1、使用PCA对防火墙日志的数据挖掘

http://blog.davidvassallo.me/2015/10/28/data-mining-firewall-logs-principal-component-analysis/

2、使用SCCM对目标工作站进行渗透

https://enigma0x3.wordpress.com/2015/10/27/targeted-workstation-compromise-with-sccm/

3、从过去的20年里学到的10个红队经验

https://www.oodaloop.com/featured/2015/10/22/10-red-teaming-lessons-learned-over-20-years/

4、ARM64 vs ARM32 : 不同框架的linux编程区别

http://www.edn.com/design/systems-design/4440662/3/ARM64-vs-ARM32-What-s-different-for-Linux-programmers

5、jira和hipchat的velocity插件模板注入漏洞的EXP

https://www.exploit-db.com/exploits/38551/

6、使用硬件性能计数器(HPC)实时检测基于缓存的侧信道攻击

http://eprint.iacr.org/2015/1034.pdf

7、通用汽车gm node模块的命令注入

http://davidjorm.blogspot.tw/2015/10/command-injection-in-gm-node-module.html

8、通过AST进行高级js反混淆

http://blog.mindedsecurity.com/2015/10/advanced-js-deobfuscation-via-ast-and.html

9、autopsy python yara 扫描模块

http://blog.4n6ir.com/2015/10/autopsy-python-yara-scan-module.html

10、win10技术预览:增加了阻止不信任字体的功能组件

https://support.microsoft.com/en-us/kb/3053676