Staying up-to-date in infosec

tl;dr just subscribe to r/netsec on reddit.
The following is a list of sources to help you stay up-to-date in infosec. If you’re just starting out it probably still can’t hurt to read some of the posts and try to understand them. More often than not they’ll also point you to introductory resources for the topic.

Mailing lists

• full-disclosure
• bugtraq
• oss-sec

IRC channels (freenode)

• #metasploit
• #pwning
• #droidsec
• ##security

Talks from various conferences

Usually the slides (and possibly white papers or even videos) of the talks will be published on the conference website a couple of days after the conference ended. These are often a great way to learn about current research in the infosec community.

• Chaos Communication Congress (C3)
• Infiltrate Con
• BlackHat
• DefCon
• CanSecWest
• SyScan
• HITB
• Hack.lu

Blogs from various companies

A lot of companies active in the infosec industry have their own research blogs. There’s usually quite a lot of good content on those, so you’re encouraged to check them out. Again you probably want to subscribe to r/netsec since new blog posts will usually be posted there as well.

• Exodus Intelligence
• Vupen
• Include Security
• Azimuth
• Accuvant Labs
• Matasano
• MWR Labs
• SektionEins
• Phenoelit

Other

• Phrack
• PoC||GTFO

In general most of the interesting stuff sooner or later ends being posted to r/netsec on reddit. Twitter is probably a bit faster but there you’ll obviously need to know who to follow first ;)