资讯类
Linus Torvalds认为Linux Spectre补丁是“彻底的垃圾”
中国安全研究员找出安卓利用链受到谷歌奖励112500美元
http://securityaffairs.co/wordpress/68045/hacking/android-exploit-chain-award.html
黑客因针对Skype和Google的DDoS攻击而入狱
http://www.zdnet.com/article/hacker-jailed-for-ddos-attacks-against-pokemon-skype-and-google/
英国500强律师事务所证书在暗网上泄露
http://www.zdnet.com/article/uk-top-500-legal-firms-credentials-leaked-on-the-dark-web/
在野勒索软件desuCryptd存在DEUSCRYPT and Decryptable变体
技术类
EvilTraffic行动分析报告
http://csecybsec.com/download/zlab/20180121_CSE_Massive_Malvertising_Report.pdf
你不知道的区块链
https://mp.weixin.qq.com/s/eiVszU0mZ49WIMfrOEvgeA
SSRF To RCE in MySQL
https://mp.weixin.qq.com/s/9vk-H36erencugdYca9qXA
macOS与时间戳检测
http://cyberforensicator.com/2018/01/21/detection-of-backdating-the-system-clock-in-macos
线程本地缓存
https://0x00sec.org/t/heap-safari-thread-local-caching/5054/1
Qualcomm EDL Programmers
https://alephsecurity.com/2018/01/22/qualcomm-edl-1
华硕Unauthenticated LAN远程命令执行
https://blogs.securiteam.com/index.php/archives/3589
初学者指南Burpsuite有效负载(第1部分)
Google Forms(WordPress插件)SSRF漏洞
https://klikki.fi/adv/wpgform.html
逆向工程之TEC-06串行协议
https://syonyk.blogspot.co.uk/2018/01/reverse-engineering-tec-06-serial.html
macro_pack —— 一个用于自动生成混淆过的 MS Office 文档工具