漏洞 Vulnerability 【补丁二次更新】CVE-2020-5902: F5 BIG-IP 远程代码执行漏洞通告更新 https://cert.360.cn/warning/detail?id=636804bf8fec3049e0a49383db8eb80d CVE-2020-14315:FreeBSD bsdiff高危漏洞 https://www.x41-dsec.de/lab/advisories/x41-2020-006-bspatch/ 安全研究 Security Research Project Zero对 unc0ver 最新越狱所用 0Day 漏洞的分析 https://googleprojectzero.blogspot.com/2020/07/how-to-unc0ver-0-day-in-4-hours-or-less.html Android MX Player：从路径穿越到远程命令执行漏洞分析 https://medium.com/tenable-techblog/android-mx-player-path-traversal-to-code-execution-9134b623eb34 CVE-2020-1300：通过Windows CAB文件造成远程代码执行漏洞 https://www.zerodayinitiative.com/blog/2020/7/8/cve-2020-1300-remote-code-execution-through-microsoft-windows-cab-files 在Windows环境中限制基于SMB的横向移动 https://medium.com/palantir/restricting-smb-based-lateral-movement-in-a-windows-environment-ed033b888721 在Linux中使用命令检测memfd_create（）无文件恶意软件分析 https://www.sandflysecurity.com/blog/detecting-linux-memfd_create-fileless-malware-with-command-line-forensics/ 安全报告 Security Report 千面人:Bigviktor 分析报告 https://blog.netlab.360.com/bigviktor-dga-botnet-cn/ 安全工具 Security Tools Google开源Tsunami漏洞扫描器 https://github.com/google/tsunami-security-scanner