CSO Magazine recently released a bunch of really useful security resources. Check them out:

• 10 essential (and free!) security downloads for Windows
• Five free penetration testing tools
• Five steps to successful and cost-effective penetration testing

CSO Online has a great little article about why you shouldn't trust web mail. Check it out and have a good long think about what they say!

I recently found IT Security's list of the 25 most common mistakes in email security.

It an interesting read, although not necessarily all of the advice is up-to-date. For example, blacklisting spam sender addresses is useless these days - every spam i've ever seen uses a fake sender address. But the principle still holds: you should mark a spam message as junk rather than deleting it.

...

ISC has an interesting diary entry about how to respond when people suggest that their computer is not of interest to crackers (often misnamed "hackers").