漏洞 Vulnerability CVE-2019-19082 CrOS: Linux kernel漏洞 https://bugs.chromium.org/p/chromium/issues/detail?id=1030084 工控产品ABB Relion 670系列漏洞 https://www.us-cert.gov/ics/advisories/icsa-19-330-01 卡巴斯基安全连接工具可被dll劫持 https://safebreach.com/Post/Kaspersky-Secure-Connection-DLL-Preloading-and-Potential-Abuses-CVE-2019-15689 安全工具 Security Tools kilos–暗网内容检索工具 https://intsights.com/blog/kilos-the-dark-webs-newest-and-most-extensive-search-engine 安全报告 Security Report 欧盟网络安全局（ENISA）发布港口网络安全指南，以加强其网络安全。 https://www.enisa.europa.eu/publications/port-cybersecurity-good-practices-for-cybersecurity-in-the-maritime-sector/ 安全资讯 Security Information 2100万Mixcloud用户数据泄露 https://securityaffairs.co/wordpress/94581/data-breach/mixcloud-data-breach.html TrueDialog数据库泄漏了数千万条SMS短信 https://securityaffairs.co/wordpress/94593/data-breach/truedialog-data-leak.html 国土安全部要求联邦机构制定漏洞披露政策 https://www.darkreading.com/vulnerabilities—threats/dhs-to-require-federal-agencies-to-set-vulnerability-disclosure-policies-/d/d-id/1336499 巴拿马参与干扰美国大选 https://www.dispatch.com/news/20191126/ohio-election-day-cyber-attack-attempt-traced-to-panama 美国联邦调查局（FBI）评估俄罗斯应用软件可能构成反情报威胁 https://www.cyberscoop.com/fbi-russian-apps-counterintelligence-faceapp-schumer/ 安全研究 Security Research 深入分析一个Pwn2Own的优质Webkit漏洞 https://www.anquanke.com/post/id/194006 追溯朝鲜APT组织Lazarus的攻击历程 https://www.freebuf.com/articles/system/221008.html 利用安卓RCS获取目标权限 https://gbhackers.com/rcs-hacking-attacks/ 开源情报（OSINT）教程 https://www.peerlyst.com/posts/how-to-perform-open-source-intelligence-osint-chiheb-chebbi 利用CallerSpy分发的移动网络间谍活动 https://blog.trendmicro.com/trendlabs-security-intelligence/mobile-cyberespionage-campaign-distributed-through-callerspy-mounts-initial-phase-of-a-targeted-attack/ StrandHogg 安卓漏洞，被银行木马搭载使用 https://promon.co/security-news/strandhogg/