资讯类
Skype更新程序中存在提权安全漏洞
http://www.zdnet.com/article/skype-cannot-fix-security-bug-without-a-massive-code-rewrite/
只需插入 USB 就能黑掉 Linux 设备
国际网络犯罪组织Lazarus——比特币网络钓鱼攻击活动
破坏性的恶意软件在平昌2018年冬奥会上肆意妄为
http://blog.talosintelligence.com/2018/02/olympic-destroyer.html
挖矿活动瞄准安卓用户
Drive-by cryptomining campaign targets millions of Android users
Rapid Ransomware的一个新变种正在通过malspam传播
https://www.bleepingcomputer.com/news/security/rapid-ransomware-being-spread-using-fake-irs-malspam/
技术类
简述Cisco RV132W多个漏洞
https://blogs.securiteam.com/index.php/archives/3590
Evasive恶意软件的热潮
https://blog.minerva-labs.com/the-upsurge-in-evasive-malware
CloudMe未经身份验证的远程缓冲区溢出
https://blogs.securiteam.com/index.php/archives/3669
快速afcd反汇编
http://newosxbook.com/articles/afcdecomposed.html
Debian & VBox Installation + GHDB
https://0x00sec.org/t/penny-os-0x01-debian-vbox-installation-ghdb/5450
NrsMiner:一个构造精密的挖矿僵尸网络
https://www.anquanke.com/post/id/98272
2017年 AI安全风险白皮书
https://www.anquanke.com/post/id/98300
利用缓解技术 – 地址空间布局随机化(ASLR)
https://0x00sec.org/t/exploit-mitigation-techniques-address-space-layout-randomization-aslr/5452
教程:为恶意软件检测创建Yara签名
https://0x00sec.org/t/tutorial-creating-yara-signatures-for-malware-detection/5453
MySQL UDF Exploitation
https://osandamalith.com/2018/02/11/mysql-udf-exploitation/
Antivirus Scanning of a PCAP File
http://www.netresec.com/?page=Blog&month=2018-02&post=Antivirus-Scanning-of-a-PCAP-File
TCP-Starvation
https://github.com/Eplox/TCP-Starvation
一种检测网络中响应者的存在的工具