漏洞 Vulnerability CVE-2020-12753：LG 智能手机任意代码执行漏洞 https://twitter.com/campuscodi/status/1267914361370226688 Node.js TLS session 重用漏洞导致hostname 验证绕过——P0 https://bugs.chromium.org/p/project-zero/issues/detail?id=2019 Apache Tomcat CVE-2020-9484 Poc以及writeup https://packetstormsecurity.com/files/157924/CVE-2020-9484.tgz IOS 13.5.1修复了unc0ver 5.0越狱工具中使用的一个内核漏洞（CVE-2020-9859） https://duo.com/decipher/ios-13-5-1-fixes-kernel-zero-day 安全研究 Security Research SSH 渗透指南 https://community.turgensec.com/ssh-hacking-guide/ Windows 内核 Ps 回调实验 http://deniable.org/windows/windows-callbacks 探测 In-Memory .NET Tradecraft https://www.mdsec.co.uk/2020/06/detecting-and-advancing-in-memory-net-tradecraft/ 利用Python进行汽车破解Part1：泄露GPS 和OBDII/CAN Bus数据 https://medium.com/bugbountywriteup/car-hacking-with-python-part-1-data-exfiltration-gps-and-obdii-can-bus-69bc6b101fd1 如何绕过即将发布的glibc2.32上的Safe Linking缓解机制 https://www.researchinnovations.com/post/bypassing-the-upcoming-safe-linking-mitigation CVE-2020–8555： Kubernetes价值4万刀的漏洞分析 https://medium.com/@BreizhZeroDayHunters/when-its-not-only-about-a-kubernetes-cve-8f6b448eafa8 安全资讯 Security Information 与俄罗斯有关的APT在最近的攻击中至少利用了3个Exim漏洞 https://securityaffairs.co/wordpress/104209/hacking/russia-apt-exim-flaws.html 恶意软件 Malware “Silent Night” Zloader/Zbot 分析白皮书 https://resources.malwarebytes.com/files/2020/05/The-Silent-Night-Zloader-Zbot_Final.pdf 深入分析新的Team9恶意软件家族 https://blog.fox-it.com/2020/06/02/in-depth-analysis-of-the-new-team9-malware-family/ 逆向一个轻量级macOS后门 https://objective-see.com/blog/blog_0x58.html 利用十六进制编辑器快速分析恶意软件 https://towardsdatascience.com/malware-analysis-with-visual-pattern-recognition-5a4d087c9d26