漏洞 Vulnerability whatapp XSS漏洞导致本地文件读取 https://www.perimeterx.com/resources/blog/2020/perimeterx-researcher-finds-vulnerability-in-whatsapp/ CVE-2020-7799 : Apache FreeMarker模板FusionAuth远程代码执行漏洞通告 https://www.anquanke.com/post/id/198036 安卓2月份漏洞 https://source.android.com/security/bulletin/pixel/2020-02-01 安全工具 Security Tools 美APT 方程式组织DOUBLEPULSAR工具远程执行代码工具 https://cxsecurity.com/issue/WLB-2020020016 日本CERT发布Windows OS的Emotet检测工具 https://github.com/JPCERTCC/EmoCheck 恶意软件 Malware FIN7 APT组织样本分析 https://labs.sentinelone.com/fin7-malware-chain-from-office-macro-malware-to-lightweight-js-loader/ 安全报告 Security Report 南亚APT组织借新冠疫情对我国医疗机构发起定向攻击 https://www.anquanke.com/post/id/198043 Unit 42云威胁报告 https://unit42.paloaltonetworks.com/cloud-threat-report-intro/ 安全资讯 Security Information NSA对其他网络强国的看法 https://www.businessinsider.in/defense/news/outgoing-nsa-legal-chief-warns-hacking-threats-from-russia-china-and-iran-are-as-dangerous-to-the-us-as-climate-change/articleshow/73911521.cms 黑客利用Twitter Bug查找用户的电话号码 https://privacy.twitter.com/en/blog/2020/an-incident-impacting-your-account-identity 安全研究 Security Research TA505组织使用HTML重定向攻击 https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/ 安全基线检查平台 https://www.freebuf.com/sectool/225224.html 上传绕过WAF姿势与防御漫谈 https://www.freebuf.com/articles/web/226000.html CVE-2020-0646：SharePoint RCE漏洞分析 https://www.anquanke.com/post/id/197770 论代码审计中的SQL注入和预编译中的SQL注入 https://www.anquanke.com/post/id/198068 Gamaredon APT改进了针对乌克兰政府，军事的工具集 https://labs.sentinelone.com/pro-russian-cyberspy-gamaredon-intensifies-ukrainian-security-targeting/