[ Android ]  android-n-preview-3 to android-n-preview-4 AOSP changelog - http://www.androidpolice.com/android_aosp_changelogs/android-n-preview-3-to-android-n-preview-4-AOSP-changelog.html

[ Android ]  Well, that didn't take long. Android apps no longer able to load non-NDK platform libraries http://android-developers.blogspot.co.uk/2016/06/android-changes-for-ndk-developers.html https://twitter.com/ikoz/status/719667103020802052

[ Android ]  Google Play Hit with Rash of Auto-Rooting Malware https://threatpost.com/google-play-hit-with-rash-of-auto-rooting-malware/118938/

[ Attack ]  Ransomware attack against Office 365, 57% of orgs received malicious file http://www.avanan.com/resources/attack-on-office-365-corporate-users-with-zero-day-ransomware-virus [Cerber bad news https://twitter.com/daniel_bilar/statuses/740138610305978368?tw_i=740138610305978368&tw_e=permalink&tw_p=archive ]

[ Browser ]  Headless Chromium very useful for fuzzing purposes (no Xvfb) https://chromium.googlesource.com/chromium/src/+/master/headless/README.md

[ Browser ]  no UI #XSS vector, inspired by @ BenHayak vector :D <div style=writing-mode:tb;overflow:scroll onscroll=alert(1)> https://jsfiddle.net/a7p7okzv/

[ Browser ]  Reflections on trusting CSP http://blog.kotowicz.net/2016/06/reflections-on-trusting-csp.html

[ Browser ]  Patch analysis of MS16-063 for Internet Explorer 11 JScript Memory Corruption (with proof-of-concept exploit) http://theori.io/research/jscript9_typed_array

[ Debug ]  How to get user-mode stacks of WOW64 processes in kernel-mode debugging mode #WinDbg #DbgKit #DbgTricks http://www.andreybazhan.com/how-to-get-user-mode-stacks-of-wow64-processes-in-kernel-mode-debugging-mode.html

[ Detect ]  Use #MicrosoftATA or write an IDS rule based on the #MS14068 exploit traffic. https://adsecurity.org/?p=763 https://twitter.com/TalBeerySec/status/747565789243379713

[ Detect ]  Auditing CSP headers with Burp and ZAP http://blog.gosecure.ca/2016/06/28/auditing-csp-headers-with-burp-and-zap/

[ Fuzzing ]  Need something to hack with during summer? Try contributing some libFuzzer target functions for greater good: https://github.com/ouspg/libfuzzerfication

[ Hardware ]  Our BadBarcode page: http://xlab.tencent.com/badbarcode/. No new domain name, no logo, just a page:-). #BadBarcode

[ Industry News ]  Cisco to Acquire Waltham Cybersecurity Firm CloudLock for $293M http://bostinno.streetwise.co/2016/06/28/cisco-announces-plans-to-acquire-cloudlock-for-293m/ via @ BostInno

[ Malware ]  Locky is Back Asking for Unpaid Debts « Threat Research Blog | FireEye Inc http://ow.ly/NXxE301Glch

[ Network ]  Sucuri spotted a large botnet of CCTV devices involved in DDoS attacks http://securityaffairs.co/wordpress/48807/iot/cctv-devices-ddos.html

[ Popular Software ]  Note about security of RESTEasy services https://0ang3el.blogspot.ru/2016/06/note-about-security-of-resteasy-services.html

[ Popular Software ]  Vulnerability Spotlight: LibreOffice RTF Vulnerability http://blog.talosintel.com/2016/06/vulnerability-spotlight-libreoffice-rtf.html

[ SecurityProduct ]  New blog post on the Symantec vulnerabilities we're releasing today, including wormable remote code execution bugs. http://googleprojectzero.blogspot.com/2016/06/how-to-compromise-enterprise-endpoint.html

[ SecurityProduct ]  Multiple remote memory corruption vulns in all Symantec/Norton antivirus products, including stack buffer overflows https://bugs.chromium.org/p/project-zero/issues/detail?id=823

[ Web Security ]  SSRF bible updated a little. Redis tricks with SLAVEOF and MIGRATE added https://docs.google.com/document/d/1v1TkWZtrhzRLy0bYXBcdLUedXGb9njTNIJXa3u9akHM

[ Windows ]  MS16-039 – “Windows 10” 64 bits Integer Overflow exploitation by using GDI objects http://hubs.ly/H03sm310 https://t.co/MGVJuxKeK2