漏洞 Vulnerability CNVD-2020-50916: WPS Office 国际版内存破坏漏洞 https://www.cnvd.org.cn/flaw/show/CNVD-2020-50916 CNVD-2020-50758: 美图秀秀PC版缓冲区溢出漏洞 https://www.cnvd.org.cn/flaw/show/CNVD-2020-50758 安全事件 Security Incident Town Sports 60万用户数据泄漏 https://securityaffairs.co/wordpress/108674/data-breach/town-sports-data-leak.html 乌克兰国家警察官网遭到网络攻击 https://www.hackread.com/ukraine-national-police-website-shuts-down-hacker-intrusion/ VPNMentor团队发现印度COVID-19数据泄漏 https://www.hackread.com/india-covid-19-surveillance-tool-exposed-user-data/ 黑客组织针对俄罗斯公司发起攻击 https://thehackernews.com/2020/09/russian-ransomware-hack.html 安全工具 Security Tools crowdsecurity/crowdsec: 开源主机Agent https://github.com/crowdsecurity/crowdsec/ Enum4Linux – 枚举Windows/Samba主机中的文件数据 https://www.kitploit.com/2020/09/enum4linux-linux-alternative-to-enumexe.html 恶意软件 Malware AgeLocker 针对QNAP NAS进行数据窃取的恶意软件 https://www.bleepingcomputer.com/news/security/agelocker-ransomware-targets-qnap-nas-devices-steals-data/ 安全报告 Security Report Emotet 劫持：Email攻击技术 https://unit42.paloaltonetworks.com/emotet-thread-hijacking/ Rapid7 Q2 威胁报告 https://blog.rapid7.com/2020/09/22/rapid7-releases-q2-2020-quarterly-threat-report/ 卡巴斯基:在物联网设备中寻找复杂的恶意软件 https://securelist.com/looking-for-sophisticated-malware-in-iot-devices/98530/ 安全研究 Security Research 红蓝对抗中的近源渗透 – 博客 – 腾讯安全应急响应中心 https://security.tencent.com/index.php/blog/msg/167 ISO 29151隐私保护认证心得体会 https://www.freebuf.com/articles/neopoints/250617.html