漏洞 Vulnerability Comba和D-Link路由器中的多个漏洞 https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/multiple-vulnerabilities-in-comba-and-d-link-routers/ 英特尔服务器级CPUNetCAT漏洞 https://www.vusec.net/projects/netcat/ 恶意软件 Malware 携带TrickBot间谍软件的网络钓鱼电子邮件攻击美国多个州。 https://blog.360totalsecurity.com/en/phishing-emails-carrying-trickbot-spyware-attack-multiple-provinces-in-united-states/​ 安全报告 Security Report F-Secure发布蜜罐分析报告 https://s3-eu-central-1.amazonaws.com/evermade-fsecure-assets/wp-content/uploads/2019/09/12093807/2019_attack_landscape_report.pdf 伊朗APT组织COBALT DICKENS在今年7月和8月针对澳大利亚，美国，英国，加拿大，香港和瑞士的60多所大学发起钓鱼攻击活动。 https://www.secureworks.com/blog/cobalt-dickens-goes-back-to-school-again。 朝鲜黑组织Kimsuky瞄准美国实体攻击 https://blog.prevailion.com/2019/09/autumn-aperture-report.html?m=1 安全事件 Security Incident 400多万以色列公民的个人数据泄露 https://www.haaretz.com/israel-news/elections/.premium-netanyahu-s-party-exposed-personal-details-political-affiliation-of-millions-1.7812702 413 GB共计1.98亿条记录的购车者数据的Elasticsearch数据库泄露 https://securitydiscovery.com/dealer-leads/ 1700万封电子邮件，总计1.2TB的数据泄露 https://threatpost.com/major-groupon-ticketmaster-fraud-scheme-exposed-by-insecure-database/148246/ 安全资讯 Security Information Instagram确认安全问题暴露用户帐户和电话号码 https://www.forbes.com/sites/zakdoffman/2019/09/12/new-instagram-hack-exclusive-facebook-confirms-user-accounts-and-phone-numbers-at-risk/ 由于朝鲜黑客组织行为，美国再次宣布制裁朝鲜 https://www.reuters.com/article/us-northkorea-usa-sanctions/u-s-sanctions-three-north-korean-sponsored-hacking-groups-idUSKCN1V 安全研究 Security Research 远程进程Shellcode注入调试技巧 https://www.freebuf.com/articles/system/212248.html