漏洞 Vulnerability “VoltJockey”（骑士）漏洞网站，内含漏洞paper和poc https://plundervolt.com/ CVE-2019-19726：OpenBSD dynamic loader 提权漏洞 https://seclists.org/oss-sec/2019/q4/153 CVE-2019-1469：SetWindowsHookEx泄漏内核指针漏洞 https://www.ragestorm.net/blogs/?p=486 CVE-2019-19247 & CVE-2019-19248：EA Windows Origin客户端中的本地提权漏洞 https://amonitoring.ru/article/origin_lpe_disclosure/ 恶意软件 Malware 一款“僵尸网络挖矿” 攻击分析 https://www.anquanke.com/post/id/194570 安全研究 Security Research 网络钓鱼的演变 https://www.microsoft.com/security/blog/2019/12/11/the-quiet-evolution-of-phishing/ 针对闭源Windows软件进行fuzz https://www.apriorit.com/dev-blog/640-qa-fuzzing-for-closed-source-windows-software SELinux系统安全策略及其配置分析 https://www.freebuf.com/articles/system/222712.html Blackhat议题《Going Beyond Coverage-Guided Fuzzing with Structured Fuzzing》视频放出——YouTube https://www.youtube.com/watch?v=S8JvzWDnjc0 逆向分析Windows容器 https://unit42.paloaltonetworks.com/what-i-learned-from-reverse-engineering-windows-containers/ 安全工具 Security Tools PathAuditor：用于检测 root 等特权用户访问不安全路径的漏洞 https://security.googleblog.com/2019/12/detecting-unsafe-path-access-patterns.html 路由器Exploit kit 介绍——Slide https://vavkamil.cz/wp-content/uploads/2019/12/an-introduction-to-the-router-exploit-kits.pdf 首款开源Wi-Fi基带芯片设计openwifi开源 https://github.com/open-sdr/openwifi