[ Android ]  Our root team's observation of Android kernel defense: http://keenlab.tencent.com/en/2016/06/01/Emerging-Defense-in-Android-Kernel/ @ idl3r @ returnsme @ NWMonster

[ Android ]  Android安全开发之Provider组件安全 - http://jaq.alibaba.com/community/art/show?spm=a313e.7916646.24000001.1.JVyUd2&articleid=352

[ Android ]  安卓动态调试七种武器之长生剑 - Smali Instrumentation http://jaq.alibaba.com/community/art/show?articleid=339

[ Android ]  移动平台千王之王大揭秘 - http://blogs.360.cn/360mobile/2016/06/02/gamble_ecosystem_on_mobile/

[ Android ]  MopEye is a per-app network perf monitor for Android based on VpnService: https://play.google.com/store/apps/details?id=com.mopeye Short paper: https://daoyuan14.github.io/papers/CoNEXT15_Poster_MopEye.pdf

[ Attack ]  #IRONGATE ICS-focused #malware: masking malicious activity on SCADA systems http://bddy.me/1sOIjpF

[ Attack ]  Get your guide of #zeroday exploits to learn how attacks happen and how to protect: http://symc.ly/20U14Dc #0day https://t.co/Esd8q84uze

[ Attack ]  美人鱼行动：长达6年的境外定向攻击活动揭露 - http://www.freebuf.com/articles/network/105726.html

[ Attack ]  Deconstructing a Dropbox Phish http://garwarner.blogspot.com/2016/06/deconstructing-dropbox-phish.html

[ Attack ]  #TorrentLocker's latest campaign exploits Spain's largest electric utility: http://intel.ly/1ROQirv #ransomware https://t.co/p7agbOvti8

[ Attack ]  #TeamViewer breached: PCs hijacked, PayPal accounts raided as TeamViewer falls..http://www.theregister.co.uk/2016/06/01/teamviewer_mass_breach_report/ via @ theregister

[ Backdoor ]  JavaPoly.js - Java(script) in the Browser https://www.javapoly.com/ via @ hasegawayosuke

[ Browser ]  NCC Group Blog: When a Trusted Site in Internet Explorer was Anything But - https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2016/june/when-a-trusted-site-in-internet-explorer-was-anything-but/ by @ exploresecurity

[ Browser ]  Google patched two high severity flaws in Chrome this week - http://ow.ly/vH5L300QZD0

[ Browser ]  How to write your own Virtual DOM : https://medium.com/@ deathmood/how-to-write-your-own-virtual-dom-ee74acc13060#.yui37egv7

[ Crypto ]  We discovered bug in all hash functions of JS crypto library SJCL - https://github.com/bitwiseshiftleft/sjcl/issues/299 Is there a big picture? https://www.dancvrcek.com/software-reliability/

[ Debug ]  one of my favorite resources/tutorials about debugging with lldb: "Dancing in the Debugger — A Waltz with LLDB" https://www.objc.io/issues/19-debugging/lldb-debugging/

[ Detect ]  漏洞检测的那些事儿 - http://drops.wooyun.org/tips/16431

[ Firmware ]  BIOS Disassembly Ninjutsu book. for free! https://github.com/pinczakko/BIOS-Disassembly-Ninjutsu-Uncovered

[ IoTDevice ]  #Reversing and #Exploiting Embedded Devices (Part 1): The Software Stack http://praee.com/1XT8rLG via @ B1ack0wl #IoT https://t.co/F8km5NaFeX

[ MachineLearning ]  How the Android security team is using neural networks to increase security: http://www.wired.com/2016/06/googles-android-security-team-turns-machine-learning + adblock fix: https://t.co/4GkCrZtS0N

[ Malware ]  Malware - Analysing and Repurposing RIG's CVE-2015-8651 http://vulnerablespace.blogspot.gr/2016/06/malware-analysing-and-repurposing-rigs.html

[ Malware ]  Diligence is the Mother of Good Locky Detection http://blog.fortinet.com/2016/06/01/diligence-is-the-mother-of-good-locky-detection

[ OpenSourceProject ]  If you've ever wondered how WebKit engineers diagnose and fix a crash bug in JavaScriptCore: https://webkit.org/blog/6411/javascriptcore-csi-a-crash-site-investigation-story/ https://t.co/z0jKhESMJ8

[ Others ]  Blog post on Kerberos / AD fun under *NIX https://passing-the-hash.blogspot.com/2016/06/nix-kerberos-ms-active-directory-fun.html

[ Others ]  We've put Flush+Flush cache attack examples online: https://github.com/IAIK/flush_flush @ BloodyTangerine will present the paper @ #DIMVA2016 next month!

[ Others ]  Here are some great videos explaining what's new in PowerShell V5 https://mva.microsoft.com/en-US/training-courses/whats-new-in-powershell-v5-16434

[ Others ]  Researcher OSS team led by Ralf Spenneberg Create Self-Propagating Worm That Targets SCADA Equipment http://news.softpedia.com/news/researchers-create-self-propagating-worm-that-targets-scada-equipment-503860.shtml

[ Others ]  "#HackingTeam #Breach: A #Cyber Jurassic Park" My blog shamelessly steals @ craiu's paleontologist metaphor :) https://blogs.microsoft.com/cybertrust/2016/06/01/hacking-team-breach-a-cyber-jurassic-park/

[ Popular Software ]  PHP 5.4.34 unserialize UAF exploit http://blog.knownsec.com/2016/06/php-5-4-34-unserialize-uaf-exploit/ by niubl of Knownsec 404 Security Team

[ Web Security ]  How to find #XSS vulnerabilities in flash files. https://olivierbeg.com/finding-xss-vulnerabilities-in-flash-files/

[ Web Security ]  WP Mobile Detector Vulnerability Being Exploited in the Wild https://blog.sucuri.net/2016/06/wp-mobile-detector-vulnerability-being-exploited-in-the-wild.html

[ Web Security ]  MongoDB security – Injection attacks with php : http://blog.securelayer7.net/mongodb-security-injection-attacks-with-php/ cc @ nikhilmittal641 || @ SandeepL337

[ Windows ]  C/C++ pointers: pointers abuse in Windows kernel http://yurichev.com/blog/ptrs3/