Recently I did a little poking around the Internet for security information sources that I don't already regularly read. Over the past few days, I've discovered a few sites that you might find useful.
When I heard that Mozilla Foundation was starting Mozilla Corporation, I went to read about that and subsequently came across a huge list of Mozilla-related blogs. Many of them are written by developers and contain some information related to security or are written by people involved directly with Mozilla product security. So if you use Mozilla software, take time to go through the extensive list at MozillaZine, where you'll find dozens of useful blogs.
Another place you can find a huge list of blogs is at Microsoft's Web site. The company hosts some blogs on the Microsoft Developer Network (MSDN). I didn't count how many are listed there, but I can tell you there are a lot! The first URL lists the most recent posts; the second URL lists the blogs by blog name.
You can also visit the Microsoft Community Blog site, where you can find even more blogs, all of which are written by Microsoft employees. If you use the search facility at that site to search for "security," you'll find that 25 blogs contain that word in either their title or description. I subscribe to the Really Simple Syndication (RSS) feeds of many of them, and they usually contain interesting information, although I will warn you that you might have to endure the occasional post about somebody's weekend or vacation adventures.
Another blog you might be interested in is written by the Microsoft Internet Explorer (IE) development team. Keep an eye on that one if you're interested in the upcoming IE 7.0 (at the first URL below). Likewise you can keep tabs on the development of Windows Vista and its RSS features by reading the blog of the developers on Microsoft's RSS team (at the second URL below).
You probably know who Mark Russinovich is, but did you know he has a blog? I didn't realize that until last week. So now I subscribe to his RSS feed. It's a very interesting blog, and as you probably suspect, it does contain very technical discussion and information. Be sure to check it out.
Another interesting site I recently found is Spamfo.co.uk, which offers information pertaining to spam, including a lot of recent news items. If spam is a real bother to you, you might want to check in on the site once in a while.
Last, but certainly not least, is Risks Digest, which has information about security problems and a wide variety of other risks. You might already know about it because it's been around for 20 years. In essence, Risks Digest is a moderated discussion forum on Usenet (comp.risks) that's republished on various Web sites and can be obtained via email as well as in a Resource Description Framework (RDF) feed, which should work in most popular RSS feed reader applications. You can preview recent digests at the Web site below.
When you take time to review these sites, you'll find that not only do they contain useful information but that there are probably far more interesting information sources than you can possibly read in a reasonable period of time. Nevertheless, you could at least bookmark the sites that interest you and refer to them when the need arises.