[ Android ]  Bandicoot - An Open-source Python Toolbox To Analyze Mobile Phone Metadata http://buff.ly/28L0W7f #metadata #phone https://t.co/RzkdirMoqT

[ Android ]  Online analysis system for packed Android malware https://github.com/CvvT/AppTroy

[ Attack ]  Fraudsters are Buying IPv4 Addresses https://www.schneier.com/blog/archives/2016/06/fraudsters_are_.html

[ Attack ]  Hewlett Packard Enterprise (HPE) Cyber Risk Report 2016 http://techbeacon.com/resources/2016-cyber-risk-report-hpe-security

[ Attack ]  Carbonite online backup accounts under password reuse attack, Stop passwork-reuse abuse ! ~ http://www.theregister.co.uk/2016/06/22/carbonite_accounts_password_reuse_attack/ via @ theregister

[ Attack ]  The number of corporate devices attacked with crypto-ransomware increased almost 6 times in the past year. https://securelist.com/analysis/publications/75145/pc-ransomware-in-2014-2016/

[ Attack ]  T-Mobile Czech Employee Steals and Sells 1.5 Million Users Data ~ http://thehackernews.com/2016/06/t-mobile-hacked.html #Security

[ Browser ]  Microsoft Edge CBaseScriptable PrivateQueryInterface Uninitialized Memory Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-16-371/

[ Browser ]  Proof-of-Concept for spraying high addresses in Chrome & Firefox on 64-bit Windows: http://blog.skylined.nl/20160622001.html (+ details on CVE-2014-1736)

[ Browser ]  Leaner, smarter, faster: JavaScript performance updates in Edge & Chakra https://blogs.windows.com/msedgedev/2016/06/22/javascript-performance-updates-anniversary-update/#cAhDyQOe2o8FfeYh.99

[ Crypto ]  NCC Group Whitepaper: How to Backdoor Diffie-Hellman - https://www.nccgroup.trust/globalassets/our-research/us/whitepapers/2016/june/how-to-backdoor-diffie-hellmanpdf by @ lyon01_david - learn what to look for!

[ iOS ]  Apple Releases unobfuscated iOS 10 kernel https://www.technologyreview.com/s/601748/apple-opens-up-iphone-code-in-what-could-be-savvy-strategy-or-security-screwup/

[ Linux ]  Linux Kernel ROP part 2 is out on the #SpiderLabs blog https://www.trustwave.com/Resources/SpiderLabs-Blog/Linux-Kernel-ROP---Ropping-your-way-to---(Part-2)/

[ Malware ]  New post: After Angler: Shift in Exploit Kit Landscape and New Crytpo-Ransomware Activity http://bit.ly/28PCzrp @ TrendMicro

[ Malware ]  Macro Malware Adds Tricks, Uses MaxMind to Avoid Detection https://blogs.mcafee.com/mcafee-labs/macro-malware-adds-tricks-uses-maxmind-to-avoid-detection/

[ Malware ]  Analyzing the New Locky Javascript Downloader https://malcat.moe/?p=53

[ OpenSourceProject ]  VULNERABILITY SPOTLIGHT: PIDGIN VULNERABILITIES -http://blog.talosintel.com/2016/06/vulnerability-spotlight-pidgin.html by @ TalosSecurity

[ Sandbox ]  TIL about AppContainers on Windows from looking into the Chromium sandbox: https://github.com/MalwareTech/AppContainerSandbox

[ Tools ]  Added the ability to search Shodan for websites that are using certain technologies, ex: jQuery - https://www.shodan.io/search?query=http.component%3Ajquery

[ Web Security ]  XSS persistence using JSONP and serviceWorkers https://c0nradsc0rner.wordpress.com/2016/06/17/xss-persistence-using-jsonp-and-serviceworkers https://t.co/ruuXhkUtWC

[ Windows ]  Rekall and the windows PFN database http://rekall-forensic.blogspot.ch/2016/05/rekall-and-windows-pfn-database.html

[ Windows ]  Microsoft Windows Diagnostics Hub Standard Collector Directory Traversal Privilege Escalation Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-16-372/