[ Attack ]  APT Campaign against Ukranian Separatists http://www.welivesecurity.com/wp-content/uploads/2016/05/Operation-Groundbait.pdf

[ Attack ]  Indian organizations targeted in Suckfly attacks http://www.symantec.com/connect/ko/blogs/indian-organizations-targeted-suckfly-attacks

[ Attack ]  Bank Hack – How to steal $25 Billion with a few lines of code http://securityaffairs.co/wordpress/47420/security/25-billion-bank-hack.html

[ Attack ]  A cybercriminal puts the email addresses and passwords of 117M LinkedIn users up for sale http://bit.ly/1YCvWHx

[ Cloud ]  We share how different application settings within #Azure can be used to increase security of the web app: http://intel.ly/1Tfn5NC

[ Detect ]  Introducing Falco: open source, behavioral security from Sysdig http://www.sysdig.org/falco/

[ Forensics ]  All your BLOBs are belong to us. http://goo.gl/x02NnF interests forensics source in the OSX QuickLook DB

[ Fuzzing ]  ProtoFuzz is a generic fuzzer for Google’s Protobuf, now available on Github http://blog.trailofbits.com/2016/05/18/protofuzz-a-protobuf-fuzzer

[ Linux ]  Analysis of CVE-2016-1887, sendmsg FreeBSD kernel heap overflow : http://cturt.github.io/sendmsg.html

[ Linux ]  Analysis of CVE-2016-1886, SETFKEY FreeBSD kernel vulnerability: http://cturt.github.io/SETFKEY.html

[ Malware ]  #Ransomware spikes in March, steadily increasing in 2016 http://bddy.me/27zD3q9 #cyber https://t.co/PI5DgR2lOO

[ Malware ]  ATM infector https://securelist.com/blog/research/74772/atm-infector/

[ Malware ]  Malicious macro using a sneaky new trick https://blogs.technet.microsoft.com/mmpc/2016/05/17/malicious-macro-using-a-sneaky-new-trick/

[ Malware ]  Research team uncovered malware operation the world’s largest attack infrastructures. malware-as-a-service (MaaS) http://www.infosecurity-magazine.com/news/enormous-malware-as-a-service

[ Malware ]  TeslaCrypt shuts down and Releases Master Decryption Key! http://www.bleepingcomputer.com/news/security/teslacrypt-shuts-down-and-releases-master-decryption-key/ #DFIR #teslacrypt #ransomeware https://t.co/VHmgSJbby3

[ MalwareAnalysis ]  New blog post about what kind of semantics information Triton can provide. http://triton.quarkslab.com/blog/What-kind-of-semantics-information-Triton-can-provide/ cc @ quarkslab

[ Others ]  Intel FSP v2.0 specification published at http://www.intel.com/fsp or direct link http://www.intel.com/content/dam/www/public/us/en/documents/technical-specifications/fsp-architecture-spec-v2.pdf #IntelFSP @ vincentzimmer

[ Others ]  Running python & django on NanoServer. https://blogs.technet.microsoft.com/nanoserver/2016/05/17/python-django-on-nano-server/ https://t.co/HgDorRbeZf

[ Pentest ]  An interesting root to domain admin- iSCSI https://www.pentestpartners.com/blog/an-interesting-route-to-domain-admin-iscsi/

[ Popular Software ]  Unfixed XSS vuln in "Marked", an npm package with over 1.5M downloads a month https://snyk.io/blog/marked-xss-vulnerability/

[ Programming ]  Understanding the x64 code models http://eli.thegreenplace.net/2012/01/03/understanding-the-x64-code-models

[ ReverseEngineering ]  Reverse Engineering a fitness tracker to control a drone on a NASA hackathon : https://medium.com/@ dimitrovskif/how-a-team-of-high-schoolers-reverse-engineered-a-fitness-trackers-to-control-a-drone-on-a-nasa-d8aad8532dde#.g2z66aykt https://t.co/qYNMrcN8Tb

[ Web Security ]  AntiviruXSS : How We XSSed 8/9 Top AV Vendors : http://brutelogic.com.br/docs/antiviruxss.pdf (pdf) cc: @ brutelogic || @ strukt93

[ Web Security ]  Blogged! / XSS Auditor bypass using Flash and base tag http://masatokinugawa.l0.cm/2016/05/xss8.html (日本語) http://mksben.l0.cm/2016/05/xssauditor-bypass-flash-basetag.html (English)

[ Windows ]  Internals of Windows Memory Management (not only) for Malware Analysis : https://ub-madoc.bib.uni-mannheim.de/3148/1/InternalsOfWindowsMemoryMangement2.pdf (pdf)

[ Windows ]  Poor man's security analytics using Ansible, Bash, and Powershell https://morris.guru/poor-mans-windows-infrastructure-metrics-w-ansible-bash/