System Admin Issues Subject: security updates/bulletins On our new pci requirement they want the staff to be on some security update lists. I went to cisecurity.org and sans.org and didn't see anything special. I used to be on ntbugtraq and I suppose I could sign them up for the Microsoft ones (they are 100% MS shop), just wondering what else people are following in these areas. Thanks ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
