漏洞 Vulnerability CVE-2020-10717:QEMU virtiofsd DoS漏洞 https://seclists.org/oss-sec/2020/q2/85 CVE-2020-12653:Linux marvell wifi驱动缓冲区溢出 https://seclists.org/oss-sec/2020/q2/98 CVE-2020-10732:Linux用户空间coredumps内核信息泄露 https://seclists.org/oss-sec/2020/q2/88 安全研究 Security Research 价值20000美元的Facebook DOM XSS https://vinothkumar.me/20000-facebook-dom-xss/ 绕过Windows Defender运行时扫描 https://labs.f-secure.com/blog/bypassing-windows-defender-runtime-scanning/ 谷歌云平台中的权限提升 https://rhinosecuritylabs.com/gcp/privilege-escalation-google-cloud-platform-part-1/ Fastjson 反序列化漏洞史 https://paper.seebug.org/1192/ 深度分析Netwalker勒索软件 https://mp.weixin.qq.com/s/IeTZSDhX7E_l2cyT5QJgQA CVE-2018-18708：Tenda路由器缓冲区溢出漏洞分析 https://www.anquanke.com/post/id/204403 如何保护邮件服务器 https://www.peerlyst.com/posts/how-to-secure-mail-server-part-i-sudhendu?utm_source=twitter&utm_medium=social&utm_content=peerlyst_post&utm_campaign=peerlyst_shared_post Checkpoint 研究团队对 Nazar 工具组件的详细分析 https://www.anquanke.com/post/id/204564 探索svchost.exe / P标志 https://pusha.be/index.php/2020/05/07/exploration-of-svchost-exe-p-flag/ 安全事件 Security Incident 368万MobiFriends(约会软件)用户的个人信息被泄露 https://www.zdnet.com/article/dating-app-mobifriends-silent-on-security-breach-impacting-3-6-million-users/ 安全工具 Security Tools DRAKVUF沙箱：hypervisor级别的恶意代码自动分析系统 https://github.com/CERT-Polska/drakvuf-sandbox