At Pistachio we try to encourage an active engagement with the world of security news - but we also recognize that there are a lot of news sources out there, and that people’s tastes and preferences have a lot to say in whether they’ll engage with any one of them.
To address this, we’ve compiled a list of sources in a variety of formats and flavors, to maximize your chances of finding one that resonates with you. Enjoy!
Podcasts
This surprisingly jovial podcast has a laser focus on phishing, social engineering and other forms of internet scam activity. This eliminates a lot of tech talk, making most of their content universally approachable.
A highly detailed and occasionally irreverent take on security news from a pleasant team of seasoned cybersecurity professionals. They cover the whole cybercrime and spycraft gamut, from tech to human to politics.
Hosted by a delightful security industry veteran, this podcast manages the impossible feat of maintaining an approachable style while doing serious technical deep dives whenever an interesting topic arrives. Highly recommended for all audiences.
A well-researched “true crime”-style podcast featuring stories from the internet’s sweaty underbelly. It often includes first-hand accounts from hackers and cybercriminals, as well as those who find their lives impacted by them.
Social Media
Subreddits!
Having cybersecurity news on your reddit home page is a nifty gain for zero effort (assuming you use reddit in the first place). Highly recommended.
A forum dedicated to “Anything that good hackers would find interesting”. This occasionally includes cybersecurity and cybercrime, but also comics, octopus society, science drama and ways to run doom on devices that shouldn’t run doom.
Youtube
A villainous German media company created a clone of Michael Cera, but due to pod contamination he turned into a hacker instead of an actor. He now spends his time breaking down NSO group iPhone exploits, dispensing phishing advice and using Minecraft to illustrate red team techniques.
True to its name, this channel goes deep into the details of exploits, vulnerabilities and cybersecurity news. We mean Titan Submersible-deep, it’s wild. Hop onboard, and enjoy the ride!
If you’re a fan of the loud youtuber tone of voice, or you’re a deaf person who watches youtube with captions, Hammond is a definite recommendation. Phishing post-mortems, phishing technique analysis, malware breakdowns and more, all with a heavy focus on general accessibility - this channel can be a really good source of educational infosec content.
Websites
Well-researched in-depth articles by Brian Krebs - the internet’s security news artisan. His blog is a wellspring of content for literally every other outlet on this list.
Available both as a website and an email newsletter, this resource is for those who appreciate the Risky Business podcast but generally prefer to read rather than listen.
The Register (Security section)
A peculiar technology site that attempts to deliver all its news with a bit of cheek. Their mission statement might be the weirdest in the tech biz, but they’re doing a good job at delivering on it.
While not as comprehensive as some other outlets, TechCrunch will reliably deliver reader-friendly news stories that you can send to your boss and colleagues, as well as that one aunt who consumes all her TV shows via torrenting.
Not to be confused with Hacker News, this site provides diligent coverage of the most important news events in the cybersecurity world.
A digital forensics organization that focuses on anti-democratic government-backed cybercrime activities. Famously, they are the organization that uncovered many of the recent NSO Pegasus spyware 0-days.
This site seems to be tailored for CISO’s, and beneath its dry corporate surface you’ll find even more layers of dry corporate surface, but they do their research well. Their Malware and Threats section is the most relevant one to most readers.
