漏洞 Vulnerability google披露android中的0day漏洞，之前该漏洞已经在linux系统中得到修复 https://bugs.chromium.org/p/project-zero/issues/detail?id=1942 安全工具 Security Tools fireeye开发了语音控制IDA的工具 http://www.fireeye.com/blog/threat-research/2019/10/controlling-ida-pro-with-voice-control-software.html ptf：一个安装并更新渗透测试工具的框架 https://github.com/trustedsec/ptf 安全资讯 Security Information windows开始启用基于虚拟化的安全 https://techcommunity.microsoft.com/t5/Virtualization/Virtualization-Based-Security-Enabled-by-Default/ba-p/890167 Metasploit添加了针对Equation Group的SMB DOUBLEPULSAR执行Metasploit payload的模块 https://blog.rapid7.com/2019/10/02/open-source-command-and-control-of-the-doublepulsar-implant/ 安全研究 Security Research 探索动态跟踪分析 https://blog.quarkslab.com/exploring-execution-trace-analysis.html idapython查阅清单 https://github.com/inforion/idapython-cheatsheet CVE-2019-1161：利用Windows Defender中的符号链接漏洞实现EOP https://www.cyberark.com/threat-research-blog/follow-the-link-exploiting-symbolic-links-with-ease/