[ Attack ]  NetTraveler APT Targets Russian, European Interests: http://buff.ly/29unFF7 https://t.co/ac8UtQLaku

[ Attack ]  Cracking the MySpace List - First Impressions http://reusablesec.blogspot.gr/2016/07/cracking-myspace-list-first-impressions.html

[ Attack ]  Over 1000 Wendy’s restaurants hacked – customers’ credit card details stolen http://www.welivesecurity.com/2016/07/08/1000-wendys-restaurants-hacked-customers-credit-card-details-stolen/

[ Backdoor ]  stealth hard-drive backdoor with remote covert exfiltration https://www.ibr.cs.tu-bs.de/users/kurmus/papers/acsac13.pdf had missed this paper by @ kurmus @ travisgoodspeed & al.

[ Detect ]  Pretty cool: researchers identify flows of encrypted traffic related to malware families https://motherboard.vice.com/read/researchers-figure-out-how-to-detect-malware-in-encrypted-traffic https://t.co/VfToVAcyXa

[ Hardware ]  I have released gpsnitch which is the GPS Spoofer Catcher I demoed at @ unrestcon. https://github.com/zxsecurity/gpsnitch (slides coming soon)

[ Others ]  Hiding a payload in PNG files with Python : http://blog.brian.jp/python/png/2016/07/07/file-fun-with-pyhon.html

[ Others ]  Apex memmove - the fastest memcpy/memmove on x86/x64 ... EVER, written in C : http://www.codeproject.com/Articles/1110153/Apex-memmove-the-fastest-memcpy-memmove-on-x-x-EVE

[ Others ]  Just published! Slides from Nick Jones talk @ BSidesLondon "Bug Hunting with Static Code Analysis" https://labs.mwrinfosecurity.com/publications/bug-hunting-with/ #BSidesLDN2016

[ Others ]  Kaspersky's Oleg Gorobets looks at the security aspects of Virtual Desktop Infrastructures https://securelist.com/blog/security-policies/75279/vdi-non-virtual-problems-of-virtual-desktop-security-and-how-to-solve-them-for-real/

[ Pentest ]  Penetration Testing Process & Tools, Visually Explained http://visuallyexplainedpentest.barricade.io/

[ Pentest ]  Penetration Testing Tools that (do not) Support #IPv6 (Dec 2014) https://www.ernw.de/download/newsletter/ERNW_Newsletter_45_PenTesting_Tools_that_Support_IPv6_v.1.1_en.pdf [PDF] by @ AntoniosAtlasis https://t.co/G3m85xkiFM

[ Popular Software ]  Adobe Flash: Heap Corruption in LMZA Property Decoding https://bugs.chromium.org/p/project-zero/issues/detail?id=790#c_ts1467910639

[ Popular Software ]  Adobe Flash: Overflow in ATF Processing https://bugs.chromium.org/p/project-zero/issues/detail?id=786#c_ts1467910584

[ Popular Software ]  Messenger (Facebook) Secret Conversations - Technical Whitepaper : https://fbnewsroomus.files.wordpress.com/2016/07/secret_conversations_whitepaper.pdf (pdf)

[ ThreatIntelligence ]  Open Source Threat Intelligence Tools & Techniques http://resources.infosecinstitute.com/open-source-threat-intelligence-tools-techniques/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+infosecResources+%28InfoSec+Resources%29

[ Tools ]  BINSEC : Binary-level Semantic Analysis to the Rescue : https://sec2016.rmll.info/files/20160705-03-Bardin-Binsec.pdf (pdf) https://t.co/qnXdDNLCwF

[ Tools ]  Vulners – Vulnerability Data Base : https://vulners.com/

[ Web Security ]  The Genesis of an XSS Worm - Part III (with video) http://brutelogic.com.br/blog/genesis-xss-worm-part-iii/

[ Web Security ]  Extracting Multiple Bits Per Request From Full-blind SQL Injection Vulnerabilities : http://howto.hackallthethings.com/2016/07/extracting-multiple-bits-per-request.html https://t.co/Lt7ZU76Gmy