1.使用docker构建无线渗透测试环境
2.通过有漏洞的api控制尼桑日产LEAF电动车
http://www.troyhunt.com/2016/02/controlling-vehicle-features-of-nissan.html?m=1
3.通过配置错误的CORS,从alexa 1万站点中偷取用户数据
https://ejj.io/misconfigured-cors/
4.恶意软件在日本基础设施网络中沉睡多年
5.PaloAlto GlobalProtect 的web接口DOS漏洞,也有可能产生RCE (https://securityadvisories.paloaltonetworks.com/)
https://securityadvisories.paloaltonetworks.com/Home/Detail/38
6.INNUENDO's RPC for Fun and Profit: 屏幕抓取
http://immunityproducts.blogspot.tw/2016/02/leveraging-innuendos-rpc-for-fun-and.html
7.bitdefender的andorid恶意软件威胁报告(主要是恶意欺诈软件和短信木马)
8.分析一个嵌入payload的恶意.lnk文件
https://isc.sans.edu/diary/Analyzis+of+a+Malicious+.lnk+File+with+an+Embedded+Payload/20763
9.研究发现百度浏览器存在安全与隐私问题
https://citizenlab.org/2016/02/privacy-security-issues-baidu-browser/
10.powershell 5的安全增强功能预览
https://adsecurity.org/?p=2277
11.nostarch出版社出品的carhacking手册图书,可以看免费章节https://www.nostarch.com/download/Car%20Hackers%20Handbook_sample_Chapter5.pdf,反向工程CAN BUS