[ Android ]  Introduction to debugging Android apps using AndBug http://resources.infosecinstitute.com/android-hacking-and-security-part-23-introduction-to-debugging-android-apps-using-andbug/

[ Android ]  MADAM: Effective and Efficient Behavior-based Android Malware Detection and Prevention http://www.iet.unipi.it/g.dini/research/papers/2016-tdsc-ssdm-accepted.pdf

[ Browser ]  Malware in the browser: how you might get hacked by a Chrome extension https://kjaer.io/extension-malware/

[ Crypto ]  opensshd - user enumeration http://seclists.org/fulldisclosure/2016/Jul/51

[ Detect ]  Detecting malicious behaviour using system calls : http://repository.tudelft.nl/islandora/object/uuid:c71c85bc-d742-449b-88e7-33e172392ec2?collection=education

[ Industry News ]  Opera browser sold to a Chinese consortium for $600 million (May be a good time to stop using Opera) : https://www.engadget.com/2016/07/18/opera-browser-sold-to-a-chinese-consortium-for-600-million/

[ iOS ]  new blogpost on Apple - [CVE-2016-1865] Some unexploitable but unsandboxable OS X/iOS Kernel NULL pointers - https://marcograss.github.io/security/apple/cve/2016/07/18/cve-2016-1865-apple-nullpointers.html

[ Malware ]  A look at a malicious Word macro that detects virtual environments https://www.vmray.com/word-macro-detects-vm-environments/ https://t.co/ac3r6gyrrR

[ Malware ]  Automatic analysis of zip with .wsf file inside #malware http://0x90909090.blogspot.fr/2016/07/analyzing-zip-with-wsf-file-inside.html https://github.com/0xmitsurugi/Analyzing-zip-file-with-.wsf-file-inside https://t.co/Nthwv7sc9H

[ Others ]  IBM report looks at command injection attacks https://securityintelligence.com/command-injection-a-deadly-needle-in-the-haystack/

[ Others ]  CGI script vuln #httpoxy affects server-side web apps, allows for #MitM attacks on Red Hat products - http://ow.ly/m5FG302n3Ow

[ Others ]  w00t! I'm in the list of @PwnieAwards nominee for Best Server-Side bug for the Cisco ASA heap exploit :)

[ Others ]  Have you seen our recent whitepaper: My name is Matt - My voice is my password https://www.nccgroup.trust/uk/our-research/my-name-is-matt-my-voice-is-my-password/

[ Popular Software ]  Time To Patch: RCE on Meinberg NTP Time Server https://www.securifera.com/blog/2016/07/17/time-to-patch-rce-on-meinberg-ntp-time-server/

[ Tools ]  DMitry – Deepmagic Information Gathering Tool http://www.darknet.org.uk/2016/07/dmitry-deepmagic-information-gathering-tool/

[ Web Security ]  Lessons learned from an SVG flaw that used JavaScript to serve a persistent XSS https://hackerone.com/blog/Hacktivity-Highlights:-XSS-via-SVG

[ Windows ]  Running Windows 64-bit in QEMU Emulation Mode : https://www.invincealabs.com/blog/2016/07/running-windows-64bit-qemu/

[ Windows ]  RCE Endeavors » Runtime DirectX Hooking http://www.codereversing.com/blog/archives/282