漏洞 Vulnerability CVE-2020-5835：Symantec Endpoint Protection Manager（SEPM）14.2 RU2 MP1特权提升 https://labs.redyops.com/index.php/2020/05/19/sepm-cve-2020-5835/ CVE-2020-13384:Monstra CMS 3.0.4允许远程身份验证的用户通过admin / index.php？id = filesmanager上载和执行任意PHP代码 https://vulmon.com/vulnerabilitydetails?qid=CVE-2020-13384 恶意软件 Malware Asnarök攻击分析Ⅱ https://news.sophos.com/en-us/2020/05/21/asnarok2/ 如何删除Solo.biz弹出广告 https://sensorstechforum.com/remove-solo-biz-ads/ 安全报告 Security Report 伊朗Chafer APT针对科威特和沙特阿拉伯的航空运输和政府进行攻击 https://www.bitdefender.com/files/News/CaseStudies/study/332/Bitdefender-Whitepaper-Chafer-creat4491-en-EN-interactive.pdf 针对意大利制造业的网络犯罪活动分析 https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/ 狼又来了：WolfRAT分析 https://blog.talosintelligence.com/2020/05/the-wolf-is-back.html 安全事件 Security Incident GhostDNS源代码泄漏 https://decoded.avast.io/simonamusilova/ghostdns-source-code-leaked/ 美国贸易管制黑名单新增：奇虎360、烽火通信、云从科技、东方网力等33家 https://www.anquanke.com/post/id/206477 安全资讯 Security Information Sophos阻止了利用XG防火墙0day漏洞将勒索软件分发到Windows主机上 https://securityaffairs.co/wordpress/103590/hacking/sophos-xg-firewall-0day.html 安全研究 Security Research 异常安全分析：如何应对企业电子邮件泄露 https://www.csoonline.com/article/3542636/how-abnormal-security-combats-business-email-compromise.html Petaq：红队C&C https://github.com/fozavci/petaqc2 SQL注入基础课程 https://www.youtube.com/playlist?list=PLR0bgGon_WTLZA2Kr3JBld_XvJaMOdMO1 智能制造系统的安全性分析 https://www.trendmicro.com/vinfo/us/security/news/internet-of-things/threats-and-consequences-a-security-analysis-of-smart-manufacturing-systems