1、cloudflare开启通用DNSSEC,为每个域名增加DNS安全
https://blog.cloudflare.com/introducing-universal-dnssec/
2、通过硬件可视化实现收集和分析恶意软件
http://tklengyel.com/thesis.pdf
3、分析darkhotel木马的"just-in-time"解密
http://labs.lastline.com/defeating-darkhotel-just-in-time-decryption
4、aamo:android恶意软件混淆工具
5、adobe flash CVE-2015-7663 分析以及缓解措施
https://www.endgame.com/blog/adobe-flash-vulnerability-cve-2015-7663-and-mitigating-exploits
6、THC-IPV6-ATTACK-TOOLKIT:知名黑客thc组织的ipv6攻击工具包发行
https://github.com/vanhauser-thc/thc-ipv6
7、Minnowboard Max: Booting Linux Securely
http://prosauce.org/blog/2015/10/31/booting-linux-securely
8、mac osx上的cukoo沙盒
https://www.honeynet.org/node/1275
9、nccgroup发行的基于公网的IP信誉数据来生成Snort规则的工具
https://github.com/nccgroup/IP-reputation-snort-rule-generator
10、Dissecting Inline Hooks
http://www.binaryguard.com/bgc/malware/sandbox/2015/11/09/dissecting_inline_hooks.html
11、linux欺诈软件使用time()生成密钥,导致加密key可以预测
http://labs.bitdefender.com/2015/11/linux-ransomware-debut-fails-on-predictable-encryption-key/
12、pledge:openbsd项目,一个新的缓解机制
http://www.openbsd.org/papers/hackfest2015-pledge/mgp00001.html
13、Jenkins非认证账户恢复漏洞
https://www.exploit-db.com/exploits/38664/
14、CVE-2015-6038:微软offcie excel非初始化指针远程代码执行漏洞
http://www.zerodayinitiative.com/advisories/ZDI-15-543/
15、CVE-2015-6094(MS15-116):微软offcie excel UAF远程代码执行漏洞
http://www.zerodayinitiative.com/advisories/ZDI-15-546/
16、MS15-118 – Important: Security Update for .NET Framework to Address Elevation of Privilege (3104507) – Version: 1.0 (.net framework提权漏洞)
https://technet.microsoft.com/en-us/library/security/MS15-118
17、bookworm木马分析
http://researchcenter.paloaltonetworks.com/2015/11/bookworm-trojan-a-model-of-modular-architecture/
文章原文链接:https://www.anquanke.com/post/id/82887