[ Android ]  The largest malicious campaign on Google Play: Trojan porn clicker http://www.welivesecurity.com/2016/02/24/porn-clicker-trojans-google-play-analysis/ #Android #Malware https://t.co/uWIhb58vme

[ Android ]  Improving dynamic analysis coverage in Android with DroidBot | The Honeynet Project https://honeynet.org/node/1317

[ Attack ]  Operation Dust Storm : https://www.cylance.com/hubfs/2015_cylance_website/assets/operation-dust-storm/Op_Dust_Storm_Report.pdf?t=1456259131512 (pdf) #backdoor

[ Attack ]  Behind the Malware – Botnet Analysis https://blog.sucuri.net/2016/02/behind-the-malware-botnet-analysis.html

[ Attack ]  Operation Blockbuster revealed: A glimpse at the spider web of the Lazarus Group APT campaigns https://securelist.com/blog/incidents/73914/operation-blockbuster-revealed/

[ Backdoor ]  Backdooring Binary Objects : http://phrack.org/issues/56/9.html #b2b #Phrack

[ Crypto ]  How to perform SSL striping. https://avicoder.me/2016/02/22/SSLstrip-for-newbies/

[ Defend ]  Suhosin for PHP7 progress: transparent cookie encryption, some input filtering and disable display_errors #suhosin7 https://github.com/sektioneins/suhosin7

[ Detect ]  Detecting Advanced Threats with Sysmon, WEF and ElasticSearch http://joshuadlewis.blogspot.com/2014/10/advanced-threat-detection-with-sysmon_74.html

[ Firmware ]  New blog post: Exploiting SMM callout vulnerabilities in Lenovo firmware http://blog.cr4.sh/2016/02/exploiting-smm-callout-vulnerabilities.html Sources: http://github.com/Cr4sh/fwexpl

[ Hardware ]  Ghost in the Machine: “MouseJack” Wireless Mouse and Keyboard Injection Vulnerability http://www.tenable.com/blog/ghost-in-the-machine-mousejack-wireless-mouse-and-keyboard-injection-vulnerability #infosec

[ Hardware ]  Introduction to Microcontrollers (Part 1 - 14) : http://www.embeddedrelated.com/showarticle/453.php

[ Hardware ]  Controlling vehicle features of Nissan LEAFs across the globe via vulnerable APIs : http://www.troyhunt.com/2016/02/controlling-vehicle-features-of-nissan.html

[ Hardware ]  Practical Attacks Against Privacy and Availability in 4G/LTE Mobile Communication Systems https://www.internetsociety.org/sites/default/files/blogs-media/practical-attacks-against-privacy-availability-4g-lte-mobile-communication-systems.pdf https://t.co/VczdmzAeWZ

[ Industry News ]  #XamarinJoinsMicrosoft to delight developers everywhere: http://xmn.io/21rpOUp https://t.co/EkQpDCJAmd

[ iOS ]  Open List of Requested iOS Security Improvements http://www.zdziarski.com/blog/?p=5741

[ Linux ]  50 Shades of System Calls https://sysdig.com/50-shades-of-system-calls/ https://t.co/8cKgn9oCKo

[ Linux ]  My presentation slides from today's @ sectalks_MEL are up! "Escape from SHELLcatraz" available here: https://speakerdeck.com/knaps/escape-from-shellcatraz-breaking-out-of-restricted-unix-shells #infosec #unix

[ Linux ]  Linux 64-bit io_submit L2TP sendmsg integer overflow: https://code.google.com/p/google-security-research/issues/detail?id=735

[ MalwareAnalysis ]  A new blog investigates Nivdort, a #Trojan that downloads dangerous #malware. See how it works: https://blogs.mcafee.com/mcafee-labs/nivdort-data-stealing-trojan-arrives-via-spam/?utm_source=twitter&utm_campaign=Labs

[ MalwareAnalysis ]  Analyzis of a Malicious .lnk File with an Embedded Payload, (Wed, Feb 24th) https://isc.sans.edu/diary.html?storyid=20763&rss

[ Others ]  CESG white paper about Quantum Key Distribution is available on our website: https://www.cesg.gov.uk/content/files/protected_files/guidance_files/Quantum%20Key%20Distrubution%20-%20CESG%20White%20Paper.pdf #CESGguidance

[ Others ]  In-depth analysis & reversing of Locky malware. Word payload, AV evasion & OSINT on the C&Cs https://www.sensepost.com/blog/2016/understanding-locky/ by @ v1ad_o & @ dcuthbert

[ Others ]  Windows Mobile Application Security Testing - Part 4 http://anandsecurity.blogspot.com.tr/2016/02/windows-mobile-application-security_24.html by @ anandtiwarics

[ Others ]  LPC13xx Bootloader Analysis https://domenpk.github.io/lpc13xx_boot_analysis/

[ Pentest ]  Directory Traversal, File Inclusion, and The Proc File System https://blog.netspi.com/directory-traversal-file-inclusion-proc-file-system/

[ Popular Software ]  Available for download: @ NCCsecurityUS’s Public Report of the Ricochet Security Assessment funded by @ OpenTechFund http://bit.ly/1QelYKE

[ Popular Software ]  New report: "Baidu’s and Don’ts: #Privacy and Security Issues in #Baidu Browser" https://citizenlab.org/2016/02/privacy-security-issues-baidu-browser/

[ Sandbox ]  EMET has a global variable to on/off protections: https://www.fireeye.com/blog/threat-research/2016/02/using_emet_to_disabl.html. Flash Player has it for its sandbox also: http://reversingonwindows.blogspot.sg/2012/10/flash-player-enables-sandbox-via-global.html

[ Tools ]  [Press Release] Rapid7 releases disruptive new security incident detection and response solution, InsightIDR: http://www.rapid7.com/company/news/press-releases/2016/rapid7-launches-new-security-incident-detection-and-response-solution.jsp

[ Tools ]  bettercap v1.4.4 released! https://www.bettercap.org/changelog/ https://t.co/2FshO1Uqef

[ Tools ]  x86 Emulator running Windows 98 in the browser (also try Archlinux, Kolibri, OpenBSD) : http://copy.sh/v86/

[ Tools ]  Cash : a cross-platform implementation of Unix shell commands in JavaScript : https://github.com/dthree/cash/ https://t.co/L2OS5M7YKx

[ Windows ]  Defenders, new logging in Win10 to help detect credential dumping and enumeration. #mimikatz https://technet.microsoft.com/en-us/library/mt431757(v=vs.85).aspx#BKMK_LSASS https://t.co/GO1qyrVawX

[ WirelessSecurity ]  When Whales Fly – Building a Wireless Pentest Environment using Docker http://foxglovesecurity.com/2016/02/24/when-whales-fly-building-a-wireless-pentest-environment-using-docker/

[ WirelessSecurity ]  MouseJack : Injecting Keystrokes into Wireless mouse : https://github.com/RFStorm/mousejack/blob/master/doc/pdf/MouseJack-whitepaper-v1.1.pdf (pdf)