漏洞 Vulnerability 科雷萨3家网站因JSONP不安全而出现被接管账户的漏洞 https://twitter.com/Dinosn/status/1310760336618815489 针对多个vhost加密的DPDK安全问题 https://seclists.org/oss-sec/2020/q3/200 安全研究 Security Research 一条命令实现端口复用后门 https://mp.weixin.qq.com/s?__biz=MzI4MTkzNDIyMg==&mid=2247489819&idx=1&sn=70880799cd687e57d06c3e9d26e9bd95 php 序列化与反序列化 https://mp.weixin.qq.com/s?__biz=MzI5MDE0MjQ1NQ==&mid=2247493628&idx=1&sn=b6e1f9ba247bdabe3e80698c24234fe7 CISA发布了关于LokiBot特洛伊木马的新建议 https://www.ehackingnews.com/2020/09/cisa-released-new-advisory-on-lokibot.html chrome sandbox escape case study https://mp.weixin.qq.com/s?__biz=MzIzMTc1MjExOQ==&mid=2247490900&idx=1&sn=245570a9e598e47f3b28cedfefe28780 安全报告 Security Report 上周关注度较高的产品安全漏洞(20200921-20200927) https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247488663&idx=2&sn=4dbdef0d5a4456e7b2fa5533c188822f 安全事件 Security Incident 一个新犯罪团伙OldGremlin对俄罗斯公司的攻击活动 https://mp.weixin.qq.com/s?__biz=MzU5MjEwNjQzNg==&mid=2247491443&idx=1&sn=6109fc42dacc6d3590630feab982640d 安全资讯 Security Information 如何成为认证的网络威胁分析师？ https://gbhackers.com/how-to-become-a-certified-cyber-threat-intelligence-analyst/ 思科评为2020年forrester企业防火墙浪潮的领导者 https://twitter.com/CiscoSecure/status/1310761216420306944 脸谱网禁止俄罗斯可疑账户，称俄罗斯间谍情报干扰美国总统大选 https://www.ehackingnews.com/2020/09/facebook-bans-suspicious-russian.html