×
all 98 comments

[–]goretskyAryeh Goretsky 163 points164 points  (5 children)

Hello,

I use Reddit for this purpose. I have created several security themed multireddits for the purpose of tracking security-related topics:

https://old.reddit.com/user/goretsky/m/security/ - tracks about 90 active security-related subreddits, but no vendors or open source projects and is regularly pruned of inactive subreddits.

https://old.reddit.com/user/goretsky/m/security_vendor/ - tracks about three dozen security vendor and open source project subreddits.

https://old.reddit.com/user/goretsky/m/security_inactive/ - a multireddit specifically for subreddits that were in the first two, but no longer seem to be active (lets me periodically check them for activity)

You can view these by new, hot, top and so forth to get ideas of what's current, might be an emerging issue, what was historically significant, and so forth.

Regards,

Aryeh Goretsky

[–]cccanterbury 7 points8 points  (0 children)

Wow thanks Aryeh!

[–]kitwillybb 2 points3 points  (0 children)

Thanks for this.

[–]Robbbbbbbbb 2 points3 points  (0 children)

Thanks! Great multireddits

[–]That_CatDad 2 points3 points  (0 children)

Well I just discovered multireddits, thank you so much this will definitely change how I use this site

[–][deleted]  (6 children)

[deleted]

    [–]uncannysaltSecurity Architect 12 points13 points  (0 children)

    Exactly. Most prolific security folks have feeds available.

    [–]th4ntis 5 points6 points  (4 children)

    I would actually love to do this but need to figure out how. I haven't looked into it yet but this is on my list of things to do.
    Any recommendations or tips would be helpful.

    [–][deleted]  (2 children)

    [deleted]

      [–]th4ntis 0 points1 point  (1 child)

      For someone getting started, any RSS links you recommend?

      [–]Bleord 0 points1 point  (0 children)

      Lots of web browsers have it built in.

      [–]beagle_bathouse 59 points60 points  (8 children)

      desert person pet quiet worm hurry absorbed like cause rainstorm

      This post was mass deleted and anonymized with Redact

      [–]volume_two 12 points13 points  (2 children)

      Nazis have free speech rights too! And the Constitution guarantees their freedom of speech on X.

      You non-Nazis are the nazis!

      /S

      [–]beagle_bathouse 9 points10 points  (1 child)

      wakeful mighty steer fragile quickest rinse weather saw melodic boast

      This post was mass deleted and anonymized with Redact

      [–]volume_two -1 points0 points  (0 children)

      Somebody give this person an upvote!

      [–]sonicoakGovernance, Risk, & Compliance 96 points97 points  (19 children)

      https://infosec.exchange/home , it is a Mastodon server.

      [–]Chrishamilton2007 80 points81 points  (4 children)

      I dunno, I'm sure Jerry Bell is cool and all but I'm hesitant to point people to what could essentially turn into a private facebook group overnight.

      [–]Versed_Percepton 20 points21 points  (1 child)

      Jerry has Infosec.exchange open and very rarely are there admin issues at the federation level. Also, I have NEVER seen Jerry pull a 'shitty admin move' in the couple years I have been on the instance. Let me tell you, there were times I wish he would. But he is just not that type of person.

      He has been working his ass off to expand the instance to support the influx of new users, he is very open about this in his daily feeds too. So, there is no way in hell the instance will become 'private' with all the hard work he has put in here.

      [–]moker 4 points5 points  (0 children)

      thank you :)

      [–]Gangrif 16 points17 points  (0 children)

      for what it’s worth. jerry has been tirelessly administering infosec.exchange for years. and doesn’t seem likely to stop. and if he does…. you can move easily to another instance. defcon runs one, the mastodon folks run one. i run one (though mine is mainly for me.) and they all federate with the others. so you don’t miss out being on you’re own or one other than your friends are on.

      [–]moker 7 points8 points  (0 children)

      yes. After 7 years of being a free and open forum, I have decided to make infosec.exchange a private facebook group. I had been on the fence about it until now.

      [–]movement2012 17 points18 points  (6 children)

      Mastodon feels a bit dry. Are there too few people, or am I not following enough?

      [–][deleted]  (1 child)

      [deleted]

        [–]Myrion_Phoenix 7 points8 points  (0 children)

        It's also helpful to follow some hashtags (which the Mastodon android app can't, but f.ex. Tusky can and the web interface also works).

        I follow #fido2 and #cryptography, for example, as well as stuff like #bookstodon.

        [–]vitriolix 14 points15 points  (0 children)

        checkout the local feeds on a few instances to get lots of good content and find people to follow:

        https://infosec.exchange/public/local

        https://fosstodon.org/public/local

        https://hachyderm.io/public/local

        [–]mkosmoSecurity Architect 2 points3 points  (1 child)

        The fediverse isn't nearly as populated as it's zealots would lead you to believe, unfortunately. Great concept, but just doesn't have the momentum.

        [–]WollCel 1 point2 points  (0 children)

        Yeah it’s growing though, it doesn’t help how ideologically splintered instances can get

        [–]Zncon 9 points10 points  (0 children)

        The entire first page (and most of the rest of them) is politics and nonsense at the moment - not exactly an amazing recommendation. =/

        [–][deleted]  (1 child)

        [deleted]

          [–]moker 49 points50 points  (8 children)

          I run https://infosec.exchange - it has about 17000 active members, and among several other security related instances.

          [–]Elder_Meow_667 3 points4 points  (0 children)

          Jerrrrrry! Hehe

          [–]Popka_Akoola 3 points4 points  (1 child)

          May get downvoted for this but having been one of the earlier adopters into mastodon and infosec exchange specifically, I just don't see how it's better than X. I get a lot of crazy things have happened, but 95% of posts I see on infosec exchange are people congratulating themselves and being so proud they left Twitter and the other 5% are people introducing themselves and talking about their day/treating the platform like Twitter.

          I love the idea of Mastodon in general and I have high hopes for it's future, but I really think people are deluding themselves if they say it has better content at the moment.

          [–]syn-ack-fin 4 points5 points  (0 children)

          I just don’t see how it’s better than X

          Better is obviously relative, but Mastodon does take more work. The end result is that you have a feed solely with the information you want and not what is pushed on you. Oh and fewer nazis is nice too.

          [–]Fallingdamage 4 points5 points  (3 children)

          Just followed link. Bunch of political posts, ice cream stands and star trek jokes. I think I get better content on r/cybersecurity and arstechnica

          [–]moker 4 points5 points  (2 children)

          I don't think you were looking at the correct timeline - this is more representative of what we see: https://infosec.exchange/public/local

          [–][deleted]  (1 child)

          [deleted]

            [–]moker 7 points8 points  (0 children)

            Thanks for giving it a look.

            [–]Individual-Ad-9902 0 points1 point  (0 children)

            SECOND!

            [–]TradeApe 37 points38 points  (0 children)

            Infosec.exchange mastodon server

            X feels too much like Rumble or an Alex Jones fan club with the content that gets pushed. Definitely not paying for that.

            [–]Doc_HobbVulnerability Researcher 17 points18 points  (0 children)

            I like to use https://allinfosecnews.com it’s a great collection of feeds

            [–]Rebootkid 4 points5 points  (1 child)

            I'm over on infosec.exchange. Found it very useful.

            [–]hudsoncress 0 points1 point  (0 children)

            This is the way

            [–][deleted] 10 points11 points  (3 children)

            What I find interesting is after I closed my account, over time I realized I was gradually being linked to Twitter less and less by other external websites/ news sites. Now weeks can go by without it happening.

            So if his goal is to make twitter no longer relevant, he's doing a banger job.

            [–]itwasaraccoon 2 points3 points  (2 children)

            Same with me. But I have to admit that the huge security community and information exchange on Twitter used to be super helpful to stay up to date. Its going to take a long time to replicate that somewhere else.

            [–]650REDHAIR 0 points1 point  (1 child)

            My tinfoil hat might be on too tight, but sometimes I wonder if that is by design.

            [–]itwasaraccoon 0 points1 point  (0 children)

            Have you tried the new Titanium hat instead? People seem to love the color at least.

            [–]AyeSocketFucker 8 points9 points  (4 children)

            It was mastodon, not sure anymore, haven’t used it in awhile

            [–]vitriolix 5 points6 points  (3 children)

            Masto is thriving and growing rapidly, up to 14mil created accounts now (and of course lower monthly actives, but still very active). Every time there is news of more twitter stupidity there is a new spike of signups

            [–][deleted] 0 points1 point  (2 children)

            I tried Mastadon but I found it very difficult to actually see any posts that were actually worthwhile or interesting. It seems their algorithms for content recommendation need a lot of work or don't exist.

            I don't care about who posted most recently, I want to know what's actually worth reading that day.

            Also tried Threads but found it difficult to even find the content I wanted to see.

            [–]coloRD 0 points1 point  (1 child)

            it is based more on hashtags and you choosing who to follow than recommender algorithms. In fact many mastodon users often proudly proclaim they do not want to live in an algorithmically generated bubble being fed content.

            [–][deleted] 0 points1 point  (0 children)

            It is a double edged sword though as it makes it more difficult to find that content you want to follow - I don't think algorithms are inherently bad as long as they can't be manipulated.

            That being said, Reddit mostly managed without algorithms thanks to voting & community driven recommendations, but Mastadon doesn't have that.

            [–]AnIrregularRegularBlue Team 2 points3 points  (0 children)

            Honestly I’ve yet to run into a great Twitter replacement. Honestly Reddit is maybe the best for stuff before it hits blogs/news which is why I loved Twitter. Go follow sysadmin and MSP and they often see stuff before security people do.

            Mastodon is alright but just didn’t scratch the itch the same(also like to follow a lot of foreign policy/natsec peeps who won’t do Mastodon).

            Recently got into Bluesky and it’s okay. Not Twitter but also I think has a lot of potential.

            [–]LordCommanderTaurusGBlue Team 2 points3 points  (0 children)

            Have you tried Threads?

            [–]Tetmohawk 2 points3 points  (0 children)

            I see no ads. Pretty close to never. Here's how:

            (1) Use a DNS filter like CleanBrowsing.com and set it to filter ads and tracking.

            (2) Put Twitter in its own container. You can do this easily in Firefox. That way cookies and other stuff related to ads is isolated from every other website.

            (3) Use a Firefox add-on. I use both Privacy badger and uBlock origin.

            I don't see ads on almost any site with this method. At work I get ads all the time and it's annoying. Not sure how y'all lived like this for so long. Ads haven't been a part of my life for years. Now you know why.

            [–]mobo_dojo 4 points5 points  (1 child)

            Newsboat

            [–]irkine 0 points1 point  (0 children)

            What does your feed list look like for security? :)

            [–]Versed_Percepton 3 points4 points  (0 children)

            The closest thing to Twitter would be mastodon right now. You just need to decide on your home instance, build your profile like you would anywhere else, and start finding topics, hashtags, and people/groups to follow. Then filter out the junk(you can black list on keywords) so you can rebuild your RSS like you have it setup on Twitter.

            There are a dozen or so Infosec instances to choose from, I like Infosec.Exchange as its stable and a smooth experience. It has a solid Admin team and has no issues talking to the federation. The membership on the instance is pretty open and welcoming.

            [–]Individual-Ad-9902 1 point2 points  (0 children)

            Infosec.exchange on Mastodon is a very good place, and I get a lot of good information from my curated group on Linkedin. Dr. Chase Cunningham has a good weekly wrap up. And then there is always Cyber Protection Magazine.

            [–]eat_the_penniesSystem Administrator 2 points3 points  (7 children)

            I'm hoping Bluesky gets more popular once it actually opens. I was able to join yesterday and there's a small community of infosec people who share news there.

            [–]SpaceMaxil 1 point2 points  (4 children)

            Seems the chatty security folks are pretty split on Mastadon vs BlueSky. But most of the good leaks still end up on Twitter first.

            [–]eat_the_penniesSystem Administrator 1 point2 points  (3 children)

            Mastodon would've taken off by now if it really was ideal imo. The hesitancy leads me to believe people are really holding out for Bluesky to be Twitter 2.0

            Who knows if we'll ever get to that point though

            [–]SpaceMaxil 1 point2 points  (0 children)

            Folks are also looking for apps that work across fediverses. Seems to have potential.

            [–]look_ima_frog 1 point2 points  (1 child)

            I'm like a lot of people who have tried mastodon and nope out.

            I get the idea, but I still don't care to use it. User experience is not good. I have enough to learn and fix for my work, dealing with an overwrought platform isn't on the list right now.

            [–]Slythela 1 point2 points  (0 children)

            I'm the same way. I was pretty pumped to have another platform, I'm pretty over this website and I've never been into twitter. It's just not really there yet though, and it feels more like a facebook feed than anything else, even on the infosec ones.

            [–]flylikegarudaRed Team 0 points1 point  (1 child)

            Yes, but I get more cat pics than security. I am no fan of cats!

            [–]eat_the_penniesSystem Administrator 2 points3 points  (0 children)

            Unfortunate, cats are a huge part of my life :)

            [–]asecuredlife 1 point2 points  (4 children)

            Weirder? Twitter has always been a weird place.

            [–]skeedooshski[S] 20 points21 points  (1 child)

            Hence the weirdER :). Initially a part of its appeal, but increasingly not the case as of lately.

            [–]ComfortableProperty9 5 points6 points  (1 child)

            It went to shit right as I got my feed cultivated exactly like I wanted it.

            [–]missed_sla 7 points8 points  (0 children)

            Twitter is a hydra of insane conservatives now. Block one and 5 more are shoved into your face. My block list hundreds long and growing every time I load up that goddamn website. Honestly don't know why I do anymore, it's usually about 30 seconds before I close it again.

            [–]WummageSail 1 point2 points  (1 child)

            [–]skeedooshski[S] 0 points1 point  (0 children)

            It is awesome

            [–]Maidentyone 1 point2 points  (2 children)

            I use Feedly it has excellent security feed, plus you can add your own (rss) feeds

            [–]skeedooshski[S] 0 points1 point  (0 children)

            That's an interesting one. I'll have a look as I'd be keen on adding the risky business RSS feed to something like that.

            [–]gamed0g 0 points1 point  (0 children)

            +1 for Feedly. It has loads of options to configure and refine your feeds

            [–][deleted]  (3 children)

            [deleted]

              [–]moker 7 points8 points  (0 children)

              Nah, that is not correct. You can join infosec.exchange and follow anyone on infosec.exchange or any of the other mastodon instances with that one account.

              [–]Gangrif 4 points5 points  (0 children)

              no, you’re doing it wrong. you pick a home server based on your preferences. they all federate with eachother. i run my own and the experience has been awesome. you do need to give it time and start following folks to really get involved though.

              [–]bjh13 9 points10 points  (0 children)

              Oh, your people are on 8 different servers so you need 8 different accounts

              The whole point of being federated is one account allows you to follow people on any of the other servers, so no you don't need 8 different accounts.

              [–]ThePorko -2 points-1 points  (0 children)

              I have never used twitter for that, too much garbage on there. I tend to do podcasts and youtube media.

              [–][deleted] -1 points0 points  (1 child)

              /g/

              [–][deleted] 6 points7 points  (0 children)

              Isn't the /sec/ general completely dead or at the very least only filled with "How to become 1337 haxxor"?

              It's been some time since I checked.

              [–]chicagoandy -1 points0 points  (0 children)

              Um... Reddit.

              [–]Bllago -1 points0 points  (0 children)

              Twitter is full of CSAM. Everyone needs to leave it.

              [–]TulkasDeTX 0 points1 point  (0 children)

              I still get good infosec content, but yeah I'm basically for the same thing, where to go when troll-land finally goes down

              [–]True2this 0 points1 point  (0 children)

              Are you looking for just news feeds or something deeper? I use the open threat exchange from AlienVault. Good community - https://otx.alienvault.com

              [–]manintheflask 0 points1 point  (0 children)

              I find this start[.]me URL pretty useful:
              https://start.me/p/wMrA5z/cyber-threat-intelligence

              [–]netbroom 0 points1 point  (0 children)

              Pulsedive has a free dashboard for infosec news

              [–]flusteredJonnies 0 points1 point  (0 children)

              Dude I was getting the WEIRDEST content on X before I had to delete it because it was absurd. I only follow infosec people. Like half of my timeline became fight videos randomly. Like videos of people fighting liveleak style. Stuff that was so violent I surely thought would violate some policy, but had TONS of engagement.

              Not sure what they changed over there but no matter how often I scrolled past or reported or did behaviors to show the algo I was not interested in the content, it was all over my TL for like a month. Deleted the app as it just insisted on pushing me weird or violent content. Bummed because it was a great news source for a while.

              [–]VAsHachiRoku 0 points1 point  (0 children)

              We pay for threat intel company feeds like Mandiant, along with news and other information. Easier to have it come from a trusted source rather than many toxic places like X and Reddit. These both can draw in people with their own personal agendas and messages.

              [–]Reshi-Snoo 0 points1 point  (0 children)

              Vulnerable U

              Unsupervised learning

              Tl;drsec

              Are my favorite newsletters.