漏洞 Vulnerability CVE-2019-1367: 微软 IE jscript.dll 组件远程代码执行漏洞预警 https://cert.360.cn/warning/detail?id=4888735200cc6b5fe4e324aca1f620c1 CVE-2019-14835：QEMU-KVM虚拟机逃逸漏洞 https://seclists.org/oss-sec/2019/q3/245?utm_source=dlvr.it&utm_medium=twitter 安全工具 Security Tools navi：命令行的交互式备忘单工具 https://github.com/denisidoro/navi Tachyon：Web应用程序安全侦察工具 https://www.kitploit.com/2019/09/tachyon-fast-http-dead-file-finder.html 汽车黑客工具和汽车安全资源列表 https://www.peerlyst.com/posts/resource-list-of-car-hacking-tools-car-security-tools-and-car-security-resources-ben-ferris?utm_source=twitter&utm_medium=social&utm_content=peerlyst_post&utm_campaign=peerlyst_shared_post 安全资讯 Security Information 俄罗斯APT地图显示2000个恶意软件样本之间的22,000个连接 https://thehackernews.com/2019/09/russia-hacking-groups-map.html 微软发布了一个紧急补丁用以修复在野利用的0day https://securityaffairs.co/wordpress/91665/hacking/microsoft-zero-day-patch.html 朝鲜黑客启用针对ATM的新恶意软件 https://it.slashdot.org/story/19/09/23/2235254/busy-north-korean-hackers-have-new-malware-to-target-atms?utm_source=dlvr.it&utm_medium=twitter 疑似对魔兽世界进行DDoS攻击的攻击者被捕 https://hotforsecurity.bitdefender.com/blog/world-of-warcrafts-suspected-ddos-attacker-has-been-arrested-21542.html 安全研究 Security Research Dtrack恶意家族分析 https://securelist.com/my-name-is-dtrack/93338/ MacOS和OSX安全漏洞论文集合 https://papers.put.as/macosx/macosx/ Websphere ND远程命令执行分析以及构造RpcServerDispatcher Payload(CVE-2019-4279) https://xz.aliyun.com/t/6394