[ Android ]  Android Trojan "Hellfire" modified system binaries, boot image, init.rc, SE policy rules, dm_verify, etc. http://blogs.360.cn/360mobile/2016/06/21/analysis_of_diyuhuo/ (Chinese)

[ Android ]  New post: ‘GODLESS’ Mobile Malware Uses Multiple Exploits to Root Devices http://bit.ly/28N8Yih @ TrendMicro

[ Attack ]  REcon slides "Visiting The Bear Den" #sednit #apt28 #reconmtl are up! http://www.welivesecurity.com/wp-content/uploads/2016/06/visiting_the_bear_den_recon_2016_calvet_campos_dupuy-1.pdf with @ __ek0 @ nyx__o

[ Attack ]  GitHub Security Update: Reused password attack from attackers replayed using lists of compromised accounts https://github.com/blog/2190-github-security-update-reused-password-attack

[ Attack ]  Our analysis of AngryBirds' xDedic Pastebin leak: https://securelist.com/blog/research/75120/the-tip-of-the-iceberg-an-unexpected-turn-in-the-xdedic-story/ https://t.co/YcY6ll9FpV

[ Attack ]  Red Line Drawn: China Recalculates Its Use of #CyberEspionage https://www.fireeye.com/blog/threat-research/2016/06/red-line-drawn-china-espionage.html #ThreatIntel https://t.co/IOSdXq8Liw

[ Attack ]  Resurrection of the Evil Miner http://www.fireeye.com/blog/threat-research/2016/06/resurrection-of-the-evil-miner.html

[ Crypto ]  Slides from my talk "Secure channels - are we there yet?" now online - bonus; new attack on OpenSSH, slide 44 on: http://www.turing-gateway.cam.ac.uk/documents/tgmw35/Kenny%20Paterson.pdf

[ Forensics ]  Understanding Critical Windows Artifacts and Their Relevance During Investigation http://resources.infosecinstitute.com/understanding-critical-windows-artifacts-and-their-relevance-during-investigation/

[ Hardware ]  BadUSB 2.0 USB-HID MiTM POC : https://github.com/withdk/badusb2-mitm-poc h/t : @ drcruft

[ Linux ]  Adventures in HardenedBSD https://github.com/lattera/presentations/blob/master/NYCBUG/2016/Adventures%20in%20HardenedBSD.pdf [PDF] https://t.co/z6Kr3nmfw0

[ macOS ]  DNS parsing flaw patched in @ Apple #AirPort base stations https://threatpost.com/apple-patches-airport-remote-code-execution-flaw/118787/ via @ threatpost

[ Malware ]  JavaScript-PHP Joint Exercise Delivers Nemucod Ransomware https://blogs.mcafee.com/mcafee-labs/javascript-php-joint-exercise-delivers-nemucod-ransomware/

[ Malware ]  New post: JScript-toting Ransomware Can Steal Your Passwords and Bitcoin Wallets, Too http://bit.ly/28KRWkE @ TrendMicro

[ Mitigation ]  Mitigating Stagefright Attacks with the ARM Performance Monitoring Unit https://www.endgame.com/blog/mitigating-stagefright-attacks-arm-performance-monitoring-unit

[ Mitigation ]  Documenting the Undocumented: Adding Control Flow Guard Exceptions: http://breakingmalware.com/uncategorized/documenting-undocumented-adding-control-flow-guard-exceptions/ https://t.co/wfWXzJsdw7

[ Network ]  NCC Group Whitepaper: Local net compromise - dangers of NBNS/LLMNR spoofing attacks & how to prevent - https://www.nccgroup.trust/uk/our-research/local-network-compromise-despite-good-patching/?research=Whitepapers by @ jonmacf

[ OpenSourceProject ]  More compression bugs discovered by @ _Icewall http://blog.talosintel.com/2016/06/the-poisoned-archives.html ! Test them on your favorite security device today!

[ Others ]  CPU RSB based side-channel analysis as applied to detecting VMM. Slides: http://www.c7zero.info/stuff/hyper-channel_toorcon_seattle.ppt [ppt]: https://m.youtube.com/watch?v=UN8iXdMZP2s

[ Others ]  Visualising the .NET Garbage Collector http://mattwarren.org/2016/06/20/Visualising-the-dotNET-Garbage-Collector/

[ Others ]  Dell 2410U monitor exploitation, PoC assisted by the USB armory https://twitter.com/jatinkataria/status/744599163795611649

[ Pentest ]  Penetration testing tools cheat sheet quick reference high level overview 4 typical penetration testing engagements https://highon.coffee/blog/penetration-testing-tools-cheat-sheet/

[ Tools ]  Using nmap? Here's a great cheat sheet ~ https://highon.coffee/blog/nmap-cheat-sheet/

[ Tools ]  KEYSTONE : The last missing framework for Reverse Engineering : http://www.keystone-engine.org/docs/RECON2016-keystone.pdf (pdf) https://t.co/uoQh9mJMAc

[ Windows ]  #DailyBug magic values in 32-bit processes on 64-bit OS-es and how to exploit them at http://blog.skylined.nl (with details on two bugs)

[ Windows ]  Malware Disabling UAC http://neonprimetime.blogspot.com/2016/06/malware-disabling-uac.html

[ Windows ]  New on the blog: Getting Physical: Extreme abuse of Intel based Paging Systems – Part 2 – Windows http://hubs.ly/H03nm2c0