漏洞 Vulnerability CVE-2020-1956：Apache Kylin 命令注入漏洞 https://seclists.org/oss-sec/2020/q2/133 CVE-2020-12888：Linux内核vfio DoS漏洞 https://seclists.org/oss-sec/2020/q2/129 CVE-2020-10736：ceph认证绕过漏洞 https://seclists.org/oss-sec/2020/q2/124 DPDK安全漏洞 https://seclists.org/oss-sec/2020/q2/123 安全资讯 Security Information Chrome 83将默认加密DNS请求 https://www.cbronline.com/news/dns-over-https-in-chrome 安全报告 Security Report 卡巴斯基：2020年第一季度IT威胁演变的统计分析 https://securelist.com/it-threat-evolution-q1-2020-statistics/96959/ 安全研究 Security Research LOLSnif–另一个基于Ursnif的目标追踪活动 https://paper.seebug.org/1213/ 通过DNS传输Payloads绕过杀毒软件检查 https://www.peerlyst.com/posts/bypassing-anti-viruses-with-transfer-backdoor-payloads-by-dns-traffic-damon-mohammadbagher?utm_source=twitter&utm_medium=social&utm_content=peerlyst_post&utm_campaign=peerlyst_shared_post HMI固件解密思路 https://mp.weixin.qq.com/s/2qWJVyPeT-L_9lK_bDxQZg 微软发布针对NXNSAttack DNS DDoS攻击的缓解措施 https://www.bleepingcomputer.com/news/security/microsoft-issues-mitigation-for-the-nxnsattack-dns-ddos-attack/ AVWS漏洞扫描实战：HDwiki XSS漏洞发现、利用及修复 https://www.freebuf.com/vuls/200745.html Linux Rootkit如何避开内核检测 https://mp.weixin.qq.com/s/ksFm2271uR1yrMB02cgKsw 权限提升 T1134 Windows 令牌窃取及防御 https://www.secpulse.com/archives/131423.html Vim modeline命令执行漏洞分析（CVE-2019-12735） https://www.anquanke.com/post/id/205669 邮箱伪造之搭建匿名SMTP服务器 https://www.secpulse.com/archives/131408.html RDP补丁安全性分析 https://www.anquanke.com/post/id/205449