漏洞 Vulnerability winrar外部实体注入 https://cxsecurity.com/issue/WLB-2019100142 ThinkCMF框架上的任意内容包含漏洞 https://www.freebuf.com/vuls/217586.html 恶意软件 Malware gustuffv勒索软件分析 https://blog.talosintelligence.com/2019/10/gustuffv2.html Remcos RAT的新变种攻击分析 https://www.secpulse.com/archives/116213.html Spelevo EK利用Flash Player漏洞下发勒索软件 https://securityintelligence.com/news/spelevo-ek-exploits-flash-player-vulnerability-to-deliver-maze-ransomware/ 安全研究 Security Research 美国政府泄漏的军事人员数据，179G https://threatpost.com/government-military-personnel-data-leaked/149386/ 勒索软件利用恶意文档和PowerShell加密文件 https://www.bromium.com/ransomware-goes-fileless-uses-malicious-documents-and-powershell-to-encrypt-files/ McAfee ATR分析Sodinokibi aka REvil勒索软件 https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/mcafee-atr-analyzes-sodinokibi-aka-revil-ransomware-as-a-service-crescendo/ LazarusAPT组织攻击样本分析 https://blog.alyac.co.kr/2388 Magecart Group 5与Carbanak APT之间的关联分析 https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/hunting-threats-on-twitter 如何使用社交媒体收集威胁情报 https://www.thanassis.space/myowncpu.html Microsoft Defender ATP的防病毒程序揭示Astaroth攻击 https://www.microsoft.com/security/blog/2019/07/08/dismantling-a-fileless-campaign-microsoft-defender-atp-next-gen-protection-exposes-astaroth-attack/