漏洞 Vulnerability CVE-2020-1472: NetLogon特权提升漏洞通告 https://cert.360.cn/warning/detail?id=ead0801e639052498d4bf396e08ef775 2020年8月Adobe和Microsoft安全更新回顾 https://www.thezdi.com/blog/2020/8/11/the-august-2020-security-update-review 安全工具 Security Tools 渗透测试POC集合 https://github.com/Mr-xn/Penetration_Testing_POC 安全报告 Security Report 基于TTP的安全狩猎 https://www.mitre.org/sites/default/files/publications/pr-19-3892-ttp-based-hunting.pdf 揭秘工业自动化编程的隐患 https://www.trendmicro.com/vinfo/us/security/news/internet-of-things/unveiling-the-hidden-risks-of-industrial-automation-programming 2020年利用用户进行中继的恶意Tor分析（第一部分） https://medium.com/@nusenu/how-malicious-tor-relays-are-exploiting-users-in-2020-part-i-1097575c0cac Operation PowerFall：利用IE远程代码执行和Windows提权0day的攻击 https://securelist.com/ie-and-windows-zero-day-operation-powerfall/97976/ 骗局：通过传播虚假信息和在线销售欺诈性产品来利用大流行牟取金钱 https://www.riskiq.com/wp-content/uploads/2020/08/ScamNation-RiskIQ-Report.pdf 安全资讯 Security Information 在家里挑战GitLab的CTF https://about.gitlab.com/blog/2020/08/12/how-to-play-gitlab-ctf-at-home/ 山东省德州市构筑政务大数据安全“防火墙” http://www.sd.xinhuanet.com/2020-08/12/c_1126357346.htm 安全研究 Security Research 调试到.NET https://blog.xpnsec.com/debugging-into-net/ CVE-2020-1530漏洞分析 https://symeonp.github.io/2020/12/08/phonebook-uaf-analysis.html 恶意软件与检测产品对抗研究 https://blog.dylan.codes/defending-your-malware/