漏洞 Vulnerability 微软周二补丁日修复了 IE 0day 和 其他98个漏洞 https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2020-Feb CVE-2019-19363：Windows Ricoh 打印机驱动本地提权漏洞分析 https://www.pentagrid.ch/en/blog/local-privilege-escalation-in-ricoh-printer-drivers-for-windows-cve-2019-19363/ CVE-2019-18634：sudo 提权漏洞分析 https://www.anquanke.com/post/id/198481 从 Interfaces.d 到 RCE：Mozilla WebThings IoT 网关漏洞挖掘 https://research.nccgroup.com/2020/02/10/interfaces-d-to-rce/ 安全工具 Security Tools 对一款自动化利用引擎 Rex 的分析 https://xz.aliyun.com/t/7179 一个红队工具集 Cheet-Sheet https://0xsp.com/offensive/red-teaming-toolkit-collection 安全研究 Security Research 剖析 Windows Defender 驱动程序-WdFilter（第1部分） https://n4r1b.netlify.com/en/posts/2020/01/dissecting-the-windows-defender-driver-wdfilter-part-1/ AWS 无服务 (Serverless) LambdaHello World实践与安全防护简析 https://www.freebuf.com/articles/network/226014.html Portswigger XSS Cheet-Sheet 2020 更新版 https://portswigger.net/web-security/cross-site-scripting/cheat-sheet 使用 AFL 和 KLEE 分析 Linux 内核 https://blog.grimm-co.com/post/analyzing-the-linux-kernel-in-userland-with-afl-and-klee/ 手机安全测试集 Cheet-Sheet https://github.com/randorisec/MobileHackingCheatSheet Antimalware Scan Interface (AMSI)-反恶意软件扫描接口的绕过 https://mp.weixin.qq.com/s/gokOcTH9pL9XKsDWvaM6lQ projectzero : Chrome bug 详细分析（part2） https://googleprojectzero.blogspot.com/2020/02/several-months-in-life-of-part2.html projectzero：Chrome bug 详细分析（part1） https://googleprojectzero.blogspot.com/2020/02/several-months-in-life-of-part1.html 恶意软件 Malware 卡巴斯基：追踪 kbot 恶意软件 https://securelist.com/kbot-sometimes-they-come-back/96157/ Kimsuky：鱼叉钓鱼之王 Kimsuky 分析 https://otx.alienvault.com/pulse/5e42fd9c9fa37be52610c5c5