How to stay up to date with cybersecurity threats

Cyber threats continue to change, evolve; every day new TTP, blog post, stories are published by vendors, mainstream media and individuals.
So, during the years, I selected various resources that help me to stay up to date to what is happening in the wild.

My main source of information are RSS feeds and newsletters, but I also use X (ex twitter), Linkedin and Reddit.

To have all RSS feeds that I follow in one place, I use a RSS Feed reader.
There are many avaiable, personally I use Inoreader.
A capability of Inoreader that I suggest to use is the highlighters.
This helps to spot the terms that are considered most important while skimming through the RSS feeds.

I personally decided to organize my feed in three sections: one contains the RSS feeds related to non mainstream websites, vendors, blogs (e.g Microsoft, Google, ESET, researchers…), the second contains the RSS feeds related to the mainstream websites (e.g The Hacker news, Bleeping computer…), the third contains the newsletters feeds.
Newsletters are a good alternative to remain up to date without the need to check the feeds every day.

On github I published the list of RSS feeds that I use, divided by sections. Feel free to import them in the RSS Feed reader you are using.
Link to the github page: CyberSecurity-RSS-feeds

In addition to the RSS feeds I also use X (ex Twitter) and Linkedin to follow specific individuals that publish things related to the topics I am most interested in at this time: Cyber Threat Intelligence (CTI) and Digital Forensics and Incident Response (DFIR).

For those who prefer listening to reading, podcasts are a valid alternative.
In that regard, I recommend these podcasts that provide a daily/weekly cyber security news summary:

• CyberWire Daily
• SANS Internet Storm Center Podcast
• Risky Business News podcast
• Risky Bulletin

Note that the sources that you are going to use depends highly of what the requirements are, and the requirements can change over time.
All the sources provided till now are free, but if a budget is available, threat inteligence platforms (TIP), Information Sharing and Analysis Centers (ISAC) and so on must be integrated as a source of information.

Should you have any suggestions or comments, please feel free to contact me.