漏洞 Vulnerability CVE-2020-0668:Windows Service Tracing中的提权漏洞分析 https://itm4n.github.io/cve-2020-0668-windows-service-tracing-eop/ CVE-2020-8950：AMD User Experience Program Launcher 本地提权漏洞Poc https://github.com/sailay1996/amd_eop_poc 安全工具 Security Tools VirusTotal API脚本：从终端扫描恶意样本 https://github.com/TheSecondSun/VTSCAN GDBFrontend：gdb调试的图形化工具 https://github.com/rohanrhu/gdb-frontend 安全资讯 Security Information 2019年开源软件漏洞Top 10 https://resources.whitesourcesoftware.com/blog-whitesource/top-security-open-source-vulnerabilities 2019年Web 攻击技术Top 10 https://portswigger.net/research/top-10-web-hacking-techniques-of-2019 安全研究 Security Research BlueHat IL 2020：.NET攻击面的探索，并对其进行注入——Youtube https://www.youtube.com/watch?v=FuxpMXTgV9s CVE-2019-18683: Linux kernel 中存在于V4L2 子系统的漏洞分析——write-up,Slides,youtube https://twitter.com/ale_sp_brazil/status/1228919432849870849 分析如何攻击Office 365——Slide和工具公布 https://github.com/mdsecactivebreach/o365-attack-toolkit/blob/master/presentation/BSides%20Leeds%20-%20Introducing%20the%20O365-Attack-Toolkit.pdf 使用Binary Ninja分析除零漏洞（Part 1~2） https://medium.com/@cetfor/finding-cwe-369-divide-by-zero-bugs-with-binary-ninja-part-1-e14b484b2551 Linux x86内核中上下文切换过程的演变 https://www.maizure.org/projects/evolution_x86_context_switch_linux/ sudo历史漏洞回顾 https://mp.weixin.qq.com/s/wHwLh0mI00eyRHw8j3lTng BlueHat IL 2020 会议Youtube视频放出 https://www.youtube.com/results?search_query=BlueHat+IL+2020 利用gdb调试Windows 10内核 https://github.com/commial/experiments/tree/master/debugging-secure-kernel 对AWS Cognito的错误配置进行攻击 https://www.notsosecure.com/hacking-aws-cognito-misconfigurations/ 恶意软件 Malware 伊朗黑客通过攻击Pulse Secure，Fortinet，Palo Alto Networks和Citrix VPN入侵大型公司 https://www.zdnet.com/article/iranian-hackers-have-been-hacking-vpn-servers-to-plant-backdoors-in-companies-around-the-world/ 针对以色列士兵的恶意攻击（APT-C-23）分析 https://research.checkpoint.com/2020/hamas-android-malware-on-idf-soldiers-this-is-how-it-happened/ 深入分析最新的Gamaredon间谍活动 https://securityaffairs.co/wordpress/97992/apt/gamaredon-espionage-campaign.html ClearSky 团队对 Fox Kitten – 伊朗间谍活动的研究报告 https://www.clearskysec.com/fox-kitten/