漏洞 Vulnerability CVE-2019-3726：滥用Dell的DUP框架导致权限提升 https://securityboulevard.com/2019/10/lazy-privilege-escalation-abusing-dells-dup-framework-cve-2019-3726/ 安全工具 Security Tools ATTACKdatamap-在事件级别上的数据源评估工具 https://www.kitploit.com/2019/10/attackdatamap-datasource-assessment-on.html 安全报告 Security Report 逐层揭开PKPLUG恶意组织面纱：攻击亚洲地区的网络间谍组织 https://mp.weixin.qq.com/s/YVY5qnrMWn_yFf26-34A8w 狩猎浣熊：新的面具劫匪 https://www.cybereason.com/blog/hunting-raccoon-stealer-the-new-masked-bandit-on-the-block 安全事件 Security Incident 750万条Adobe Creative Cloud用户数据暴露 https://www.bleepingcomputer.com/news/security/75-million-records-of-adobe-creative-cloud-user-data-exposed/ 安全研究 Security Research 通过导出的Cplapplet函数将代码作为控制面板项执行 https://ired.team/offensive-security/code-execution/executing-code-in-control-panel-item-through-an-exported-cplapplet-function 如何使用Cargo-Fuzz来对Rust代码进行模糊测试 https://fuzzit.dev/2019/10/08/how-to-fuzz-rust-code-with-cargo-fuzz-continuously/ CVE-2019-11932 WhatsApp里的double-free https://xz.aliyun.com/t/6616 绕过.NET远程处理中的Low Type筛选器 https://tyranidslair.blogspot.com/2019/10/bypassing-low-type-filter-in-net.html 浅谈Windows身份认证及相关攻击方式 https://xz.aliyun.com/t/6600