漏洞 Vulnerability CVE-2020-14386: Linux内核权限提升漏洞通告 https://cert.360.cn/warning/detail?id=e73761f3747ae3b13b61b7f25a9a8e8a 安全事件 Security Incident 德国调查人员指责俄罗斯的DoppelPaymer团伙制造了致命的医院袭击 https://securityaffairs.co/wordpress/108620/malware/doppelpaymer-german-hospital-attack.html 动视暴雪遭黑客攻击，50万《使命召唤》玩家受到影响 https://securityaffairs.co/wordpress/108588/data-breach/activision-hack.html 安全报告 Security Report PAN-OS严重缓冲区溢出漏洞（CVE-2020-2040） https://blog.qualys.com/product-tech/2020/09/22/pan-os-critical-buffer-overflow-vulnerability-cve-2020-2040-automatically-discover-prioritize-and-remediate-using-qualys-vmdr 安全研究 Security Research Rudeminer，Blacksquid和Lucifer恶意软件分析 https://research.checkpoint.com/2020/rudeminer-blacksquid-and-lucifer-walk-into-a-bar/ 我是如何挖掘yii2反序列化0day的 https://www.anquanke.com/post/id/217930 CVE-2020-13933：Apache Shiro 权限绕过漏洞分析 https://www.anquanke.com/post/id/218270 从0开始聊聊自动化静态代码审计工具 https://paper.seebug.org/1339/ uTorrent 协议层远程漏洞的分析和利用 https://blog.whtaguy.com/2020/09/utorrent-cve-2020-8437-vulnerability.html IBM SIEM 产品 QRadar 软件 Windows 本地提权漏洞（CVE-2020-4485/4486）分析 https://labs.redyops.com/index.php/2020/09/11/ibm-qradar-wincollect-escalation-of-privileges-cve-2020-4485-cve-2020-4486/