资讯类
花式熊:德国调查“俄罗斯人的网络攻击”
http://www.bbc.com/news/world-middle-east-43232520
用于加密挖掘的反序列化攻击
http://resources.infosecinstitute.com/deserialization-attacks-crypto-mining/
23000名用户在Trustico-DigiCert Spat中丢失SSL证书
https://www.bleepingcomputer.com/news/security/23-000-users-lose-ssl-certificates-in-trustico-digicert-spat/
安全漏洞的五大方式隐藏在您的IT系统中
http://www.eweek.com/security/top-five-ways-security-vulnerabilities-hide-in-your-it-systems
避免成为加密挖掘机器人:在哪里寻找挖掘恶意软件和如何响应
https://www.securityweek.com/avoid-becoming-crypto-mining-bot-where-look-mining-malware-and-how-respond
Sofacy袭击多个政府实体
Facebook暴露的电子邮件中的漏洞和页面管理员的详细信息
http://securityaffairs.co/wordpress/69630/hacking/facebook-page-administrator.html
技术类
Re: Multiple vulnerabilities in Jenkins plugins
http://seclists.org/oss-sec/2018/q1/202
5种Linux工具帮助从损坏的驱动器中恢复数据
https://news.hitb.org/content/5-linux-tools-help-recover-data-corrupted-drives
D-Link DGS-3000-10TC跨站请求伪造
https://packetstormsecurity.com/files/146612/dlinkdgs300010tc-xsrf.txt
最新然之协同(包含专业版)及喧喧及时聊天系统远程命令执行漏洞详解
https://paper.seebug.org/534/
加密101:ShiOne勒索软件案例研究
https://blog.malwarebytes.com/threat-analysis/2018/02/encryption-101-shione-ransomware-case-study/