If you need to be up-to-date about security related information then subscribing to mailing lists is often the most effective solution.
Department of Physics
More newsletters are available from the Informatikdienste, please subscribe to them if you're running machines in the ETH network:
- Sympa https://sympa.ethz.ch/ (description)
- inputflash - monthly newsletter of the central IT support
- allib - discussion list of system administrators, 2-3 mails per week
- ETH-Web - discussion list of web designers, less than 1 mail per week
- Email-Admin - discussion list of E-Mail administrators, less than 1 mail per week
- Message Tree http://www.messagetree.ethz.ch/\ - Subscribe to the whole Sicherheit / Security tree. It's less than a mail per week.
Software vendors typically announce their security patches via mailing lists. When operating a system, you should subscribe to those lists to get up to date information about patches, updates etc. Here's a showcase collection of such lists. They're all low volume lists with typically less than one mail per week:
- Windows http://www.microsoft.com/technet/security/bulletin/notify.mspx
- Debian http://lists.debian.org/debian-security-announce/
Two big mailing lists are currently discussing about security problems. Subscribe to them in case you like (or need to) be on the bleeding edge. You will get a lot of mails, quite often also mails which can mess with your mailclient (Outlook, Thunderbird, ...). Do not subscribe unless you now what you are doing
- BUGTRAQ http://www.securityfocus.com/archive - Moderated discussion list, about 10 ~ 20 mails per day
- Full-Disclosure https://lists.grok.org.uk/mailman/listinfo/full-disclosure - Non moderated discussion list, about 30 ~ 50 mails per day
Critical problems are currently usually cross posted between both lists and subscribing to BUGTRAQ should be enough.