漏洞 Vulnerability IPV6_2292PKTOPTIONS的UAF漏洞导致内核任意读写 https://hackerone.com/reports/826026 安全工具 Security Tools CVE-2020-5902扫描器 https://github.com/aqhmal/CVE-2020-5902-Scanner SNOWCRASH：有效载荷生成器 https://github.com/wintrmvte/SNOWCRASH 在隔离的环境中安装MITER ATT&CK Navigator https://www.vanimpe.eu/2020/07/06/install-mitre-attck-navigator-in-an-isolated-environment/ 安全报告 Security Report 如何执行OSINT风险评估-第一部分 https://medium.com/@CassiusXIII/how-to-perform-an-osint-company-assessment-part-1-7d2cbc08a256 安全资讯 Security Information 研究人员发现两家中国公司的不安全的数据库 https://securityaffairs.co/wordpress/105609/data-breach/chinese-companies-data-leak.html 更好的网络安全取决于了解实际风险和解决正确的问题 https://www.helpnetsecurity.com/2020/07/07/better-cybersecurity/ Android用户遭遇“无法删除的”广告软件 https://threatpost.com/android-users-undeletable-adware/157189/ 朝鲜Lazarus APT窃取了美国和欧盟商店的信用卡数据 https://securityaffairs.co/wordpress/105582/apt/north-korea-lazarus-apt-e-skimming.html 安全研究 Security Research 机器人社会工程学 https://uwspace.uwaterloo.ca/bitstream/handle/10012/16030/Postnikoff_Brittany.pdf Web攻击载荷集合 https://github.com/foospidy/payloads 下载和分析Twitter推文 https://medium.com/@skipreport/downloading-analyzing-twitter-tweets-b5a7abd61bbd 恶意软件 Malware Ekans勒索病毒如何针对工业控制系统 https://www.databreachtoday.com/how-ekans-ransomware-targets-industrial-control-systems-a-14561 Purple Fox EK新增CVE-2020-0674和CVE-2019-1458漏洞利用 https://threatpost.com/microsoft-exploits-purple-fox-ek/157157/