漏洞 Vulnerability CNVD-2020-10487: Apache Tomcat文件包含漏洞通告 https://cert.360.cn/warning/detail?id=849be16c6d2dd909ff56eee7e26aeefe CVE-2020-8960：西部数据Web版本2.2.0-134存在XSS漏洞 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8960 CVE-2020-9318：Red Gate SQL监控工具SQL注入漏洞 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9318 安全工具 Security Tools Judas DNS – 域名服务器DNS投毒攻击工具 https://www.darknet.org.uk/2020/02/judas-dns-nameserver-dns-poisoning-attack-tool/?utm_source=feedly&utm_medium=webfeeds 安全资讯 Security Information 美国新墨西哥州起诉谷歌挖掘儿童数据 https://www.bleepingcomputer.com/news/legal/new-mexico-sues-google-for-mining-childrens-data/ 米高梅度假村被黑客入侵：1060万访客数据被公开 https://www.tripwire.com/state-of-security/security-data-protection/mgm-resorts-hacked-10-6-million-guests-personal-data-exposed/ 安全研究 Security Research Windows AD安全指南 https://www.peerlyst.com/posts/the-active-directory-security-wiki-chiheb-chebbi?utm_source=twitter&utm_medium=social&utm_content=peerlyst_post&utm_campaign=peerlyst_shared_post 自动化漏洞挖掘之初步构想 https://www.anquanke.com/post/id/198292 用于gMSA密码的NTLM传递攻击 https://cube0x0.github.io/Relaying-for-gMSA/ 恶意软件 Malware RobbinHood勒索软件分析 https://blog.malwarebytes.com/threat-spotlight/2020/02/threat-spotlight-robbinhood-ransomware-takes-the-drivers-seat/