漏洞 Vulnerability CNNVD-202005-764: Palo Alto Networks PAN-OS 操作系统命令注入漏洞 http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-202005-764 CVE-2020-12798: Cellebrite UFED 取证设备Windows版权限提升漏洞 https://seclists.org/fulldisclosure/2020/May/34 安全研究 Security Research Android间谍软件框架-Mandrake的深入研究 https://www.bitdefender.com/files/News/CaseStudies/study/329/Bitdefender-PR-Whitepaper-Mandrake-creat4464-en-EN-interactive.pdf Adobe Acrobat Reader中的三个逻辑漏洞分析 https://rekken.github.io/2020/05/14/Security-Flaws-in-Adobe-Acrobat-Reader-Allow-Malicious-Program-to-Gain-Root-on-macOS-Silently/ 使用SharePoint作为网络钓鱼平台 https://research.nccgroup.com/2020/05/14/using-sharepoint-as-a-phishing-platform/ 利用ASN.1(抽象语法标记) Fuzz TLS证书 https://blog.doyensec.com/2020/05/14/asn1fuzz.html CVE-2020-1113: Windows 任务计划安全功能绕过漏洞分析 https://blog.compass-security.com/2020/05/relaying-ntlm-authentication-over-rpc/ 如何滥用Shell中的Arithmetic Expansion https://www.anquanke.com/post/id/205226 安全报告 Security Report 2019年数据泄露调查 报告 https://enterprise.verizon.com/resources/reports/2019-data-breach-investigatioQDns-report.pdf 安全工具 Security Tools SCAT:信号收集和分析工具，通过USB解析高通和三星基带消息 https://github.com/fgsect/scat