漏洞 Vulnerability WordPress Lead Plus X WordPress插件中的严重漏洞 https://www.wordfence.com/blog/2020/04/critical-vulnerabilities-in-the-wp-lead-plus-x-wordpress-plugin/ CNVD-2020-21803:Mozilla Firefox和Firefox ESR内存错误引用漏洞 https://www.cnvd.org.cn/flaw/show/CNVD-2020-21803 CNVD-2020-21802 Mozilla Firefox和Firefox ESR内存错误引用漏洞 https://www.cnvd.org.cn/flaw/show/CNVD-2020-21802 CNVD-2020-18686：宝塔Linux面板存在逻辑缺陷漏洞 https://www.cnvd.org.cn/flaw/show/CNVD-2020-18686 安全资讯 Security Information 7场针对流行病的医疗保健机构的网络攻击 https://businessinsights.bitdefender.com/7-cyberattacks-against-pandemic-stressed-healthcare-orgs?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+BusinessInsightsInVirtualizationAndCloudSecurity+%28Business+Insights+In+Virtualization+and+Cloud+Security%29 火眼：由COVID-19驱动的网络威胁格局的有限变化 https://www.fireeye.com/blog/threat-research/2020/04/limited-shifts-in-cyber-threat-landscape-driven-by-covid-19.html Maze勒索软件运营商披露了来自药物测试公司HMR的数据 https://securityaffairs.co/wordpress/101247/data-breach/maze-ransomware-hmr-leak.html 以Skype为主题的应用程序隐藏了大量恶意软件 https://threatpost.com/skype-apps-hide-malware/154566/ 安全报告 Security Report 【更新】新型勒索软件WannaRen风险通告 https://cert.360.cn/warning/detail?id=2f45e9274a8a894c2b358903a6f6115f “震网”三代和二代漏洞技术分析报告 https://cert.360.cn/report/detail?id=3e6f34de3afb14cfd6cd65231e16790b 2019年的垃圾邮件和网络钓鱼报告 https://securelist.com/spam-report-2019/96527/ 微软在全球危机中共享新的威胁情报和安全指导 https://www.microsoft.com/security/blog/2020/04/08/microsoft-shares-new-threat-intelligence-security-guidance-during-global-crisis/ Dark Nexus：一个针对广泛设备的新型物联网僵尸网络分析报告 https://www.bitdefender.com/files/News/CaseStudies/study/319/Bitdefender-PR-Whitepaper-DarkNexus-creat4349-en-EN-interactive.pdf 安全研究 Security Research 模糊测试器开发流程-Part-1 https://h0mbre.github.io/Fuzzing-Like-A-Caveman/ 模糊测试器开发流程-Part-2 https://h0mbre.github.io/Fuzzing-Like-a-Caveman-Part-2/ tomcat幽灵猫分析 https://xz.aliyun.com/t/7510 基于纯软件环境的AVR逆向分析 https://www.anquanke.com/post/id/202256 BlueBorne 之 CVE-2017-0785 原理分析 https://www.anquanke.com/post/id/202575