漏洞 Vulnerability CVE-2020-0022: 安卓设备蓝牙漏洞，攻击者无需任何用户交互即可发起RCE攻击 https://threatpost.com/critical-android-bluetooth-bug-enables-rce-no-user-interaction-needed/152699/ Cisco Discovery Protocol (CDP) 5个0day https://www.armis.com/cdpwn/ 恶意软件 Malware Emotet的WIFI蠕虫模块能够入侵附近的Wi-Fi网络以传播给新受害者 https://www.bleepingcomputer.com/news/security/emotet-hacks-nearby-wi-fi-networks-to-spread-to-new-victims/ 安全事件 Security Incident 针对境外黑客宣称攻击境内视频监控系统事件通告 https://cert.360.cn/warning/detail?id=af0b92fa42436cf5ffe64111d69e6e2c 暗网出售五十万印度人的支付卡数据 https://www.hackread.com/dark-web-hackers-selling-indian-payment-card-data/ Facebook的Twitter帐户被臭名昭著的OurMine黑客组织劫持 https://www.grahamcluley.com/facebooks-twitter-account-is-hijacked-by-notorious-ourmine-hacking-group/ 巴西一家在线票务公司FutebolCard泄露了25GB当地球迷隐私数据 https://www.zdnet.com/article/brazilian-firm-exposes-personal-details-of-thousands-of-soccer-fans/ 安全资讯 Security Information PayPal SMS骗局 https://nakedsecurity.sophos.com/2020/02/05/paypal-sms-scams-dont-fall-for-them/ 马斯特里赫特大学勒索软件攻击事件背后的TA505黑客 https://www.bleepingcomputer.com/news/security/ta505-hackers-behind-maastricht-university-ransomware-attack/ 安全研究 Security Research Docker Registry 的错误配置带来的危害 https://www.bleepingcomputer.com/news/security/misconfigured-docker-registries-expose-orgs-to-critical-risks/ WAF对WebShell流量检测的性能分析 https://www.freebuf.com/articles/web/226053.html