1、威胁聚焦:Cryptowall4 – 演变继续

http://blogs.cisco.com/security/talos/cryptowall-4

2、新银行木马TELAX(针对在巴西的葡萄牙语用户)滥用GOOGLE云服务(做为下载主机)

http://research.zscaler.com/2015/12/new-spy-banker-trojan-telax-abusing.html?

3、经典黑客工具l0phtcrack的历史

http://www.slideshare.net/cwysopal/history-of-l0phtcrack

4、微软windows媒体中心库解析问题导致RCE的POC

https://www.exploit-db.com/exploits/38911/

5、微软WINDOWS媒体中心链接文件不正确解析参考POC

https://www.exploit-db.com/exploits/38912/

6、Microsoft Office / COM 对象  els.dll DLL Planting (MS15-134)的POC

https://www.exploit-db.com/exploits/38918/

7、转换SHELLCODE到PE文件 (32和64位)

http://www.hexacorn.com/blog/2015/12/10/converting-shellcode-to-portable-executable-32-and-64-bit/

8、metasploit发布DNS fuzzing辅助模块

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/fuzzers/dns/dns_fuzzer.rb

9、解析代理日志的POWERSHELL脚本

https://gist.github.com/subTee/88cdc379444121b39883

10、攻击MPLS网络的PPT

https://labs.mwrinfosecurity.com/system/assets/1156/original/_G._Geshev__Warranty_Void_If_Label_Removed.pdf

11、通过使用亚马逊EC2容器服务和DOCKER来管理你的应用部署

http://blogs.aws.amazon.com/security/post/Tx3UTL7PQ6796V5/How-to-Govern-Your-Application-Deployments-by-Using-Amazon-EC2-Container-Service

12、深入分析域名自动生成(DGA)恶意软件

https://www.botconf.eu/wp-content/uploads/2015/12/OK-P06-Plohmann-DGArchive.pdf

13、google安全团队发现AVAST多个漏洞

https://code.google.com/p/google-security-research/issues/detail?id=549#c1

https://code.google.com/p/google-security-research/issues/detail?id=552#c1

https://code.google.com/p/google-security-research/issues/detail?id=551#c1

https://code.google.com/p/google-security-research/issues/detail?id=554#c1

14、攻击组织购买BIFROSE代码,进行协同工作

http://blog.trendmicro.com/trendlabs-security-intelligence/new-targeted-attack-group-buys-bifrose-code-works-in-teams/

15、rovnix下载者更新sinkhole和时间检测

https://blogs.mcafee.com/mcafee-labs/rovnix-downloader-sinkhole-time-checks/

16、Burp Clickbandit:一个基于javascript的clickjacking poc生成器

http://blog.portswigger.net/2015/12/burp-clickbandit-javascript-based.html