恶意软件 Malware 新的USB 闪存恶意软件: Threats Decoded https://www.ehackingnews.com/2019/12/alert-usb-flash-drive-malware-threats.html 未知 Unknown NextVPN v4.10 – 本地文件权限错误漏洞 https://www.exploit-db.com/exploits/47831 IBM Java SDK中的多个漏洞 https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-security-privileged-identity-manager/ RICOH 在线图床 1.09 – HTML 注入漏洞 https://www.exploit-db.com/exploits/47827 MyDomoAtHome REST API Gateway 0.2.40 – 信息泄漏漏洞 https://www.exploit-db.com/exploits/47824 安全研究 Security Research UAC 绕过解析 https://amonitoring.ru/article/uac_bypass_english/ Python 教程 – 认识恶意加密软件 https://0x00sec.org/t/python-tutorial-ransomware-malware-edition-hacking-info-sec/18376/1 渗透技巧——使用远程桌面协议建立通道 https://3gstudent.github.io/3gstudent.github.io/%E6%B8%97%E9%80%8F%E6%8A%80%E5%B7%A7-%E4%BD%BF%E7%94%A8%E8%BF%9C%E7%A8%8B%E6%A1%8C%E9%9D%A2%E5%8D%8F%E8%AE%AE%E5%BB%BA%E7%AB%8B%E9%80%9A%E9%81%93/ PHP反序列化漏洞入门 https://www.freebuf.com/articles/web/221213.html Django重置密码漏洞（CVE-2019-19844）复现和分析 https://www.anquanke.com/post/id/196044 安全事件 Security Incident Microsoft 部分域名被用于网络攻击活动 https://www.hackread.com/microsoft-pwns-domains-hackers-cyber-attacks/ 安全资讯 Security Information Smart TVs 存在的隐私安全隐患 https://www.hackread.com/smart-tvs-make-screenshots-every-second/