漏洞 Vulnerability CVE-2019-16097:Harbor 权限提升漏洞预警 https://mp.weixin.qq.com/s/JOB2tFd-VJTVGm_IEmmHNw CVE-2018-8004：Apache Traffic Server HTTP smuggling 漏洞详解 https://regilero.github.io/english/security/2019/10/17/security_apache_traffic_server_http_smuggling/ NAS设备中发现远程访问漏洞 https://www.welivesecurity.com/2019/09/18/popular-routers-nas-devices-vulnerabilities/ 安全报告 Security Report 卡巴斯基 2019 Q1 智能建筑安全态势简报 https://securelist.com/smart-buildings-threats/93322/ 《2019中国大数据产业发展白皮书》 深度解读 https://www.secrss.com/articles/13711 安全资讯 Security Information 俄罗斯电信公司的SORM监控计划被泄露，包含1.7TB的关键信息 https://www.upguard.com/breaches/mts-nokia-telecom-inventory-data-exposure Greenbone Networks 针对590个PACS服务器未授权访问研究报告，约2430万人次医疗记录可被访问 https://www.greenbone.net/wp-content/uploads/CyberResilienceReport_EN.pdf 微软收购Semmle GitHub成CVE编号授权机构 https://mp.weixin.qq.com/s/ygAJV7ef4Wefpmjdb92LOQ 美国又起诉斯诺登，指其新书违反保密协议 https://mp.weixin.qq.com/s/67rcYbSjQL0nWgQwWVHecA 安全研究 Security Research D-Link DIR-816 A2路由器安全研究分享 https://mp.weixin.qq.com/s/rT53P9EW4xLFV9JLbnLroQ Shhmon：通过卸载驱动绕过sysmon的监控 https://mobile.twitter.com/Dinosn/status/1174527040902635520 恶意软件 Malware SectorH01 攻击组织针对性传播恶意软件 https://threatrecon.nshc.net/2019/09/19/sectorh01-continues-abusing-web-services/ 恶意软件分析-静态基础分析1 https://medium.com/bugbountywriteup/malware-analysis-101-basic-static-analysis-db59119bc00a