[ Android ]  The exploit for CVE-2016-2434 https://github.com/jianqiangzhao/CVE-2016-2434 Google has released the patch.

[ Attack ]  New #EMEA Report: How orgs in EMEA discover breaches & how they respond http://bddy.me/29tzq07 #infosec https://t.co/PbiP17I8kA

[ Browser ]  Mozilla publishes their next-generation HTML rendering engine, built in their own secure programming language http://www.theregister.co.uk/2016/07/04/mozilla_servo_nightly_builds/

[ Browser ]  Apple Safari for Mac OS X SVG local XXE https://www.wearesegment.com/research/Apple-Safari-for-Mac-OS-X-SVG-local-XXE

[ Fuzzing ]  Peach Fuzz - Vulnerability Scanning Framework -- http://www.kitploit.com/2016/07/peach-fuzz-vulnerability-scanning.html

[ Hardware ]  House intercoms: When frontdoors become backdoors http://www.synacktiv.ninja/ressources/NDH-Intercoms_presentation_Dudek.pdf

[ IoTDevice ]  ZigBee security review of a famous French set-top box https://speakerdeck.com/rlifchitz/zigbee-security-review-of-a-famous-french-set-top-box

[ Linux ]  Bugtraq: [CVE-2016-6136] Double-Fetch Vulnerability in Linux-4.6/kernel/auditsc.c http://www.securityfocus.com/archive/1/538835

[ macOS ]  New Mac OS Backdoor, Eleanor: https://labs.bitdefender.com/wp-content/uploads/2016/07/Backdoor-MAC-Eleanor_final.pdf remote access, webcam images, files... You know the drill. https://t.co/qwnWRn2HcL

[ Mitigation ]  A Control-Flow Integrity: Precision, Security, and Performance http://arxiv.org/pdf/1602.04056.pdf

[ Network ]  Sweet maps show how connected chunks of the dark web really are, sharing SSH keys etc https://motherboard.vice.com/read/these-maps-show-what-the-dark-web-looks-like https://t.co/02uw19cT9F

[ NetworkDevice ]  TP-LINK lost control of two domains used to configure its devices https://www.helpnetsecurity.com/2016/07/05/tp-link-config-domains/ via @ hardillb https://t.co/TfkxLsUq6n

[ Obfuscation ]  13 Awesome Deobfuscation Tools For Reverse Engineers : https://hackerlists.com/deobfuscation-tools/

[ Obfuscation ]  Exploiting Dynamic Scheduling for VM-Based Code Obfuscation : http://www.lancaster.ac.uk/staff/wangz3/publications/trustcom.pdf (pdf) https://t.co/iYi5WQ7lpg

[ Others ]  Uploaded my slidedeck from #HIP16, thank you all and c u next year! http://www.slideshare.net/moshez/abusing-the-train-communication-network-or-what-could-have-derailed-the-northeast-regional-188 @ bsidestlv @ hackinparis @ Garin_Pace @ ArtByAlida

[ Others ]  Building a BitTorrent client from scratch in C# : https://cheatdeath.github.io/research-bittorrent-doc/

[ Others ]  if you happen to need examples of compilers crashing to support a research project, this repo is for you: https://github.com/regehr/compiler-crashes

[ Others ]  BINSEC - A Dynamic Symbolic Execution Toolkit for Binary-Level.Based on PIN. http://binsec.gforge.inria.fr/

[ Pentest ]  Final part of the blog series: Execution and the People Factor. Using human flaws in network red teaming. http://www.sixdub.net/?p=714 #blogspam

[ Tools ]  I wrote a tool to enable 2-factor confirmation of USB devices. It uses DUO auth API and you can customize actions: https://github.com/uber/usb2fac

[ Web Security ]  Slides of my conference on Single Sign On, including lyrics of "Imagine SSOng" http://fr.slideshare.net/coudot/the-wonderful-story-of-web-authentication-and-singlesign-on #rmllsec16 https://t.co/P6M7wKzJA3

[ Web Security ]  CSRF Worms https://c0nradsc0rner.wordpress.com/2016/07/04/csrf-worm/

[ Windows ]  Windows 10 x86/wow64 Userland heap https://www.corelan.be/index.php/2016/07/05/windows-10-x86wow64-userland-heap/

[ Windows ]  pushed my thesis documentation about understanding the ndis 6 stack to my github: https://github.com/d3sre/Understanding_the_NDIS_6_stack