[ Attack ]  Taiwan targeted with back door #Trojan disguised as antivirus company websites. Learn more: http://symc.ly/1XpoRta https://t.co/7LdD9HaR8V

[ Defend ]  Very cool talk & results. Similar approach (2009): https://www.ernw.de/wp-content/uploads/ERNW_Newsletter_29_Data_Leakage_Prevention_signed_en.pdf https://twitter.com/quine/status/719197831597268997

[ Detect ]  I've open-sourced all the code for what Summit Route originally was supposed to be (an end-point protection product) https://summitroute.com/blog/2016/04/10/SREPP_code_dump/

[ IoTDevice ]  Be careful Amazon is selling products infected with malware http://securityaffairs.co/wordpress/46170/malware/amazon-products-infected-with-malware.html

[ Linux ]  Professional Linux Kernel Architecture : http://www.lancaster.ac.uk/undergrad/stanev/References/Professional%20Linux%20Kernel%20Architecture.pdf (pdf | 8 Mb)

[ Linux ]  Spinlocks : Synchronization primitives in the Linux kernel (Part 1) : https://github.com/0xAX/linux-insides/blob/master/SyncPrim/sync-1.md cc: @ 0xAX //linux-insides* series cont'd

[ Linux ]  vmware + (linux < 4.0) = root? https://lkml.org/lkml/2016/4/5/480. I don't know the root cause but it runs with a user-space pointer...

[ Malware ]  Permanent PAGE_GUARD flag to prevent in-memory analysis https://securityintelligence.com/unraveling-zeus-maples-stealth-loader/

[ Malware ]  Camouflage in Malware : from Encryption to Metamorphism : http://ijcsns.org/07_book/201208/20120813.pdf (pdf) #back2back

[ MalwareAnalysis ]  Slides of our talk about Dynamic Binary Analysis and Obfuscated Codes at @ sth4ck 2016 http://triton.quarkslab.com/files/sthack2016-rthomas-jsalwan.pdf

[ MalwareAnalysis ]  Reverse Engineering by Crayon: Game Changing Hypervisor Based Malware Analysis and Visualization : http://www.blackhat.com/presentations/bh-usa-09/QUIST/BHUSA09-Quist-RevEngCrayon-SLIDES.pdf (Slides) #bhusa09

[ Others ]  Our slides (me + @ aloria) from #bhasia are up at https://speakerdeck.com/quine/the-kitchens-finally-burned-down-dlp-security-bakeoff

[ Others ]  Another month, another CPU bug that lets VMs attack their hosts https://lists.debian.org/debian-security/2016/03/msg00084.html https://twitter.com/danluu/status/686241276472082432

[ ReverseEngineering ]  Reverse Engineering Malware (Part 1) : https://www.exploit-db.com/docs/18810.pdf (pdf)

[ Tools ]  OnionScan has now been released: https://github.com/s-rah/onionscan - Start Fixing & Happy Hacking. https://t.co/mRAjMr1VL9

[ Web Security ]  Blogged! / Abusing docmode inheritance: EasyXDM 2.4.19 DOMXSS http://mksben.l0.cm/2016/04/easyxdm-xss-docmode-inheritance.html (English) http://masatokinugawa.l0.cm/2016/04/easyxdm-xss-docmode-inheritance.html (日本語)

[ Web Security ]  My slides on "Web security" from last Ruxmon: https://s3.amazonaws.com/pentesterlab-others/web_security.pdf

[ Web Security ]  and, likewise, Web NFC! https://w3c.github.io/web-nfc/

[ Windows ]  Windows 10 RS1 build 14316 fixed IIS based uac bypass. Only legit InetMgr.exe allowed to run&amp;autoelevate from inetsrv directory now.

[ Windows ]  New syscalls of Windows10 RS1 14316 -> https://raw.githubusercontent.com/hfiref0x/SyscallTables/master/Binary/syscalls.txt RegistryTransaction object and corresponding API set.

[ WirelessSecurity ]  Reverse engineering a Digital Two way Radio : https://www.youtube.com/watch?v=cE4f6JaBfSI cc: @ travisgoodspeed