[ Attack ]  Really enjoyed reading this post: "Playing games with an attacker". Detailed and entertaining! http://blog.0x3a.com/post/141950176719/playing-games-with-an-attacker-how-i-messed-with via @ _remixed

[ Attack ]  Taiwan targeted with new cyberespionage back door Trojan | Symantec Connect Community http://ow.ly/104NDR

[ Attack ]  Two more healthcare networks caught up in outbreak of hospital ransomware http://arstechnica.com/security/2016/03/two-more-healthcare-networks-caught-up-in-outbreak-of-hospital-ransomware/ #ransomware

[ Attack ]  The Anatomy Of A Nation-State Hack Attack https://packetstormsecurity.com/news/view/26476/The-Anatomy-Of-A-Nation-State-Hack-Attack.html

[ Browser ]  Let's build a browser engine! (Part 1 - 7) : https://limpet.net/mbrubeck/2014/08/08/toy-layout-engine-1.html

[ Browser ]  You’ll be able to log into websites with your face in MS Edge and Windows 10. #Build2016

[ Browser ]  Safari Technology Preview — a new way to try features and fixes that are coming to Safari. https://webkit.org/blog/6017/introducing-safari-technology-preview/ https://t.co/m8JYUBQ9iK

[ Defend ]  Why doesn't traditional static endpoint #cyber protection work? Find out: http://bddy.me/1UC4VFN #endpoint https://t.co/Ie17Wr0SYG

[ Defend ]  How will banking enforce #cybersecurity in the future? Learn how strategy can help prepare: http://symc.ly/1MRqOc6 https://t.co/MA8T6LVTdU

[ Detect ]  How to Detect and Automatically Revoke Unintended IAM Access with Amazon CloudWatch Events http://blogs.aws.amazon.com/security/post/Tx2XGINRKCK9XNS/How-to-Detect-and-Automatically-Revoke-Unintended-IAM-Access-with-Amazon-CloudWa

[ Firmware ]  Intel Firmware Engine 2.0 has been released. New GUI, restore points & more. Available for download here: http://firmware.intel.com/learn/intel-firmware-engine/downloads #UEFI #IoT

[ Forensics ]  Generic RAID Reassembly using Block-Level Entropy https://www.insinuator.net/2016/03/generic-raid-reassembly-using-block-level-entropy/

[ Hardware ]  Let Me Get That Door for You: Remote Root Vulnerability in HID Door Controllers http://blog.trendmicro.com/let-get-door-remote-root-vulnerability-hid-door-controllers/

[ Hardware ]  1,400 vulnerabilities found in automated medical supply system https://www.helpnetsecurity.com/2016/03/30/1400-flaws-automated-medical-supply-system/

[ Linux ]  Recover from failed vdc cryptfs command https://blog.gentoo.moe/2016/03/recover-from-failed-vdc-cryptfs-command/ https://t.co/CKmo0RD7QO

[ Malware ]  Ransomware Update: Today’s Bountiful Cornucopia of Extortive Threats https://blog.cylance.com/ransomware-update-todays-bountiful-cornucopia-of-extortive-threats

[ Network ]  Root Servers Were Not Targets of 2015 DDoS Attack: https://threatpost.com/root-servers-were-not-targets-of-2015-ddos-attack/117082/ via @ threatpost

[ Network ]  The Trouble with Tor https://blog.cloudflare.com/the-trouble-with-tor/

[ Others ]  Need a primer on Incident Detection & Response? Learn about the key concepts in this blog: https://community.rapid7.com/community/insightidr/blog/2016/03/29/what-is-incident-detection-and-response by @ KatherineAHayes #IDR

[ Others ]  Bit-vector Support in Z3-str2 Solver and Automated Exploit Synthesis https://uwspace.uwaterloo.ca/bitstream/handle/10012/10022/Subramanian_Sanu.pdf?sequence=1

[ Others ]  Hack millions of devices with 0 skills! - Insecure VNC Servers around the world : http://hahasecurity.blogspot.in/2016/03/hack-millions-of-devices-with-0-skills.html

[ Pentest ]  reverse proxying attacker tools http://room362.com/post/2015/reverse-proxying-attacker-tools/

[ Pentest ]  Check out the hottest #NextGen #PenTesting #Recon #RedTeam tools! http://www.crowdstrike.com/blog/next-gen-penetration-testing-recon-red-team/ ...no wait, this blog is just nikto & sqlmap :|

[ Pentest ]  Burp Tips and Tricks for Non-Webapp Testing - Part 1: Interception and Proxy Listeners http://parsiya.net/blog/2016-03-27-burp-tips-and-tricks-for-non-webapp-testing---part-1-interception-and-proxy-listeners/

[ Pentest ]  Cause Everyone is Watchin PowerShell.exe... https://github.com/Cn33liz/p0wnedShell Some great PowerShell payloads executing Inside InstallUtil cc @ Cneelis

[ Popular Software ]  Some Old SAP Systems Have Default Kernel User Accounts https://packetstormsecurity.com/news/view/26478/Some-Old-SAP-Systems-Have-Default-Kernel-User-Accounts.html

[ Programming ]  The Little Go Book : Free introduction to Google's Go programming language : http://openmymind.net/assets/go/go.pdf (pdf)

[ SecurityProduct ]  When your AV uses a third-party library that comes with trivially exploitable RCE. https://bugs.chromium.org/p/project-zero/issues/detail?id=773

[ ThirdParty ]  CENSUS advisory on a Kamailio (SIP server) remote heap buffer overflow (CVE-2016-2385): https://census-labs.com/news/2016/03/30/kamailio-seas-heap-overflow/

[ Tools ]  Reverse Engineering Sublime Text’s Fuzzy Match : https://blog.forrestthewoods.com/reverse-engineering-sublime-text-s-fuzzy-match-4cffeed33fdb#.pz7af8uer

[ Web Security ]  XSSvectorMaker - Tool for making XSS vector under the specified conditions. https://int21h.jp/tools/XSSvectorMaker/

[ Web Security ]  DOMXSScat - DOM based XSS passive scanner add-on for Fiddler4. https://int21h.jp/tools/DOMXSScat/

[ Windows ]  Windows 10 now has support for Bash and the universe of open source command line tools. #Build2016 https://t.co/5KeBeVg0wU