漏洞 Vulnerability CVE-2019-16219: WordPress Gutenberg编辑器XSS漏洞导致代码执行 https://threatpost.com/wordpress-xss-drive-by-code-execution/148324/ CVE-2019-0207: Apache Tapestry 5.4.2路径穿越漏洞 https://seclists.org/oss-sec/2019/q3/229?utm_source=dlvr.it&utm_medium=twitter 安全工具 Security Tools Stegify – 用于LSB隐写术的工具，能够隐藏任何文件至图像中 http://feedproxy.google.com/~r/PentestTools/~3/l2fNzJLNH5Q/stegify-go-tool-for-lsb-steganography.html Sandboxie – 在隔离环境中安全运行任何应用程序的免费工具 https://gbhackers.com/sandboxie/ 安全资讯 Security Information 胡塞叛乱分子声称伊朗对沙特石油设施进行袭击 https://www.theguardian.com/world/2019/sep/14/pompeo-iran-saudi-arabia-oil-yemen-houthi 安全研究 Security Research AWS攻防: 将存在信息泄露的存储桶引入OSINT工作流 https://blog.malwarebytes.com/researchers-corner/2019/09/hacking-with-aws-incorporating-leaky-buckets-osint-workflow/ 如何破解忘记了一部分的密码 https://www.engadget.com/2019/09/13/forgot-password-ethereum-cryptocurrency-lost-expandpass/ 供应链攻击的演变和未来 https://twitter.com/kaspersky/status/1172853778338500615/photo/1 恶意软件 Malware Nemty勒索软件更新增加用于终止进程和服务的代码 https://www.bleepingcomputer.com/news/security/nemty-ransomware-update-lets-it-kill-processes-and-services/ InnfiRAT木马从比特币和莱特币钱包中窃取资金 https://securityaffairs.co/wordpress/91230/breaking-news/innfirat-malware-cryptocurrency.html