[ Android ]  Android 应用沙箱概述： https://pierrchen.blogspot.mk/2016/09/an-walk-through-of-android-uidgid-based.html

[ Android ]  SELinux​ ​for​ ​Android​ ​8.0：  https://source.android.com/security/selinux/images/SELinux_Treble.pdf

[ Bug Bounty ]  英特尔的 Bug 赏金计划更新,本次新增侧信道漏洞项目，奖金设为25万美元：  https://newsroom.intel.com/news/expanding-intels-bug-bounty-program/

[ Malware ]   新型 IoT 僵尸网络 DoubleDoor 组合两个漏洞攻击防火墙后的脆弱 IoT 设备： https://blog.newskysecurity.com/doubledoor-iot-botnet-bypasses-firewall-as-well-as-modem-security-using-two-backdoor-exploits-88457627306d

[ Others ]   评估基于文件哈希的应用程序黑白名单策略的有效性： https://posts.specterops.io/assessing-the-effectiveness-of-hash-based-application-whitelisting-blacklist-rules-fe1cb01975a9

[ Others ]    从 JetBrains IDE 提取服务器的密码，利用这些密码通过 Metasploit 控制服务器：  https://github.com/kacperszurek/pentest_teamcity

[ Protocol ]  窃取 SSH credentials 的另一种方式： https://mthbernardes.github.io/persistence/2018/02/10/stealing-ssh-credentials-another-approach.html

[ SecurityAdvisory ]  Microsoft 发布 2 月安全更新： https://portal.msrc.microsoft.com/en-us/security-guidance/acknowledgments

[ Tools ]  php-exploit-scripts - PHP 漏洞利用脚本收集： https://github.com/mattiasgeniar/php-exploit-scripts

[ Vulnerability ]  TrendNet AUTHORIZED_GROUP 信息泄漏漏洞披露（CVE-2018-7034）： https://blogs.securiteam.com/index.php/archives/3627

[ Windows ]   部署 Windows Defender 应用程序控制的步骤： https://docs.microsoft.com/en-us/windows/security/threat-protection/device-guard/steps-to-deploy-windows-defender-application-control