漏洞 Vulnerability Citrix 多个高危漏洞通告 https://cert.360.cn/warning/detail?id=42fa6a1d975829bf4b46e5eb72bb4d9c CVE-2020-15494，CVE-2020-15493:MGate 5105-MB-EIP系列协议网关漏洞 https://www.moxa.com/en/support/support/security-advisory/mgate-5105-mb-eip-series-protocol-gateways-vulnerabilities CDATA OLT中发现多个漏洞 https://pierrekim.github.io/blog/2020-07-07-cdata-olt-0day-vulnerabilities.html CVE-2020-1300：通过MICROSOFT WINDOWS CAB文件执行远程代码 https://www.zerodayinitiative.com/blog/2020/7/8/cve-2020-1300-remote-code-execution-through-microsoft-windows-cab-files 安全报告 Security Report 千面人:Bigviktor 分析报告 https://blog.netlab.360.com/bigviktor-dga-botnet-cn/ 安全资讯 Security Information HUMAN HACKER：《社会工程：人类黑客的科学》作者高级社会工程师Christopher Hadnagy分享他的故事 https://darknetdiaries.com/episode/69/ 安全研究 Security Research Active Directory漏洞 TOP16 https://www.infosecmatter.com/top-16-active-directory-vulnerabilities/ CVE-2019-19781：Citrix ADC中的远程代码执行漏洞作者，分享如何自己发现漏洞的历程 https://swarm.ptsecurity.com/remote-code-execution-in-citrix-adc/ Microsoft安全体系结构建议 https://docs.microsoft.com/en-us/security/compass/microsoft-security-compass-introduction Citrix安全研究历险记 https://dmaasland.github.io/posts/citrix.html 使用Battle.net Desktop App进行BadWPAD和鱼叉式网络钓鱼 https://blog.redteam.pl/2020/07/badwpad-phishing-battle-net.html 如何实现针对PostgreSQL的远程代码执行 https://srcincite.io/blog/2020/06/26/sql-injection-double-uppercut-how-to-achieve-remote-code-execution-against-postgresql.html 恶意软件 Malware Dridex和Emotet基础架构的相似之处 https://hello.global.ntt/en-us/insights/blog/dridex-and-emotet-infrastructure-overlaps