I visit /r/netsec a lot. It's a subreddit devoted entirely to information security; the discourse there is pretty high caliber for an open internet forum. Fairly strong signal to noise ratio.

That's not a podcast or blog, but it is a website and it is extremely good for keeping up to date on software security news.