资讯类
BleepingComputer的安全专家发现了CryptoMix勒索软件的新变种
http://securityaffairs.co/wordpress/67103/malware/file-cryptomix-ransomware.html
网络攻击开始针对沙特阿美石油公司安全系统
http://nation.com.pk/25-Dec-2017/cyberattack-targets-safety-system-at-saudi-aramco
男子看不惯公司某员工,用网络攻击威胁公司开除并雇佣他
技术类
Fortinet年度威胁趋势回顾
https://www.csoonline.com/article/3243062/security/2017-threat-trends-the-year-in-review.html
命令与控制和Docker的结合
https://blog.obscuritylabs.com/docker-command-controll-c2/
通过FTP获取文件内容的XXE服务器
https://github.com/sxcurity/230-OOB
年度漏洞回顾最终篇:Chakra asm.js中的UAF漏洞
Webspert osCommerce多个漏洞
https://cxsecurity.com/issue/WLB-2017120208
Objective-See 2017恶意软件回顾
https://objective-see.com/blog/blog_0x25.html
CFFL_InteractiveFormFiller::OnBeforeKeyStroke UAF漏洞
https://bugs.chromium.org/p/chromium/issues/detail?id=765384
Docker-Hacklab
https://github.com/ston3o/docker-hacklab
SELinux初学指南
http://linuxtechlab.com/beginners-guide-to-selinux/
Windows基于栈的缓冲区溢出利用 Part 2
https://nytrosecurity.com/2017/12/20/stack-based-buffer-overflows-on-x86-windows-part-ii/
