[ Android ]  Suhide updated to bypass SafetyNet update - http://forum.xda-developers.com/showpost.php?p=69021494&postcount=1592 https://t.co/vv8wEvo9Sl

[ Android ]  Qark - Android app (apk) static code analyzer. via @ sempf https://github.com/linkedin/qark

[ Attack ]  Atlassian HipChat Secret Key Disclosure https://cxsecurity.com/issue/WLB-2016100066

[ Attack ]  Be #CyberAware! The top targeted #malware families in EMEA are Runback, DarkHotel & SCANBOX https://www2.fireeye.com/ATR-Cyberaware-EMEA_SM.html?utm_source=TWC&utm_campaign=cyberaware https://t.co/8j7g9qzHYh

[ Browser ]  Blogged! XSS小ネタです。 / XSS via Referrer After Anniversary Update http://masatokinugawa.l0.cm/2016/10/referrer-xss-win10.html (日本語) http://mksben.l0.cm/2016/10/xss-via-referrer.html (English)

[ IoTDevice ]  Slides of my presentation at #VB2016 are available: https://www.virusbulletin.com/uploads/pdf/conference_slides/2016/Apvrille-vb-2016-mobileiot.pdf #IoT #smartwatch #toothbrush enjoy!

[ Linux ]  Here are the slides from my #linuxcon eu talk on Linux Kernel Security - http://namei.org/presentations/linux_kernel_security_linuxconeu2016.pdf

[ MachineLearning ]  Graph-powered Machine Learning at Google https://research.googleblog.com/2016/10/graph-powered-machine-learning-at-google.html

[ macOS ]  Slides from my @virusbtn talk "Getting Duped: Piggybacking on Webcam Streams for Surreptitious Recordings" https://t.co/W21ihApPgi #VB2016

[ Malware ]  Slides from my presentation at #VB2016 - "Challenges and approaches of cracking #ransomware": https://drive.google.com/file/d/0Bzb5kQFOXkiSODBsZENxYmJ5WWs/view //cc @ virusbtn

[ Malware ]  Web-Based Keylogger Used to Steal Credit Card Data from Popular Sites https://threatpost.com/web-based-keylogger-used-to-steal-credit-card-data-from-popular-sites/121141/

[ Others ]  Building a mini assembler with JavaScript : http://embeddednodejs.com/compiler/

[ Others ]  New post is out: The story of EV-SSL, AWS and trailing dot domains https://labs.detectify.com/2016/10/05/the-story-of-ev-ssl-aws-and-trailing-dot-domains/

[ Others ]  Our #vb2016 slides (including demo videos) are now available at https://www.virusbulletin.com/uploads/pdf/conference_slides/2016/Ancel_Talbi-vb-2016-debug-with-haka.pdf cc @ benkow_

[ Others ]  Quite interesting preso (and probably #VB2016 talk) on Nymaim malware: https://lokalhost.pl/talks/vb2016/ https://t.co/IXwFXsNFyx

[ ReverseEngineering ]  bypassing the (not so) Secure Boot to dump the BootROM (Amlogic S905 SoC) : http://www.fredericb.info/2016/10/amlogic-s905-soc-bypassing-not-so.html

[ SCADA ]  Industrial Control Systems 2016 Report: Connected and Vulnerable http://blog.ptsecurity.com/2016/10/industrial-control-systems-2016-report.html

[ Tools ]  Grab the code for PEAS on Github to access internal file shares via Exchange ActiveSync! https://github.com/mwrlabs/peas

[ Tools ]  an IDAPython script to take screenshots of [large] IDA graphs in full resolution https://github.com/tmr232/GraphGrabber by @ tmr232

[ Windows ]  New post is up: https://www.proofpoint.com/us/threat-insight/post/windows-troubleshooting-platform-leveraged-deliver-malware Windows Troubleshooting Platform used to deliver LatentBot. https://t.co/VZZe9TZOaD

[ WirelessSecurity ]  Snagging Active Directory credentials over WiFi (Part 1) : https://zone13.io/post/Snagging-credentials-over-WiFi-Part1/