[ Android ]  [PDF] We did the first and crazy-large-scale study on how Android apps use native code. Our NDSS'16 paper is online! http://cs.ucsb.edu/~yanick/publications/2016_ndss_native.pdf

[ Android ]  Keyboard or Keylogger?: a security analysis of third-party keyboards on #Android http://seclab.skku.edu/wp-content/uploads/2015/07/mka.pdf [PDF] https://t.co/ZVgPeDakUI

[ Android ]  Life after App Uninstallation: Are the Data Still Alive? Data Residue Attacks on #Android http://www.cis.syr.edu/~wedu/Research/paper/data_residue_ndss2016.pdf https://t.co/CsONww3KE5

[ Android ]  SlemBunk Part II: Prolonged Attack Chain and Better-Organized Campaign http://www.fireeye.com/blog/threat-research/2016/01/slembunk-part-two.html

[ Attack ]  Endpoint Exploitation Trends 2015 http://blogs.bromium.com/2016/01/14/endpoint-exploitation-trends-2015 https://t.co/gkLJAMO08k

[ Defend ]  What are the challenges and solutions of protecting sensitive #data? Find out: http://symc.ly/1UN0Zhr https://t.co/LybpDNUadX

[ Detect ]  A simple example of creating an event log entry upon detecting WMI lateral movement. https://gist.github.com/mattifestation/aff0cb8bf66c7f6ef44a This could be easily extended.

[ Detect ]  Automatically Evading Classifiers. A Case Study on PDF Malware Classifiers http://www.cs.virginia.edu/~evans/pubs/ndss2016/evademl.pdf [PDF] https://t.co/47klU9yxMT

[ Device ]  Ingenious ideas (II): Devil in a Box. Installing Backdoors in Electronic Door Locks http://seclab.skku.edu/wp-content/uploads/2015/07/Devil_PST2015_IEEE_express.pdf [PDF] https://t.co/XElbeq2ggo

[ Device ]  Cisco Patches Hardcoded Password, DoS Vulnerabilities in Software, Devices: https://threatpost.com/cisco-patches-hardcoded-password-dos-vulnerabilities-in-software-devices/115881/ via @ threatpost

[ iOS ]  #iOSREssence I've open sourced SMSNinja on GitHub https://github.com/iosre/SMSNinja, hoping someone can pick it up and bring it back

[ Linux ]  Here's an implementation of a SMM rootkit based on an idea by @ coreykal @ xenokovah et al.: http://bit.ly/1RNPBCK https://t.co/Yp0WOCkgwE

[ Malware ]  Flawed RANSOM_CRYPTEAR ransomware makes impossible the file recovery http://securityaffairs.co/wordpress/43585/cyber-crime/flawed-ransom_cryptear-ransomware.html

[ Malware ]  A Case of Too Much Information: Ransomware Code Shared Publicly for “Educational Purposes”, Used Maliciously Anyway http://blog.trendmicro.com/trendlabs-security-intelligence/a-case-of-too-much-information-ransomware-code-shared-publicly-for-educational-purposes-used-maliciously-anyway/

[ Malware ]  When URL Shorteners and Ransomware Collide http://blog.malwarebytes.org/security-threat/2016/01/when-url-shorteners-and-ransomware-collide/

[ Malware ]  Dridex Down Under: Raytheon | Websense® Security Labs™ has been tracking malicious email campaigns associated with… http://wb-sn.com/1Q0uETp

[ Malware ]  Newest Flash Player Exploit & Double Nuclear Exploit Kit Payload: Yesterday, we blogged about a malvertising… http://wb-sn.com/1Q0uH1o

[ Malware ]  Updated BlackEnergy Trojan Grows More Powerful https://blogs.mcafee.com/mcafee-labs/updated-blackenergy-trojan-grows-more-powerful/

[ Network ]  How email in transit can be intercepted using DNS hijacking - http://bit.ly/1W9uA68 #gmail #security #privacy #SSL

[ Others ]  For our Korean friends: Enumeration attacks on finding friends w/ phone numbrs. A case study http://seclab.skku.edu/wp-content/uploads/2013/05/Kakao_COSE_15.pdf https://t.co/SlFcc4Kj9W

[ Others ]  OpenSGX + TOR = https://github.com/sslab-gatech/opensgx/tree/master/Tor paper http://ina.kaist.ac.kr/~dongsuh/paper/kim-hotnets2015.pdf

[ Others ]  Not surprising that it works, but cute research: Video-Assisted Keystroke Inference from Tablet Backside Motion http://www2.hawaii.edu/~ruizhang/paper/sun-NDSS16.pdf

[ Others ]  On SMS logins: an example from Telegram in Iran. My latest blog post on why SMS logins are a bad idea: https://www.fredericjacobs.com/blog/2016/01/14/sms-login/

[ Others ]  Attacking HTTP/2 Implementations https://yahoo-security.tumblr.com/post/134549767190/attacking-http2-implementations

[ Others ]  #JustSayNo to “Whack a Mole.” Learn effective solutions to today’s targeted intrusions http://bddy.me/232o9qi https://t.co/wAEjHp1mc7

[ Pentest ]  Advanced Pentesting Techniques with Metasploit http://goo.gl/jKXAzY #Hacking #PenetrationTesting

[ Popular Software ]  uninitialized remote memory disclosure vulnerability in node. nice job, @ feross https://twitter.com/j4cob/status/687764484291600384

[ Popular Software ]  Manage Engine Applications Manager 12 Multiple Vulnerabilities https://cxsecurity.com/issue/WLB-2016010085

[ ReverseEngineering ]  Continuing this popular series with Part 5: How to use IDAPython to make your life easier http://bit.ly/1n1R7pN @ Unit42_Intel @ jgrunzweig

[ ReverseEngineering ]  #Course materials for #Malware #Analysis by RPISEC https://github.com/RPISEC/Malware

[ SecurityProduct ]  .@ enirx gives step-by-step instructions for using #AutoFocus API & #Postman for automation http://bit.ly/1PuEASa

[ ThirdParty ]  ffmpeg vuln: process malicious video file & exfiltrate local file contents. Affects servers & endpoints: http://permalink.gmane.org/gmane.comp.security.oss.general/18574

[ ThirdParty ]  Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778 https://www.qualys.com/2016/01/14/cve-2016-0777-cve-2016-0778/openssh-cve-2016-0777-cve-2016-0778.txt via @ revskills