541

“Red October” - part two, the modules
http://www.securelist.com/en/blog/208194091/Red_October_part_two_the_modules

542

Google Declares War on the Password
http://www.wired.com/wiredenterprise/2013/01/google-password/all/

543

Hiding in Plain Sight: The FAKEM Remote Access Trojan
http://blog.trendmicro.com/trendlabs-security-intelligence/hiding-in-plain-sight-the-fakem-remote-access-trojan/
http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-fakem-rat.pdf

544

Red October Attackers Shutting Down C&C Infrastructure
http://threatpost.com/en_us/blogs/red-october-attackers-shutting-down-cc-infrastructure-011813

545

‘Reporters without Borders’ website misused in wateringhole attack
http://blog.avast.com/2013/01/22/reporters-without-borders-website-misused-in-wateringhole-attack/

546

Pwn2Own 2013
http://dvlabs.tippingpoint.com/blog/2013/01/17/pwn2own-2013

547

Megafail
http://fail0verflow.com/blog/2013/megafail.html

548

Attacking the Windows 7/8 Address Space Randomization
http://kingcope.wordpress.com/2013/01/24/attacking-the-windows-78-address-space-randomization/

549

Laser Precision Phishing — Are You on the Bouncer’s List Today?
http://blogs.rsa.com/laser-precision-phishing-are-you-on-the-bouncers-list-today/

550

Memory Errors: The Past, the Present, and the Future
http://www.isg.rhul.ac.uk/sullivan/pubs/tr/technicalreport-ir-cs-73.pdf

551

Security Flaws in Universal Plug and Play: Unplug, Don’t Play
https://community.rapid7.com/community/infosec/blog/2013/01/29/security-flaws-in-universal-plug-and-play-unplug-dont-play
https://community.rapid7.com/servlet/JiveServlet/download/2150-1-16596/SecurityFlawsUPnP.pdf

552

Mozilla pulling plug on auto-running nearly all plugins
http://www.h-online.com/security/news/item/Mozilla-pulling-plug-on-auto-running-nearly-all-plugins-1794162.html
https://blog.mozilla.org/security/2013/01/29/putting-users-in-control-of-plugins/

553

Effect of Grammar on Security of Long Passwords
https://www.cs.cmu.edu/~agrao/paper/Effect_of_Grammar_on_Security_of_Long_Passwords.pdf

554

Lucky Thirteen: Breaking the TLS and DTLS Record Protocols
http://www.isg.rhul.ac.uk/tls/
http://www.isg.rhul.ac.uk/tls/TLStiming.pdf

555

Packets of Death
http://blog.krisk.org/2013/02/packets-of-death.html
http://communities.intel.com/community/wired/blog/2013/02/07/intel-82574l-gigabit-ethernet-controller-statement
http://www.wired.com/wiredenterprise/2013/02/packet-of-death/
http://blog.krisk.org/2013/02/packets-of-death-update.html

556

Malware: Dollar Equals Tilde Square Brackets
http://blog.avast.com/2013/02/14/malware-dollar-equals-tilde-square-brackets/

To deobfuscate the payload, you can use our in-house developed deobfuscator (http://dollar.zikin.cz/)
557

FROST: Forensic Recovery Of Scrambled Telephones
https://www1.informatik.uni-erlangen.de/frost
http://www1.cs.fau.de/filepool/projects/frost/frost.pdf

558

Digging Into the Sandbox-Escape Technique of the Recent PDF Exploit
http://blogs.mcafee.com/mcafee-labs/digging-into-the-sandbox-escape-technique-of-the-recent-pdf-exploit

559

Vulnerabilities served up
http://www.h-online.com/security/news/item/Vulnerabilities-served-up-1810524.html
http://www.theregister.co.uk/2013/02/21/punkspider/
http://punkspider.hyperiongray.com/

560

Bypassing Google’s Two-Factor Authentication
https://blog.duosecurity.com/2013/02/bypassing-googles-two-factor-authentication/