[ Android ]  China backdoored your Android phone http://phwned.com/ (Grandstream Android phones don't escape shell metachars leading to RCE as root)

[ Android ]  Security updates in Android N https://firmwaresecurity.com/2016/05/21/security-updates-in-android-n/ via @ wordpressdotcom

[ Attack ]  Leaked data results in 1.4B Yen stolen from ATMs: http://bit.ly/1WNwaOb #cybersecurity

[ Attack ]  High-Profile Cyber Theft Against Banks Targeted SWIFT Systems http://blog.trendmicro.com/trendlabs-security-intelligence/high-profiled-cyber-theft-against-banks-targeted-swift-systems/

[ Attack ]  VASCO’s Mobile Banking Security eBook https://www.grahamcluley.com/2016/05/vasco-feed-sponsor-5/

[ Attack ]  Turning Criminal Forum Exploit Chatter Into Vulnerability Risk Analysis https://www.recordedfuture.com/vulnerability-risk-analysis/

[ Attack ]  2.5k Twitter Accounts Hacked To Spread Links To Adult Content https://packetstormsecurity.com/news/view/26657/2.5k-Twitter-Accounts-Hacked-To-Spread-Links-To-Adult-Content.html

[ Attack ]  Two new #APT groups among a half-dozen using CVE-2015-2545 in targeted attacks. https://threatpost.com/apt-groups-finding-success-with-patched-microsoft-flaw/118298/ via @ threatpost

[ Attack ]  Am I in a VM? – The tale of a targeted Phish http://labs.bromium.com/2016/05/25/am-i-in-a-vm-the-tale-of-a-targeted-phish

[ Browser ]  ZDI-16-355: Microsoft Edge JavaScript unshift Method Uninitialized Memory Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-16-355/

[ Challenges ]  #defconctf UAF exploit writeup, by my teammate 0xabe http://duksctf.github.io/DCquals2016-heapfun4u/

[ Detect ]  ROPDetect: Detection of Code Reuse Attacks http://cs229.stanford.edu/proj2015/237_report.pdf

[ Exploit ]  Researcher Herbert Bos presents exploit in Win10, 8.1 & Linux without using software vulnerabilities! http://www.cs.vu.nl/~kaveh/pubs/pdf/dedup-sp16.pdf @ mikko @ WIRED

[ Firmware ]  How to lock the samsung download mode using an undocumented feature of aboot @ ge0n0sis https://ge0n0sis.github.io/posts/2016/05/how-to-lock-the-samsung-download-mode-using-an-undocumented-feature-of-aboot/

[ Hardware ]  Pwning Windows 7 & AVG with USB Rubber Ducky https://www.informationsecurity.ws/2016/01/pwning-windows-7-with-avg-av/

[ Hardware ]  Sniffing Data from an Implanted Heart Defibrillator http://www.rtl-sdr.com/sniffing-data-from-an-implanted-heart-defibrillator/

[ iOS ]  New Presentation - iOS Location Forensics http://www.mac4n6.com/blog/2016/5/25/new-presentation-ios-location-forensics #DFIR #mac4n6

[ Linux ]  oh : A surprisingly powerful Unix shell : https://github.com/michaelmacinnis/oh https://t.co/d7C37f2ImB

[ Linux ]  Linux x86_64 Information Stealer Shellcode : https://www.exploit-db.com/exploits/39847/

[ Others ]  OWASP TOP 10: Insecure Direct Object Reference (#4) https://blog.detectify.com/2016/05/25/owasp-top-10-insecure-direct-object-reference-4/

[ Others ]  LAVA : Large-scale Automated Vulnerability Addition : http://www.ieee-security.org/TC/SP2016/papers/0824a110.pdf (pdf)

[ Others ]  WPAD Name Collision Vulnerability - From US-CERT/Verisign http://www.verisign.com/en_US/internet-technology-news/cert-alert/index.xhtml?loc=en_US&dmn=certalert

[ Others ]  Remote DLLGuest - Execute .NET/COM Binary From URL ;-) https://gist.github.com/subTee/d01abb15f58eef05873f2d67398ff5e8#file-remotedllguest-cs-L22 Chg "Codebase from file:/// -. http(s)://server/dllguest.dll

[ Pentest ]  [Blog] Practical use of JavaScript and COM Scriptlets for Penetration Testing. #Nishang #PowerShell http://www.labofapenetrationtester.com/2016/05/practical-use-of-javascript-and-com-for-pentesting.html

[ Popular Software ]  ZDI-16-357: Apache ActiveMQ MOVE Method Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-16-357/

[ Popular Software ]  ZDI-16-354: (0Day) ActivePDF Toolkit ImageToPDF IAT Overwrite Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-16-354/

[ Popular Software ]  Integer Overflow in php_html_entities(): https://bugs.php.net/bug.php?id=72135

[ ReverseEngineering ]  Reversing C++ (Part. 2) – Switch Statement : http://www.cybersmash.io/reversing-c-pt-2-switch-statement/ , Function Overloading and Function Templates : http://www.cybersmash.io/reversing-c-pt-1-function-overloading-and-function-templates/

[ Tools ]  Export a Command Line cURL Command to an Executable : http://austingwalters.com/export-a-command-line-curl-command-to-an-executable/

[ Tools ]  XSSHunter a new platform for pentesting http://i-programmer.info/news/149-security/9764-xss-hunter-for-pentesting-.html

[ Virtualization ]  [BLOG] Xen exploitation part 1: XSA-105, from nobody to root http://blog.quarkslab.com/xen-exploitation-part-1-xsa-105-from-nobody-to-root.html

[ Vulnerability ]  Microsoft Office Component FSupportSAEXTChar() Use After Free Remote Code Execution - MS16-054 / CVE-2016-0140 https://gist.github.com/sourceincite/985fd1476b7e1623cdbf7e22f3cc42e8

[ Windows ]  DLL Search Order Mechanism https://countuponsecurity.com/2016/05/24/digital-forensics-dll-search-order/ #DFIR #malware

[ Windows ]  [New Post] Userland Persistence with Scheduled Tasks and COM Handler Hijacking: https://enigma0x3.net/2016/05/25/userland-persistence-with-scheduled-tasks-and-com-handler-hijacking/