Technical

[Para-Noid]

Microsoft Security Bulletin Summary for March 2017
https://technet.microsoft.com/library/security/ms17-mar.aspx

Looking at the list, it doesn't seem that Microsoft has learnt anything, same issues time and time again, 'Remote Code Execution,' 'Elevation of Privileges,  'Information Disclosure,' etc. etc.

Either that or someone keeps figuring out ways to circumvent Microsoft fixes. Any way you look at Microsoft can't get a handle on it.

[DavidR]

Microsoft Security Bulletin Summary for March 2017
https://technet.microsoft.com/library/security/ms17-mar.aspx

Looking at the list, it doesn't seem that Microsoft has learnt anything, same issues time and time again, 'Remote Code Execution,' 'Elevation of Privileges,  'Information Disclosure,' etc. etc.

Either that or someone keeps figuring out ways to circumvent Microsoft fixes. Any way you look at Microsoft can't get a handle on it.

You would like to hope that MS would actually be testing for these vulnerabilities when the elements are designed.

[Asyn]

Taking Stock: Estimating Vulnerability Rediscovery
https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2928758

[Asyn]

Star Trek Themed Kirk Ransomware Brings us Monero and a Spock Decryptor!
https://www.bleepingcomputer.com/news/security/star-trek-themed-kirk-ransomware-brings-us-monero-and-a-spock-decryptor/

[Asyn]

Zero Days, Thousands of Nights - The Life and Times of Zero-Day Vulnerabilities and Their Exploits
http://www.rand.org/pubs/research_reports/RR1751.html
http://www.rand.org/content/dam/rand/pubs/research_reports/RR1700/RR1751/RAND_RR1751.pdf

[Asyn]

Detecting and eliminating Chamois, a fraud botnet on Android
https://security.googleblog.com/2017/03/detecting-and-eliminating-chamois-fraud.html

[Asyn]

Virtual machine escape fetches $105,000 at Pwn2Own hacking contest
https://arstechnica.com/security/2017/03/hack-that-escapes-vm-by-exploiting-edge-browser-fetches-105000-at-pwn2own/

[Asyn]

DoubleAgent: Taking Full Control Over Your Antivirus
http://cybellum.com/doubleagent-taking-full-control-antivirus/
http://cybellum.com/doubleagentzero-day-code-injection-and-persistence-technique/

PS: https://forum.avast.com/index.php?topic=199290.0 (Forum discussion)

[Asyn]

Necurs Diversifies Its Portfolio
http://blog.talosintelligence.com/2017/03/necurs-diversifies.html

[Asyn]

Diverse protections for a diverse ecosystem: Android Security 2016 Year in Review
https://security.googleblog.com/2017/03/diverse-protections-for-diverse.html
https://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2016_Report_Final.pdf

[Asyn]

Dark Matter
https://wikileaks.org/vault7/darkmatter/

[Pondus]

In case E.T. need to phone home   

The Moon could have its own mobile data network as soon as next year
http://www.wired.co.uk/article/moon-mobile-data-2018

[DavidR]

In case E.T. need to phone home   

The Moon could have its own mobile data network as soon as next year
http://www.wired.co.uk/article/moon-mobile-data-2018

Great the moon will have better communications than many villages on this world.

[Asyn]

Adware Replaces Phone Numbers for Security Firms Returned in Search Results
https://www.bleepingcomputer.com/news/security/adware-replaces-phone-numbers-for-security-firms-returned-in-search-results/

[Asyn]

Number of internet facing vulnerable IIS 6.0 to CVE-2017–7269
https://medium.com/@iraklis/number-of-internet-facing-vulnerable-iis-6-0-to-cve-2017-7269-8bd153ef5812
https://github.com/edwardz246003/IIS_exploit