漏洞 Vulnerability Notepad++ (x64) CVE-2019-16294 远程代码执行漏洞 https://0day.life/exploits/0day-940.html IBM安全公告：IBM Security Key Lifecycle Manager受跨站点脚本（CVE-2019-4564）的影响 https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-security-key-lifecycle-manager-is-affected-by-cross-site-scripting-cve-2019-4564/ IBM安全公告：IBM Java Runtime中的多个漏洞影响IBM Installation Manager和IBM Packaging Utility https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affect-ibm-installation-manager-and-ibm-packaging-utility-7/ 恶意软件 Malware 新的Android银行僵尸网络“ Geost”正在活跃 https://www.hackread.com/android-banking-trojan-geost-botnet/ 安全事件 Security Incident PKPLUG：疑似中国网络间谍组织 https://unit42.paloaltonetworks.com/pkplug_chinese_cyber_espionage_group_attacking_asia/ 安全资讯 Security Information Avivore APT 攻击组织披露 https://www.computerweekly.com/news/252471769/New-threat-group-behind-Airbus-cyber-attacks-claim-researchers 阿拉巴马州医院系统因恶意软件攻击而暂停接收病人 http://feedproxy.google.com/~r/Securityweek/~3/j35z6VnX9-g/alabama-hospital-system-halts-admissions-amid-malware-attack Royals起诉违反英国《数据保护法》的每日邮报 https://packetstormsecurity.com/news/view/30547/Royals-Sue-Daily-Mail-Over-U.K.-Data-Protection-Act-Violation.html Magecart 攻击活动与Cobalt组织有重大联系 https://www.csoonline.com/article/3443049/cobalt-cybercrime-group-might-be-launching-magecart-skimming-attacks.html 安全研究 Security Research 在 A11 SoC 上通过寄存器调试内核 https://bugs.chromium.org/p/project-zero/issues/detail?id=1900 反间谍之旅：首款安卓远控木马工具分析 https://www.freebuf.com/articles/terminal/214201.html PDF加密标准的弱点 https://nakedsecurity.sophos.com/2019/10/03/pdf-encryption-standard-weaknesses-uncovered/