漏洞 Vulnerability Oracle 发布十月安全补丁 https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html Adobe Acrobat 修复多个高危漏洞 https://www.zerodayinitiative.com/advisories/published/ CVE-2019-14287 sudo 配置不当-权限提升漏洞预警 https://mp.weixin.qq.com/s/pkLHpTs6d6ktdITgbBbGcw IBM安全公告：IBM Security Guardium受Oracle MySQL漏洞影响 https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-security-guardium-is-affected-by-an-oracle-mysql-vulnerabilities/ 恶意软件 Malware 新的BitPaymer勒索软件活动利用了Apple的零日漏洞 https://securityintelligence.com/news/new-bitpaymer-ransomware-campaign-exploits-apple-zero-day-vulnerability/ 卡巴斯基：关于 IOT 恶意软件的统计报告 https://securelist.com/iot-a-malware-story/94451/ 网络犯罪策略和技术：勒索软件回顾报告 https://resources.malwarebytes.com/resource/cybercrime-tactics-and-techniques-ransomware-retrospective/ 安全工具 Security Tools Postenum：一个高级权限提升工具 https://www.kitploit.com/2019/10/postenum-clean-nice-and-easy-tool-for.html 针对钓鱼工具 Modlishka 的分析 https://securityboulevard.com/2019/10/phishing-tool-analysis-modlishka/ 安全报告 Security Report 欧洲刑警组织：互联网组织的犯罪威胁评估（IOCTA）2019 报告 https://www.europol.europa.eu/activities-services/main-reports/internet-organised-crime-threat-assessment-iocta-2019 针对证书颁发机构及 PKI 的学术研究报告 https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3425554 安全事件 Security Incident 美国邮政设备公司 Pitney Bowes 遭受恶意软件攻击，导致关键服务中断 https://maintenance.pb.com/pbcom/outage.html?pbcom=october-14 法国最大的私人多媒体集团 M6 Group 遭受勒索软件攻击 https://www.zdnet.com/article/m6-one-of-frances-biggest-tv-channels-hit-by-ransomware/ 安全资讯 Security Information 2019 McAfee MPOWER 安全会议中的五大亮点 https://securingtomorrow.mcafee.com/business/top-5-highlights-from-mpower-2019/ 中国光大银行数据中心DDos防护与实践 https://www.secrss.com/articles/14083 安全研究 Security Research 使用 McAfee 绕过 McAfee https://dmaasland.github.io/posts/mcafee.html 关于堆溢出和ios内核堆的研究 https://azeria-labs.com/heap-overflows-and-the-ios-kernel-heap/ talos 在假新闻识别方向上的研究 https://blog.talosintelligence.com/2017/06/talos-fake-news-challenge.html