安全工具 Security Tools DECAF：动态可执行代码分析框架 https://github.com/decaf-project/DECAF DueDLLigence：绕过所有应用白名单的shellcode https://github.com/fireeye/DueDLLigence 安全研究 Security Research CVE-2019-2025(水滴) 漏洞利用 https://mp.weixin.qq.com/s/BviSkiO1sizlS1T_WRkkaQ 微软的NTLM身份验证协议中的两个安全漏洞使攻击者可以绕过MIC保护从而导致整个域受到损害。 https://www.preempt.com/blog/drop-the-mic-2-active-directory-open-to-more-ntlm-attacks/ Rusty Joomla RCE 漏洞分析 https://blog.hacktivesecurity.com/index.php?controller=post&action=view&id_post=41 FireEye FireEye Mandiant Redteam：使用shellcode规避EDR检测 https://www.fireeye.com/blog/threat-research/2019/10/staying-hidden-on-the-endpoint-evading-detection-with-shellcode.html Examining and exploiting Android vendor binder services:谁偷了我的虚表？ https://mp.weixin.qq.com/s/BoUGoX4toHh9ZTb7onilgg 恶意软件 Malware Tarmac：针对MacOS用户的新型恶意软件 https://www.zdnet.com/article/macos-users-targeted-with-new-tarmac-malware/ 安全事件 Security Incident CVE-2019-6333：数以千万计的PC可能会受到HP Touchpoint Analytics漏洞的影响 https://securityaffairs.co/wordpress/92392/hacking/hp-touchpoint-analytics-flaw.html Leafly Cannabis网站通过公开数据库泄露用户信息 https://www.bleepingcomputer.com/news/security/leafly-cannabis-website-leaked-user-info-via-exposed-database/ APT41攻击了TeamViewer背后的公司-使他们能够访问安装了TeamViewer的任何系统 https://twitter.com/cglyer/status/1182413194360508419