恶意软件 Malware 从公共资源收集并由RedDrip7进行分类的IOC https://github.com/RedDrip7/APT_Digital_Weapon 安全研究 Security Research BlackHat eu 2019:一种新的java反序列化攻击技术 https://i.blackhat.com/eu-19/Thursday/eu-19-Zhang-New-Exploit-Technique-In-Java-Deserialization-Attack.pdf BlackHat eu 2019:java RMI及CORBA协议的新利用面 https://i.blackhat.com/eu-19/Wednesday/eu-19-An-Far-Sides-Of-Java-Remote-Protocols.pdf BlackHat eu 2019:非接触式支付中的漏洞 http://i.blackhat.com/eu-19/Wednesday/eu-19-Galloway-First-Contact-Vulnerabilities-In-Contactless-Payments-2.pdf BlackHat eu 2019:将iOS内核引导到QEMU上进行交互式Bash Shell https://i.blackhat.com/eu-19/Wednesday/eu-19-Afek-Booting-The-iOS-Kernel-To-An-Interactive-Bash-Shell-On-QEMU.pdf Java 中 RMI、JNDI、LDAP、JRMP、JMX、JMS那些事儿（上） https://paper.seebug.org/1091/ BlackHat eu 2019:高级VBA宏攻击和防御 https://i.blackhat.com/eu-19/Wednesday/eu-19-Lagadec-Advanced-VBA-Macros-Attack-And-Defence-2.pdf 使用XPATH注入获得非法数据访问 https://medium.com/swlh/hacking-xml-data-a64c870b0988 Argus Hacking 比赛上，有团队分享的内核级漏洞 – ldt x86 Bug 的 Paper http://www.lsd-pl.net/kernelvuln.pdf CVE-2019-7609：kibanaRCE https://github.com/hekadan/CVE-2019-7609