漏洞 Vulnerability CVE-2020-25649 FasterXML jackson-databind XXE漏洞 https://www.ehackingnews.com/2020/12/updated-malware-vietnamese-hacking.html?utm_source=dlvr.it&utm_medium=twitter 用友TurboCRM存在未授权访问漏洞 https://www.cnvd.org.cn/flaw/show/CNVD-2020-59799 NSA报告了最近披露的CVE-2020-4006 VMware零日漏洞 https://securityaffairs.co/wordpress/111928/security/vmware-zero-day-vulnerability.html 安全工具 Security Tools Go365：Office365用户攻击工具 https://securityonline.info/go365-office365-user-attack-tool/ 安全资讯 Security Information 数亿Android用户由于CVE-2020-8913遭受黑客攻击 https://securityaffairs.co/wordpress/111911/mobile-2/android-cve-2020-8913-flaw.html 安全研究 Security Research Java安全之CC4链 https://www.sec-in.com/article/640 内网技巧-RDP劫持及利用hash登录 https://xz.aliyun.com/t/8574 红蓝对抗中的溯源反制实战 https://mp.weixin.qq.com/s/Dswz7lxNpW5yLxmWKtqY6Q Cobalt Strike 4.0 认证及修补过程 https://rcoil.me/2020/11/%E3%80%90%E7%9F%A5%E8%AF%86%E5%9B%9E%E9%A1%BE%E3%80%91Cobalt%20Strike%204.0%E8%AE%A4%E8%AF%81%E5%8F%8A%E4%BF%AE%E8%A1%A5%E8%BF%87%E7%A8%8B/ 浅谈蚁剑asp马和php马流量加密 https://www.anquanke.com/post/id/223784