Our field of expertise is very dynamic and always changing. It demands professional penetration testers or ethical hackers to be aware and keep abreast of new technologies, trends, attacks, and vulnerabilities.
There is no excuse for a penetration tester who checks an infrastructure against attacks during the time of Windows 95 and does not assess the possibility of launching an attack on a newly discovered vulnerability that is breaking networks or applications all over the world at the same time.
Important information types and news for staying up-to-date and competent in our profession are:
You can obtain such information from the following sources:
One of the outstanding sources for getting security information and news is Reddit. It's /netsec
channel is highly recommended. Most of the news appear in a couple of hours after being published for the first time and some of the news or papers have live discussions and comments full of useful additional information.
We have provided an approximate overview of the information sources based on our own news aggregation configs, but pentesters compile their own lists of newsfeeds based on their interests and experience.
3.138.134.107