漏洞 Vulnerability CVE-2020-10759：fwupd中的S3存储桶接管和PGP签名绕过漏洞 https://twitter.com/xerubus/status/1270128211184111616 CVE-2020-12695：UPnP协议漏洞可导致数十亿设备遭受攻击 http://feedproxy.Google.com/~r/Securityweek/~3/lWs-B9QsNKM/callstranger-upnp-flaw-affecting-billions-devices-allows-data-exfiltration-ddos-attacks WLB-2020060034：Virtual Airlines管理系统2.6.2版本SQL注入 https://cxsecurity.com/issue/WLB-2020060034 安全研究 Security Research 应急响应之X系统数据库篡改应急分享 https://www.freebuf.com/articles/web/236766.HTML 安全资讯 Security Information DARPA组织启动漏洞赏金项目 https://www.darkreading.com/vulnerabilities—threats/darpa-launches-bug-bounty-program/d/d-id/1338027?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple HigaisaAPT组织利用恶意LNK文件攻击Zeplin协作平台 https://securityaffairs.co/wordpress/104469/apt/higaisa-hacking-group.HTML?utm_source=rss&utm_medium=rss&utm_campaign=higaisa-hacking-group 恶意软件 Malware 伪装的勒索软件解密工具对受害者的文件二次加密 https://www.anquanke.com/post/id/207965 CISA发出针对使用SMBGhost漏洞的攻击预警 https://www.scmagazine.com/home/security-news/vulnerabilities/cisa-warns-attackers-are-using-exploit-code-for-smbghost-bug/