漏洞 Vulnerability CVE-2020-1181: SharePoint 远程代码执行漏洞通告 https://cert.360.cn/warning/detail?id=af01baa5e0b5fbcf6215a1f7c63b43f4 CVE-2020-9495:Apache Archiva登录服务容易受到LDAP注入的攻击 https://seclists.org/oss-sec/2020/q2/202 安全工具 Security Tools OSS-Fuzz:开源软件Fuzz https://www.kitploit.com/2020/06/oss-fuzz-continuous-fuzzing-of-open.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+PentestTools+%28PenTest+Tools%29 安全资讯 Security Information Mozilla VPN – Firefox专用网络VPN终于面世 https://www.hackread.com/mozilla-vpn-firefox-private-network-vpn-coming/ 谷歌在对法国500万欧元罚款的上诉中败诉 https://www.securityweek.com/google-loses-appeal-against-50-mn-euro-french-fine?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Securityweek+%28SecurityWeek+RSS+Feed%29 安全研究 Security Research 针对知名航天和军事公司的针对性攻击分析 https://paper.seebug.org/1248/ 搭建nodejs调试环境开启漏洞收割模式 https://mp.weixin.qq.com/s/_A0tuRMZOqf2QmGHiWx7aQ 数字隐写术作为一种先进的恶意软件检测规避技术 https://www.peerlyst.com/posts/digital-steganography-as-an-advanced-malware-detection-evasion-technique-ian-barwise?utm_source=twitter&utm_medium=social&utm_content=peerlyst_post&utm_campaign=peerlyst_shared_post 恶意代码分析之修改CRT的Dropper分析 https://www.anquanke.com/post/id/208794 腹背受敌之“音量倍增软件”注入导致crash https://www.anquanke.com/post/id/208808 weblogic 无文件 webshell 的技术研究 https://paper.seebug.org/1249/