[ Android ]  Cool attack. Hacking smartphones via voice commands hidden in YouTube videos https://www.helpnetsecurity.com/2016/07/11/hacking-smartphones-voice-commands/

[ Android ]  Malicious #PokémonGo App Installs Backdoor on #Android Devices: https://threatpost.com/malicious-pokemon-go-app-installs-backdoor-on-android-devices/119174/ via @ threatpost

[ Android ]  Security at your Fingertips. A dive into Marshmallow’s new fingerprint and keystore APIs https://droidcon.de/sites/global.droidcon.cod.newthinking.net/files/media/documents/Talk-%20Security%20at%20your%20Fingertips._0.pdf https://t.co/YPrZZn5Ul9

[ Android ]  TaintDroid depth analysis http://drops.wooyun.org/mobile/17417 (Chinese)

[ Browser ]  I wrote a privacy analysis of @ w3c Vibration API. Privacy engineer's point of view, uses and abuses. https://blog.lukaszolejnik.com/privacy-of-w3c-vibration-api/

[ Browser ]  The Future of Browser History — https://medium.com/@ patrykadas/browserhistory-2abad38022b1#.w2jtzjcjj

[ Browser ]  The Scriptless Scriptlet - Or how to execute JavaScript from CSS in MSIE11 without using Scripts https://gist.github.com/cure53/521c12e249478c1c50914b3b41d8a750

[ Detect ]  Anti Ransom: Detect and stop ransomware via honeypot, dumping memory for key extraction http://www.security-projects.com/?Anti_Ransom

[ Detect ]  CryptoLock (and Drop It) : Stopping Ransomware Attacks on User Data : http://www.cise.ufl.edu/~traynor/papers/scaife-icdcs16.pdf (pdf)

[ Hardware ]  91 percent of public-facing #ICS components are remotely exploitable - http://ow.ly/HYUs3027CvN #SCADA

[ Malware ]  Late last month, the Rig exploit kit started spreading an updated Cryptobit ransomware http://researchcenter.paloaltonetworks.com/2016/07/unit42-cryptobit-another-ransomware-family-gets-an-update/

[ OpenSourceProject ]  2 new programs! CSRFGuard http://bgcd.co/29CnEje & Java HTML Sanitizer Project http://bgcd.co/29CnBUE by @ owasp https://t.co/Zs6ZVERGML

[ Others ]  Shadow of a Doubt: Testing for Divergences Between Software Versions http://srg.doc.ic.ac.uk/files/papers/shadow-icse-16.pdf

[ Popular Software ]  KeeThief – A Case Study in Attacking KeePass Part 2 http://www.harmj0y.net/blog/redteaming/keethief-a-case-study-in-attacking-keepass-part-2/

[ Popular Software ]  TeamPass @ TheTeamPass fixed critical security issues with the help of RIPS http://teampass.net/2016-05-13-release-2.1.26#security-analysis-with-rips

[ ReverseEngineering ]  awesome-reversing A curated list of #awesome #reversing resources Author: @ tylerhalfpop https://github.com/tylerhalfpop/awesome-reversing

[ Tools ]  Frankencert - Adversarial Testing of Certificate Validation in SSL/TLS Implementations https://github.com/sumanj/frankencert

[ Tools ]  Visualizing relationships between python packages https://kozikow.com/2016/07/10/visualizing-relationships-between-python-packages-2/

[ Tools ]  https://github.com/siberas/IDA2Sym

[ Windows ]  Vulnerability Spotlight: Local Code Execution via the Intel HD Graphics Windows Kernel Driver http://blog.talosintel.com/2016/07/Intel-HD-Graphics-Vulnerability.html

[ Windows ]  Ubuntu's Unity desktop environment can run in Windows : https://github.com/Microsoft/BashOnWindows/issues/637 https://t.co/k4B0JfVvYe

[ Windows ]  Journey to HackSys Extreme Vulnerable Driver - Windows 7 x64 by my friend @ sizzop https://sizzop.github.io/ https://github.com/hacksysteam/HackSysExtremeVulnerableDriver