漏洞 Vulnerability IBM安全公告：Eclipse OpenJ9 本地提权漏洞 https://www.ibm.com/blogs/psirt/ibm-security-bulletin-eclipse-openj9-could-allow-a-local-attacker-to-gain-elevated-privileges-on-the-system-and-multiple-binaries-in-ibm-sdk-java-technology-edition-on-the-aix-platform-use-insecure/ CVE-2019-1257：通过BDC反序列化在Microsoft SharePoint上执行代码 https://www.thezdi.com/blog/2019/9/18/cve-2019-1257-code-execution-on-microsoft-sharepoint-through-bdc-deserialization IBM安全公告：IBM Security QRadar Packet Capture容易受到拒绝服务攻击（CVE-2019-11477，CVE-2019-11478，CVE-2019-11479，CVE-2019-3896） https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-security-qradar-packet-capture-is-vulnerable-to-denial-of-service-cve-2019-11477-cve-2019-11478-cve-2019-11479-cve-2019-3896/ 安全预警 – 涉及部分华为CloudEngine产品的鉴权不当漏洞 https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20190918-01-authentication-cn 安全资讯 Security Information 信通院发布《中国网络安全产业白皮书 (2019年) 》 (附解读下载) https://www.secrss.com/articles/13770 黑客如何攻击美国F-35隐形战斗机？ https://www.secrss.com/articles/13735 为什么我们应该更加注意Linux威胁 https://www.intezer.com/blog-why-we-should-be-paying-more-attention-to-linux-threats/ 英国正积极应对网络战争时代 https://www.secrss.com/articles/13734 上海警方披露最新盗刷手法：手机被盗后，信用卡遭离奇盗刷 https://www.secrss.com/articles/13780 安全研究 Security Research 攻防最前线：恶意软件利用Captcha验证码藏身 https://www.secrss.com/articles/13714