[ Browser ]  I wrote some more stuff on PartitionAlloc http://struct.github.io/partition_alloc.html - Next is adding delayed frees. Not enough time in the day...

[ Linux ]  My PoC for FreeBSD-SA-16:01.sctp/CVE-2016-1879 #ICMPv6 #SCTP DOS: https://gist.github.com/takeshixx/5bdd15e3d450c1e29b06 https://www.freebsd.org/security/advisories/FreeBSD-SA-16:01.sctp.asc #FreeBSD #IPv6

[ Mac OS X ]  Reversing Apple’s syslogd bug : https://reverse.put.as/2016/01/22/reversing-apples-syslogd-bug/ cc: @ osxreverser

[ Others ]  pretty happy that @ brave on iOS will be the first iOS browser to implement @ HTTPSEverywhere. https://github.com/brave/browser-ios/commit/bf6e064d4d52782a8d4f144f59f0184b503d6e58

[ SecurityProduct ]  The SSH backdoor found in Fortinet's FortiOS now being discovered in other products: http://arstechnica.com/security/2016/01/secret-ssh-backdoor-in-fortinet-hardware-found-in-more-products/

[ Web Security ]  Covert Timing Channels based on HTTP Cache Headers : http://www.slideshare.net/dnkolegov/wh102014 (Slides*)

[ Windows ]  tracking down a hang from user mode to kernel and finding a NIC driver bug - http://blogs.msdn.com/b/ntdebugging/archive/2016/01/22/virtual-machine-managment-hangs-on-windows-server-2012-r2-hyper-v-host.aspx

[ Windows ]  New #Windows10 security baseline guidance from #Microsoft, including GPOs and ADMX templates: http://blogs.technet.com/b/secguide/archive/2016/01/22/security-baseline-for-windows-10-v1511-quot-threshold-2-quot-final.aspx

[ Windows ]  Execute a .NET Assembly from the Windows Event Log. [Blog Post] You Can Run And You Can Hide http://subt0x10.blogspot.com/2016/01/you-can-run-and-you-can-hide.html Feedback Welcome.