漏洞 Vulnerability 在万圣节之夜，Google公开了在野外利用Chrome零日漏洞的信息 https://www.zdnet.com/article/halloween-scare-google-discloses-chrome-zero-day-exploited-in-the-wild/ Chrome的CVE-2019-13720安全漏洞在Operation Wizard中被利用 https://securityaffairs.co/wordpress/93278/hacking/cve-2019-13720-lazarus-attacks.html 安全工具 Security Tools Fenrir：一款功能强大的BASH IoC扫描器 https://www.freebuf.com/sectool/216061.html 安全报告 Security Report 2019年上半年基于网络的威胁报告 https://unit42.paloaltonetworks.com/web-based-threats-first-half-2019/ 通过Whatsapp定位的20个国家/地区的官员 https://www.databreachtoday.com/govt-officials-in-20-nations-targeted-via-whatsapp-report-a-13337 看门狗警告说，面部识别可能是有史以来最具侵入性的警务技术 https://www.zdnet.com/article/facial-recognition-could-be-most-invasive-policing-technology-ever-warns-watchdog/ 安全事件 Security Incident Uber和Lynda.com骇客案中的两人认罪 https://www.scmagazine.com/home/security-news/legal-security-news/two-guilty-pleas-in-uber-and-lynda-com-hacking-case/ Web注册服务商三重漏洞泄露2200万个帐户 https://www.databreachtoday.com/trio-web-registrars-disclose-22-million-accounts-breached-a-13332 知名Web域名注册商遭黑客攻击，导致客户信息泄露 https://www.freebuf.com/news/218772.html Red Hat Process Automation在最新版本中添加了预测建模 https://twitter.com/a_purkait/status/1190290149105528833 恶意软件 Malware 数以千计的QNAP NAS设备已感染QSnatch恶意软件 https://www.oodaloop.com/briefs/2019/11/01/thousands-of-qnap-nas-devices-have-been-infected-with-the-qsnatch-malware/ Gafgyt恶意软件感染无线路由器并扩招到僵尸网络以攻击游戏服务器 https://gbhackers.com/gafgyt-malware/ Gafgyt botnet变体带有DDoS攻击的广受欢迎的Fortnite针对TF2之类的游戏以 https://twitter.com/151satoshi/status/1190230393833832449 安全研究 Security Research 提高安全意识：为什么工具不能替代人 https://www.darkreading.com/operations/raising-security-awareness-why-tools-cant-replace-people/a/d-id/1336189?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple