漏洞 Vulnerability Network Management Card 6.2.0 主机机头注入漏洞 http://vulhub.org.cn/vuln/VH-F155428 安全工具 Security Tools 从 0 开始入门 Chrome Ext 安全（一） — 了解一个 Chrome Ext https://paper.seebug.org/1082/ 安全资讯 Security Information Windows 10 1909 安全标准变更：攻击保护暂时移除 https://www.bleepingcomputer.com/news/microsoft/windows-10-1909-drops-exploit-protection-from-security-baseline/ APT33加强了对工业控制系统的关注 https://nakedsecurity.sophos.com/2019/11/22/irans-apt33-sharpens-focus-on-industrial-control-systems/ Metasploit Shellcode模块更新加密和认证机制 https://blog.rapid7.com/2019/11/21/metasploit-shellcode-grows-up-encrypted-and-authenticated-c-shells/ GitHub推出“安全实验室”和漏洞奖励计划，加强开源生态安全 https://www.secrss.com/articles/15144 信通院发布《物联网终端安全白皮书 (2019) 》 https://www.secrss.com/articles/15148 安全研究 Security Research 网络钓鱼工具Modlishka的细节分析 https://www.freebuf.com/articles/network/217091.html 如何通过自动化减少SMB漏洞和事件响应时间 https://blog.rapid7.com/2019/11/22/how-smbs-can-decrease-vulnerabilities-and-incident-response-time-with-automation/ 恶意软件 Malware Trickbot 更新其密码抓取模块 https://unit42.paloaltonetworks.com/trickbot-updates-password-grabber-module/ DePriMon 恶意软件注册自身为 Windows打印机组件 https://www.bleepingcomputer.com/news/security/deprimon-malware-registers-itself-as-a-windows-print-monitor/