漏洞 Vulnerability CVE-2020-1472：NetLogon特权提升漏洞通告 https://www.anquanke.com/post/id/217401 CVE-2020-15598:ModSecurity v3 DoS漏洞 http://seclists.org/fulldisclosure/2020/Sep/32 cisco talos披露Nitro Pro PDF reader多个漏洞 https://blog.talosintelligence.com/2020/09/vuln-spotlight-nitro-pdf-sept-2020.html CVE-2020-14390:Linux kernel slab-out-of-bounds漏洞 https://seclists.org/oss-sec/2020/q3/174 安全工具 Security Tools WMIHACKER – 绕过杀毒软件横向移动命令执行工具 http://feedproxy.google.com/~r/PentestTools/~3/dkRbV_ANAKk/wmihacker-bypass-anti-virus-software.html ActiveDirectoryEnumeration – 通过LDAP枚举AD的工具 https://www.kitploit.com/2020/09/activedirectoryenumeration-enumerate-ad.html 安全资讯 Security Information 2020年Gartner十大安全项目发布 https://www.freebuf.com/articles/network/249842.html Windows 10 Finger命令可以用来下载文件 https://www.bleepingcomputer.com/news/security/windows-10-finger-command-can-be-abused-to-download-or-steal-files/ US CERT警告伊朗APT组织利用多个VPN漏洞 https://us-cert.cisa.gov/ncas/alerts/aa20-259a Adobe为Adobe Media Encoder发布例外安全更新 https://www.bleepingcomputer.com/news/security/adobe-releases-out-of-band-security-update-for-adobe-media-encoder/ 半夜潜入诈骗团伙内部，才明白为什么兼职刷单总被骗钱 https://www.anquanke.com/post/id/217388 安全研究 Security Research Potato家族本地提权分析 https://www.anquanke.com/post/id/217397 DeFi 项目 bZx-iToken 盗币事件分析 https://www.anquanke.com/post/id/217358