[ Attack ]  Making Meterpreter Look Google-Signed (Using MSI & JAR Files)： https://medium.com/forensicitguy/making-meterpreter-look-google-signed-using-msi-jar-files-c0a7970ff8b7

[ Browser ]  Safari 技术预览版 74 发布： https://webkit.org/blog/8566/release-notes-for-safari-technology-preview-74/

[ Bug Bounty ]  近几年的 Bug bounty writeups 及奖励情况收集列表： https://pentester.land/list-of-bug-bounty-writeups.html

[ Fuzzing ]  使用 DeepState 对 API 进行模糊测试，Part 2： https://blog.trailofbits.com/2019/01/23/fuzzing-an-api-with-deepstate-part-2/

[ Industry News ]  Exchange 审核日志提供了会话信息以更好的分析账户行为，从而更准确的发现攻恶意击者： https://blogs.technet.microsoft.com/exchange/2019/01/04/contextualizing-attacker-activity-within-sessions-in-exchange-online/

[ Industry News ]  有人攻破了 PHP PEAR 网站并篡改了 go-pear.phar 安装包： https://thehackernews.com/2019/01/php-pear-hacked.html

[ iOS ]  IPC Voucher UaF Remote Jailbreak Stage 2： http://blogs.360.cn/post/IPC%20Voucher%20UaF%20Remote%20Jailbreak%20Stage%202.html

[ MalwareAnalysis ]  Trendmicro 针对 Emotet 的深入分析：  https://blog.trendmicro.com/trendlabs-security-intelligence/going-in-depth-with-emotet-multilayer-operating-mechanisms/

[ Pentest ]  通过 regsrv32.exe 绕过 Applocker 应用程序白名单的多种方法：  https://www.hackingarticles.in/bypass-application-whitelisting-using-regsrv32-exe-multiple-methods/

[ Tools ]  Htcap - 一款通过拦截 ajax 调用和 DOM 修改的方式进行 Web 应用扫描的工具 ： https://github.com/fcavallarin/htcap

[ Vulnerability ]  在 Ubuntu 64 位 Chrome 上对 Magellan 漏洞的利用介绍： https://blog.exodusintel.com/2019/01/22/exploiting-the-magellan-bug-on-64-bit-chrome-desktop/

[ Vulnerability ]  ERPNext 的模版注入漏洞： https://medium.com/bugbountywriteup/frapp%C3%A9-technologies-erpnext-server-side-template-injection-74e1c95ec872

[ Vulnerability ]   ghostscript 中可能导致命令执行的漏洞（CVE-2019-6116）披露： https://www.openwall.com/lists/oss-security/2019/01/23/5