1.攻击HTTP/2实现
https://yahoo-security.tumblr.com/post/134549767190/attacking-http2-implementations
2.RPISEC的恶意软件分析学习教程
https://github.com/RPISEC/Malware
3.CVE-2015-5677 – FreeBSD bsnmpd信息泄露
https://pierrekim.github.io/blog/2016-01-15-cve-2015-5677-freebsd-bsnmpd.html
4.Roaming通过OpenSSH客户端: CVE-2016-0777 and CVE-2016-0778,其中CVE-2016-0777可通过 构造ssh恶意服务器,有可能泄漏客户端的内存私钥
5.分析恶意文件的cheatsheet
https://zeltser.com/media/docs/analyzing-malicious-document-files.pdf
6.通过一些字节从SMM到用户空间层
https://scumjr.github.io/2016/01/10/from-smm-to-userland-in-a-few-bytes/
7.短URL连接和恶意欺诈软件
https://blog.malwarebytes.org/security-threat/2016/01/when-url-shorteners-and-ransomware-collide/
8.密码hash比较
https://www.cs.auckland.ac.nz/~pgut001/pubs/phc.pdf
9.安全工具聚焦:使用rem-vbswork到移除自动运行的蠕虫
10.cisco部分无线接入点产品包含硬编码的密码
http://securityaffairs.co/wordpress/43597/security/cisco-wireless-points-hardcoded-pwd.html
11.丝绸之路和暗网梦已死
http://www.wired.com/2016/01/the-silk-roads-dark-web-dream-is-dead/