漏洞 Vulnerability CVE-2020-0796：(SMBGhost) SMBv3协议“蠕虫级”漏洞分析及 POC 编写指南 https://ricercasecurity.blogspot.com/2020/04/ill-ask-your-body-smbghost-pre-auth-rce.html CVE-2020-8835：Linux Kernel 信息泄漏/权限提升漏洞分析 https://mp.weixin.qq.com/s/XteBFMBI_j8R6uateNK_YQ CVE-2020-1967：SSL_check_chain 中的段错误 https://www.openssl.org/news/secadv/20200421.txt 多个 Foxit PDF Reader, PhantomPDF 漏洞披露，可导致远程代码执行 https://threatpost.com/foxit-pdf-reader-phantompdf-remote-code-execution/154942/ IBM 数据风险管理的多个 0 day 披露 https://seclists.org/fulldisclosure/2020/Apr/33 安全报告 Security Report 复杂风控场景下，如何打造一款高效的规则引擎 https://www.secpulse.com/archives/128906.html 安全资讯 Security Information 火眼：Mandiant Intelligence 漏洞管理建设-漏洞评级部分 https://www.fireeye.com/blog/threat-research/2020/04/how-mandiant-intelligence-rates-vulnerabilities.html 黑客在暴露其IP地址后返还 2500 万美元 https://www.hackread.com/hacker-returns-25m-after-ip-address-exposed/ 安全研究 Security Research Weblogic t3 协议回显穿透 nat 以及获取内网地址 https://paper.seebug.org/1180/ 针对 Rootkit 的防御检测指南 https://labs.jumpsec.com/2020/04/20/a-defenders-guide-for-rootkit-detection-episode-1-kernel-drivers/ 域渗透——DNS记录与MachineAccount https://3gstudent.github.io/3gstudent.github.io/ 恶意软件 Malware 与 APT 间谍活动有关的移动恶意软件集合 https://www.blackberry.com/content/dam/blackberry-com/asset/enterprise/pdf/direct/mobile-malware-report.pdf 趋势科技：Gamaredon APT 组织在最新的活动中使用 Covid-19 做为诱饵 https://blog.trendmicro.com/trendlabs-security-intelligence/gamaredon-apt-group-use-covid-19-lure-in-campaigns/ PoetRAT：一款 python RAT 使用 COVID-19 做为诱饵攻击 Azerbaijan 公共和私营部门 https://blog.talosintelligence.com/2020/04/poetrat-covid-19-lures.html 使用 COVID-19 诱饵针对叙利亚进行网络攻击活动披露 https://blog.lookout.com/nation-state-mobile-malware-targets-syrians-with-covid-19-lures 使用 Slack referrer URL 进行的钓鱼活动曝光 https://perception-point.io/resources/incident-reports/phishing-attempt-using-slack-referrer-url/