安全报告 Security Report 关于TCP反射攻击的威胁报告 https://blog.radware.com/security/2019/11/threat-alert-tcp-reflection-attacks/ 安全研究 Security Research 通过RDP反向攻击mstsc https://paper.seebug.org/1074/ 用差分模糊测试破坏x86_64指令解码器 https://blog.trailofbits.com/2019/10/31/destroying-x86_64-instruction-decoders-with-differential-fuzzing/ 利用McAfee绕过McAfee检测 https://dmaasland.github.io/posts/mcafee.html 修复远程Windows内核有效负载以绕过Meltdown KVA Shadow https://zerosum0x0.blogspot.com/2019/11/fixing-remote-windows-kernel-payloads-meltdown.html Dexofuzzy – 利用 opcode 序列的方法实现对 Android 恶意软件的相似度聚类 https://www.virusbulletin.com/virusbulletin/2019/11/dexofuzzy-android-malware-similarity-clustering-method-using-opcode-sequence/ 针对雄迈网络摄像头的安全研究 http://0x42424242.in/xiongmai/1 滥用HTTP逐跳请求标头 https://nathandavison.com/blog/abusing-http-hop-by-hop-request-headers 安全工具 Security Tools 一个Ghidra的PCode模拟器 https://github.com/kc0bfv/pcode-emulator 安全资讯 Security Information 在 MacOS平台下 Apple Mail 电子邮件以明文加密方式来保证用户的安全 https://www.zdnet.com/article/apple-mail-on-macos-leaves-parts-of-encrypted-emails-in-plaintext/