[ Android ]  Exploiting Android S-Boot: Getting Arbitrary Code Execution in the Samsung Bootloader (part 1) http://hexdetective.blogspot.com/2017/02/exploiting-android-s-boot-getting.html

[ IoTDevice ]  MMD-0062-207 | Credential Harvesting by SSH Direct TCP Forward Attack via IoT Botnet http://blog.malwaremustdie.org/2017/02/mmd-0062-2017-ssh-direct-tcp-forward-attack.html

[ macOS ]  Two new Mac backdoors discovered https://blog.malwarebytes.com/cybercrime/2017/03/two-new-mac-backdoors-discovered/

[ MalwareAnalysis ]  A technical analysis of a recent Gootkit upgrade, researched by Gadi O. https://securityintelligence.com/gootkit-developers-dress-it-up-with-web-traffic-proxy/

[ MalwareAnalysis ]  Discover how the Spora ransomware infects ‘offline’—without talking to the control server: http://intel.ly/2mDeHcM https://t.co/0B0KZNd8Z0

[ Others ]  Offensive Tools and Techniques http://countuponsecurity.com/2017/02/26/offensive-tools-and-techniques https://t.co/wdO1ViSHqf

[ Pentest ]  RSA Asymmetric Polymorphic Shellcode : https://www.exploit-db.com/docs/41469.pdf (pdf)

[ Popular Software ]  Million-plus @ WordPress sites exposed by vulnerable plugin - http://bit.ly/2lWmfrp

[ SecurityReport ]  Mobile Malware Evolution in 2016 #GooglePlay #Ransomware #Banking #Trojans https://securelist.com/analysis/kaspersky-security-bulletin/77681/mobile-malware-evolution-2016/ https://t.co/sOqVkZYKHS

[ Tools ]  Achievement unlocked. My Dirbuster smarter replacement tool is now in the Burp Suite Store! CC: @Burp_Suite… https://t.co/onHyfgwPae

[ Tools ]  A modern, browser-based frontend to gdb (gnu debugger). https://github.com/cs01/gdbgui/

[ Tools ]  httplab : An interactive web server : https://github.com/gchaincl/httplab , Demo : https://asciinema.org/a/c613qjyikodunp72ox54irn2j

[ Tools ]  HiBeaver is an android plugin for modifying your library jars byte code. https://github.com/BryanSharp/hibeaver

[ Tools ]  My Sysmon Threat Intelligence Dashboard for Graylog Available for Download: https://github.com/ion-storm/sysmon-config https://t.co/KfJUX9zTn3

[ Vulnerability ]  Breaking Google’s ReCaptcha v2 : https://east-ee.com/2017/02/28/rebreakcaptcha-breaking-googles-recaptcha-v2-using-google/ ,Github : https://github.com/eastee/rebreakcaptcha

[ Vulnerability ]  VBulletin Issue Leaks Almost a Million Accounts From Various Forums http://bestsecuritysearch.com/vbulletin-issue-leaks-almost-a-million-accounts-from-various-forums/

[ Vulnerability ]  [Technical Advisory] @ rapid7’s Nexpose Hard‐coded Java Key Store Passphrase Allows Decryption of Stored Credentials https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/march/technical-advisory-nexpose-hardcoded-java-key-store-passphrase-allows-decryption-of-stored-credentials/?Year=2017

[ Vulnerability ]  RCE, Auth bypass etc in Veritas / Symantec NetBackup 6.x, 7.x, 8.x: http://seclists.org/fulldisclosure/2017/Feb/101 #attackercommunity

[ Web Security ]  Hacking Slack using postMessage and WebSocket-reconnect to steal your precious token : https://labs.detectify.com/2017/02/28/hacking-slack-using-postmessage-and-websocket-reconnect-to-steal-your-precious-token/ cc… https://twitter.com/i/web/status/836779481532616704

[ Windows ]  Curated list of Security Hardening techniques for Windows. https://github.com/PaulSec/awesome-windows-domain-hardening