安全工具 Security Tools Kuiper：数字调查平台 https://github.com/DFIRKuiper/Kuiper 安全资讯 Security Information NordVPN用户的凭证泄漏并流传于在线论坛上 https://arstechnica.com/information-technology/2019/11/nordvpn-users-passwords-exposed-in-mass-credential-stuffing-attacks/ Google已对在野Chrome漏洞进行修补 https://www.bleepingcomputer.com/news/security/chrome-zero-day-bug-with-exploit-in-the-wild-gets-a-patch/ ElasticSearch数据库因配置错误暴露了将近750万Adobe Creative Cloud用户记录 https://www.trendmicro.com/vinfo/us/security/news/virtualization-and-cloud/misconfigured-elasticsearch-database-exposed-almost-7-5-million-adobe-creative-cloud-users-records?utm_source=trendmicroresearch&utm_medium=smk&utm_campaign=1019_elasticsearch 安全研究 Security Research 始于ZDI-CAN-8807的挖洞故事 https://www.zerodayinitiative.com/blog/2019/10/31/the-little-bitmap-that-couldnt 恶意软件 Malware Corona bot分析 https://maxkersten.nl/binary-analysis-course/malware-analysis/corona-ddos-bot/ WIZARD SPIDER为Ryuk添加了新功能，用于在局域网上定位主机 https://www.crowdstrike.com/blog/wizard-spider-adds-new-feature-to-ryuk-ransomware/ 安全报告 Security Report CVE-2019-13720漏洞在野利用分析 https://securelist.com/chrome-0-day-exploit-cve-2019-13720-used-in-operation-wizardopium/94866/ 欺诈，黑客和网络攻击：对电子竞技行业的威胁 https://documents.trendmicro.com/assets/white_papers/wp-threats-to-the-esports-industry-in-2019-and-beyond.pdf NCSC2019年度回顾 https://www.ncsc.gov.uk/annual-review/2019/ncsc/docs/ncsc_2019-annual-review.pdf