[ Android ]  Android Security Report: 29 Percent of Active Devices Not Up To Patch Levels: https://threatpost.com/android-security-report-29-percent-of-active-devices-not-up-to-patch-levels/117511/ via @ threatpost

[ Android ]  Fun! Open sourced CVE-2015-1805 for some Android devices (mainly Sony) https://github.com/dosomder/iovyroot

[ Android ]  Booting Android: bootloaders, fastboot and boot images - http://www.slideshare.net/chrissimmonds/android-bootslides20

[ Attack ]  IBM warns a spike in the number of PHP C99 Webshell Attacks http://securityaffairs.co/wordpress/46449/hacking/c99-webshell-attacks.html

[ Attack ]  APT Targeting Tibetans Packs Four Vulnerabilities in One Compromise: https://threatpost.com/apt-targeting-tibetans-packs-four-vulnerabilities-in-one-compromise/117493/ via @ threatpost

[ Browser ]  Chrome XSS Bypass http://brutelogic.com.br/blog/chrome-xss-bypass/

[ Browser ]  Bypassing Browser Memory Protections : https://www.trailofbits.com/resources/bypassing_browser_memory_protections_vista_paper.pdf (pdf)

[ Challenges ]  My v8 exploit for #plaidctf's js_sandbox challenge: https://gist.github.com/sroettger/d077d3907999aaa0f89d11d956b438ea

[ Debug ]  New post from @ _samdb_ on WinDbg scripting with python and Windows heap tracing https://labs.mwrinfosecurity.com/blog/heap-tracing-with-windbg-and-python/ https://t.co/8pcxzepzJX

[ Exploit ]  I made a new SMEP bypass for DSE bypass lib, now it works fine from Hyper-V partition: https://github.com/Cr4sh/fwexpl/commit/a170ca27baf666dd7799b7c3f39a373119ec7f31 https://twitter.com/d_olex/status/696126803820175360

[ Hardware ]  X1 Carbon 4th gen has a hidden new feature: a case intrusion detection switch with BIOS hooks to clear TPM keys. https://t.co/KnH9b0ydfT

[ Industry News ]  FireEye extends Threat Analytics Platform capabilities to @ awscloud Lambda service http://bddy.me/1XGo5Z2 #cloudsecurity #infosec

[ iOS ]  Uploaded my iOS of Sauron: How iOS Tracks Everything You Do presentation from @ BSidesNOLA https://github.com/mac4n6/Presentations/blob/master/iOS%20of%20Sauron%20-%20How%20iOS%20Tracks%20Everything%20You%20Do/iOS_of_Sauron_04162016.pdf #mac4n6 #DFIR

[ Linux ]  Detecting the use of "curl | bash" server side : https://www.idontplaydarts.com/2016/04/detecting-curl-pipe-bash-server-side/

[ Malware ]  Drive-by Ransomware Infection in the Wild http://www.cyphort.com/drive-by-ransomware-infection-in-the-wild/

[ Malware ]  Let's Analyze: Dridex (Part 2) http://www.malwaretech.com/2016/04/lets-analyze-dridex-part-2.html

[ Malware ]  #Unit42 discovers #Python-based malware #PWOBot targeting European organizations http://bit.ly/1rdOaoi

[ Malware ]  Kovter Ad Fraud Trojan Evolves Into Ransomware | http://SecurityWeek.Com http://ow.ly/4mQAWj

[ Malware ]  Godzilla Loader | A tiny loader that uses the ATL control hosting API to download a payload http://www.kernelmode.info/forum/viewtopic.php?f=16&t=4327 #Malware #GodzillaLoader

[ Network ]  How To Prepare For A DDoS Attack: 10 Steps http://ow.ly/4mQ4ti

[ Network ]  I've released Assetnote for the bug bounty community to assist in the monitoring of passive DNS data - more here: https://github.com/infosec-au/assetnote

[ Network ]  How to trick traffic sensors - Securelist http://ow.ly/4mQATg

[ Obfuscation ]  Combining learning with fuzzing for software deobfuscation [PDF, masters thesis] http://repository.tudelft.nl/assets/uuid:6282cd05-6ae3-4f39-adc7-1a45efe1ccce/thesis-combining-learning-with-fuzzing-for-software-deobfuscation.pdf

[ Others ]  JavaScript-toting spam emails: What should you know and how to avoid them? https://blogs.technet.microsoft.com/mmpc/2016/04/18/javascript-toting-spam-emails-what-should-you-know-and-how-to-avoid-them/

[ Others ]  Hyper-V bugs details released -- https://bugs.chromium.org/p/project-zero/issues/detail?id=688 https://bugs.chromium.org/p/project-zero/issues/detail?id=689 https://bugs.chromium.org/p/project-zero/issues/detail?id=690

[ Others ]  Creating a JVM language (a series of 11 blogposts): http://jakubdziworski.github.io/categories.html#Enkel-ref

[ Others ]  Towards Vulnerability Discovery Using Staged Program Analysis http://arxiv.org/abs/1508.04627

[ Others ]  Fuzzing @ capstone_engine with LibFuzzer detected this issue in x86_64 affecting 3.0.4 https://github.com/aquynh/capstone/commit/6b88d1d51eadf7175a8f8a11b690684443b11359

[ Pentest ]  Recon-ng – Web Reconnaissance Framework http://www.darknet.org.uk/2016/04/recon-ng-web-reconnaissance-framework/

[ SecurityProduct ]  Escaping The Avast Sandbox Using A Single IOCTL CVE-2016-4025 https://www.nettitude.co.uk/escaping-avast-sandbox-using-single-ioctl-cve-2016-4025/

[ Tools ]  Multiple RCE in Veil-Evasion RPC https://blog.cylance.com/veil-evasion-vulnerability-discovered-by-cylance

[ Web Security ]  $5k for a bug that a scanner can easily find... https://hackerone.com/reports/122475

[ Windows ]  Proof Of Concept #PowerShell Server / JavaScript Reverse HTTP Shell https://gist.github.com/subTee/24c7d8e1ff0f5602092f58cbb3f7d302#file-jsrat-ps1 Rough Draft. Take it for a spin. Feedback?

[ Windows ]  Interesting: you can’t disable SMEP on Windows 10 with hyper-v because it protects CR4 register of root partition https://t.co/Gyfu5P2xsL