漏洞 Vulnerability libssh2整数溢出漏洞(CVE-2019-17498) https://blog.semmle.com/libssh2-integer-overflow-CVE-2019-17498/ 安全研究 Security Research IDA逆向教程part23 https://kienmanowar.wordpress.com/2019/10/17/reversing-with-ida-from-scratch-p23/ 介绍Android App安全 https://speakerdeck.com/marcobrador/gdg-bcn-2019-introduction-to-android-app-security Q3 2019 APT趋势报告 https://securelist.com/apt-trends-report-q3-2019/94530/ SSTI/沙盒逃逸详细总结 https://www.anquanke.com/post/id/188172 通过prototype pollution在Kibana中实现RCE https://slides.com/securitymb/prototype-pollution-in-kibana 安全资讯 Security Information 微软开始宣布每个季度的安全研究员排名 https://msrc-blog.microsoft.com/2019/10/17/msrc-q3-2019-leaderboard/ 恶意软件 Malware 新发现的APT29活动 https://www.welivesecurity.com/2019/10/17/operation-ghost-dukes-never-left/ 假的iOS越狱网站诱骗下载恶意软件 https://blog.talosintelligence.com/2019/10/checkrain-click-fraud.html pony通过比特币区块链隐藏C&C服务器 https://research.checkpoint.com/ponys-cc-servers-hidden-inside-the-bitcoin-blockchain/