[ Attack ]  #Unit42 finds #KRBanker targeting South Korea through adware and exploit kits http://bit.ly/1T1kscO

[ Browser ]  My selection of new Chromium and Firefox intents: https://github.com/simevidas/browser-intents/blob/master/README.md https://t.co/pdP9wBHOPD

[ Browser ]  Too lazy to use ROP in your Chrome IPC memory corruption sandbox escape? This is what you _could_ have used :-) https://bugs.chromium.org/p/chromium/issues/detail?id=564238

[ Conference ]  #HITB2016AMS Conference Agenda (PDF) - http://conference.hitb.org/hitbsecconf2016ams/wp-content/uploads/2014/06/HITB2016AMS-Conference-Agenda.pdf

[ Exploit ]  Modern Objective-C Exploitation Techniques : http://phrack.org/issues/69/9.html#article #Phrack

[ Forensics ]  Memory Forensics http://resources.infosecinstitute.com/memory-forensics/

[ iOS ]  One of the jailbreak tests can detect from within the sandbox via timing attack if someone patched kernel to allow task_for_pid0 in iOS 8

[ Mac OS X ]  Revisiting Mac OS X Kernel Rootkits : http://phrack.org/issues/69/7.html#article cc: @ osxreverser #Phrack

[ Malware ]  Android Banker Trojan preys on credit card information https://blog.avast.com/android-banker-trojan-preys-on-credit-card-information

[ Malware ]  An Introduction to AlphaLocker https://blog.cylance.com/an-introduction-to-alphalocker

[ Malware ]  Antihooking techniques used by Andromeda aim to defeat Cuckoo-like Sandboxes.Find out more! http://bit.ly/AntihookingTech https://t.co/jazpoRekfC

[ Malware ]  Gamarue, Nemucod, and JavaScript https://blogs.technet.microsoft.com/mmpc/2016/05/09/gamarue-nemucod-and-javascript/

[ Others ]  Twitter Turns Off Fire Hose For Intelligence Community https://threatpost.com/twitter-turns-off-fire-hose-for-intelligence-community/117935/

[ Others ]  excellent new research paper from ARM: End-to-End Verification of ARM Processors with ISA-Formal https://69cb7e9e-a-62cb3a1a-s-sites.googlegroups.com/site/alastairdreid/publications/cav2016_isa_formal.pdf?attachauth=ANoY7crDM18kSkqmprgGg0S-uKGMXJy9-p5Pjitf_LRGm7E755AuOF2dvuKm1pdr83a2dqxbHNL-wRIAOM-zfiiNRYC3CMZVjQ4Ebu5Mwq90DhqbY6QFQ7PoMqlNvjZdtI6EnBdCXFve7eXtiYUPpKrupnNuc3h0fSbtGFBF1S4JYvku5qJkO5dLWlkNKwB3avUBWJPdNwEwkEn5KTUjCizeB58r8Ela_mvP6qimwdFXx-hkSpCIGBPkxIVMQ-Q2pv8eugA_XY7w&attredirects=0

[ Others ]  Step by step guide for #VirtualBox Hardened (4.3.14+) VM detection mitigation configuring: http://www.kernelmode.info/forum/viewtopic.php?f=11&t=3478 by @ hFireF0X

[ Others ]  The hidden information behind 12,000 PoC Exploits shared online http://securityaffairs.co/wordpress/47150/hacking/poc-exploits-study.html

[ Pentest ]  @ bartblaze @ hasherezade nice! I found this to be a useful repo too: https://github.com/tennc/webshell

[ Popular Software ]  ASUS driver uses copypasta'd code from 1993 sample, enables RW access to physical memory. PoC available http://rol.im/asux/

[ Popular Software ]  [remote] - Ruby on Rails Development Web Console (v2) Code Execution https://www.exploit-db.com/exploits/39792/

[ ReverseEngineering ]  Panopticon - A libre, cross platform disassembler for reverse engineering https://panopticon.re/

[ Rootkit ]  How to hide a hook - A hypervisor for rootkits : http://phrack.org/issues/69/15.html#article #Phrack

[ SecurityProduct ]  Know the Truth: Signatures and Multi-AV Scanners https://blog.cylance.com/know-the-truth-signatures-and-multi-av-scanners

[ Tools ]  SPF (SpeedPhish Framework) – E-mail Phishing Toolkit http://www.darknet.org.uk/2016/05/spf-speedphish-framework-e-mail-phishing-toolkit/

[ Tools ]  optimizevm - Make Windows VMs Faster http://bit.ly/273qW4o — Shell OSS (oss_sh) May 5, 2016

[ Tools ]  List of IDA plugins: https://github.com/onethawt/idaplugins-list

[ Tools ]  Introduction to Fridump: Dumping memory from iOS, Android and other applications using Frida @ fridadotre http://pentestcorner.com/introduction-to-fridump/

[ Web Security ]  GoDaddy Addresses Blind XSS Vulnerability Affecting Online Support: https://threatpost.com/godaddy-addresses-blind-xss-vulnerability-affecting-online-support/117950/ via @ threatpost