漏洞 Vulnerability CVE-2019-19781 Citrix漏洞使80,000家公司面临风险 https://securityaffairs.co/wordpress/95548/hacking/cve-2019-19781citrix-flaw.html 安全工具 Security Tools 很棒的Infosec PowerShell工具和资源集合 https://twitter.com/hsOpenMind/status/1209112869054418945 PBTK：一款针对Protobuf App的逆向工程与模糊测试套件 https://www.freebuf.com/articles/system/223128.html 安全报告 Security Report APT20 报告 https://0x00sec.org/t/40-page-release-on-apt20/18238/2 P2P Botnet： Ｍozi分析报告 https://blog.netlab.360.com/p2p-botnet-mozi/ 热门聊天应用程序实际上是阿联酋政府的间谍工具–报告 https://www.theguardian.com/world/2019/dec/23/totok-popular-chat-app-spying-tool-uae-government 安全事件 Security Incident 年末，网络诈骗的季节 https://www.csoonline.com/article/3511620/tis-the-season-for-cyber-scams.html 2019年10大网络安全并购交易 https://www.csoonline.com/article/3505980/10-biggest-cybersecurity-manda-deals-of-2019.html 面对蠕虫威胁，应如何设置防火墙 https://twitter.com/Peerlyst/status/1209137859883683840 纽约医院前雇员承认窃取同事的数据 https://www.darkreading.com/former-ny-hospital-employee-admits-to-stealing-colleagues-data/d/d-id/1336693 好消息：基于附件的电子邮件攻击下降了22％；坏消息：基于URL的攻击上升了31％ https://twitter.com/GTINKS_/status/1209139288618807296 供应链攻击作为一种进入未被发现的大型公司网络的方式正变得越来越普遍，应该了解如何防御它们 https://twitter.com/kaspersky/status/1209066270253039616 安全研究 Security Research WireShark教程回来了 https://twitter.com/cruzhams/status/1209217481526710273 修补二进制文件的5种方法 https://twitter.com/melqhart/status/1209153380612018180 SIM卡交换攻击：它们是什么？如何阻止他们 https://twitter.com/awaresasi/status/1209083561162133504 记一次对某非法站点从SQL注入到整站打包与本地搭建全过程 https://www.secpulse.com/archives/121093.html