1.2.7.1之前所有版本的git中的path_name()问题函数导致的堆溢出，可导致服务端和客户端远程代码执行

http://seclists.org/oss-sec/2016/q1/645

2.仅仅用10行左右的代码就饶过了杀毒软件检测，为什么杀软看起来如此的无用（此文中的只是饶过杀软的基于特征码的静态检测技术，http://www.sevagas.com/IMG/pdf/BypassAVDynamics.pdf 这篇文章介绍如何饶过杀软的动态检测技术） 

http://www.attactics.org/2016/03/bypassing-antivirus-with-10-lines-of.html

3.黑吃黑：通过使用ZeroAccess的僵尸网络来反射放大攻击DDoSing其他人的僵尸网络 

http://www.malwaretech.com/2016/03/ddosing-with-other-peoples-botnets.html

4.Fuzzing工作流：一个fuzz工作的从开始到结束 

http://foxglovesecurity.com/2016/03/15/fuzzing-workflows-a-fuzz-job-from-start-to-finish/

5.开源的，使用pyvex构建的多架构的ROP编译器 

https://github.com/jeffball55/rop_compiler/tree/master/pyrop

6.有可能导致远程代码执行的s2-029漏洞 

http://struts.apache.org/docs/s2-029.html

7.Codegate 2016: Watermelon关的writeup 

https://hawaiijohn.wordpress.com/2016/03/15/codegate-2016-watermelon/

8.RSPET:一款python编写的反向SHELL和Post Exploitation工具 

https://github.com/panagiks/RSPET

9.暴力破解 EDA2/HiddenTear 2款恶意欺诈软件的私钥的工具 

https://github.com/Demonslay335/hidden-tear-bruteforcer

10.网络罪犯如何在没有车钥匙的情况下HACK你的汽车 

https://blogs.mcafee.com/consumer/keyless-entry-car-hacks/

11.嵌入exe文件到powershell脚本中 

https://truesecdev.wordpress.com/2016/03/15/embedding-exe-files-into-powershell-scripts/

12.加密电话呼叫中不安全的协议设计 

https://www.benthamsgaze.org/2016/01/19/insecure-by-design-protocols-for-encrypted-phone-calls/

13.如何真正的破解sha-1 

https://www.virusbulletin.com/blog/2016/march-2016/how-broken-sha-1-really/

14.恶意软件永驻mac osx的方法 

https://www.virusbulletin.com/uploads/pdf/conference/vb2014/VB2014-Wardle.pdf

15.Netgear路由器（DGN2200型号）的命令执行的POC 

https://github.com/0x3d5157636b525761/bezeq_netgear_exploit_poc_2016/blob/master/bezeq_poc.html

16.Chris Valasek在RSA上谈论汽车破解，IOT安全的视频 

https://threatpost.com/chris-valasek-talks-car-hacking-and-more/116763/

17.通过empire工具进行钓鱼攻击 

http://enigma0x3.net/2016/03/15/phishing-with-empire/

18.TROOPERS安全会议的PPT : 安全评估微软DirectAccess 

https://www.ernw.de/download/TR16_IPv6_Sec_Summit_security_assessment_of_ms_directaccess_presentation.pdf

19.TROOPERS安全会议的PPT : 在ipv6网络中保护你的主机 

https://www.ernw.de/download/ERNW_TR16_IPv6SecSummit_ProtectingHosts.pdf

20.双因子验证（2FA) 和 双步认证(2SV) 的比较 

https://www.grahamcluley.com/2016/03/factor-authentication-2fa-versus-step-verification-2sv/

21.一个DShield SSH蜜罐容器的搭建 

https://isc.sans.edu/diary/Dockerized+DShield+SSH+Honeypot/20845

22.WinDBG的Anti-RootKit扩展插件1.5版本发行 

http://sww-it.ru/2015-02-15/1242#.VuXglsjs4Ig.twitter

23.严防钓鱼攻击：黑客公布CEO的偷税信息 

http://www.jdsupra.com/post/documentViewer.aspx?fid=6579a57e-46cf-4740-bfa4-d4d1b8570204

24.yahoo邮箱的发件人欺骗漏洞 

http://www.theregister.co.uk/2016/03/15/bountifulii_yahooii_plugsii_mailii_spoofingii_bugii