[ Android ]  Some Ideas about Fuzzing Android OMX Shared at #hitcon2016: http://hitcon.org/2016/CMT/slide/day2-r2-c-1.pdf @ Mingjian_Zhou @ C0RETeam

[ Malware ]  A side-by-side comparison of the CryptXXX and CrypMic ransomware, by @ bleepincomputer http://www.bleepingcomputer.com/news/security/side-by-side-comparisons-of-the-crypmic-and-cryptxxx-ransomware-infections/ https://t.co/sh06bPfKxD

[ Malware ]  New post: Economics Behind Ransomware as a Service: A Look at Stampado’s Pricing Model http://bit.ly/2asiWqa @ TrendMicro

[ Malware ]  Keys to #Chimera #ransomware leaked: https://blog.malwarebytes.com/cybercrime/2016/07/keys-to-chimera-ransomware-leaked/

[ Malware ]  Zeus Panda Delivered By Sundown - Targets UK Banks https://blogs.forcepoint.com/security-labs/zeus-panda-delivered-sundown-targets-uk-banks

[ Malware ]  Tracking the Actor Behind the MAN1 Crypter : http://www.threatgeek.com/2016/07/tracking-man1-crypter-actor.html https://t.co/54cbJTfWoG

[ Obfuscation ]  Released dex-oracle v1.0.5, android deobfuscation tool - http://buff.ly/2afJo4L https://t.co/86rysK1p8N

[ Others ]  Keeping Positive - Obtaining Arbitrary Wildcard SSL Certificates from Comodo via Dangling Markup Injection https://thehackerblog.com/keeping-positive-obtaining-arbitrary-wildcard-ssl-certificates-from-comodo-via-dangling-markup-injection/index.html

[ Others ]  Ease of use - IPhone fingerprint support! Microsoft Authenticator @ dispensa https://blogs.technet.microsoft.com/enterprisemobility/2016/07/25/microsoft-authenticator-coming-august-15th/ via @ msftmobility

[ Others ]  Juggling hashes with your eyes closed in PHP applications : http://www.digitalloft.org/init/plugin_wiki/page/juggling-hashes-with-your-eyes-closed-in-php

[ Others ]  Slides of my #CAV2016 talk "End-to-End Verification of ARM Processors with ISA-Formal" available at https://alastairreid.github.io/alastairreid.github.io/papers/ISA-Formal-CAV2016.pdf

[ Others ]  The story about how we created 0patch for Foxit Reader CVE-2016-3740: https://0patch.blogspot.com/2016/07/0patching-foxit-readers-heap-buffer.html …

[ Others ]  Intel Multi-OS Engine: Use Java to develop native mobile apps for iOS & Android on OSX & Win https://software.intel.com/en-us/multi-os-engine https://t.co/aHLA6kVxj1

[ Pentest ]  Read this: Pentesting in the real world. It's our latest blog series by and for pentesters: http://r-7.co/2a9vuCS

[ Popular Software ]  For those who prefer a manual approach: OpenSSH security guidelines from the Mozilla Wiki https://wiki.mozilla.org/Security/Guidelines/OpenSSH https://t.co/CDmh2Pb0pI

[ ReverseEngineering ]  MITM Attack — Reverse Engineering an Encrypted Service : http://www.theodo.fr/blog/2016/07/mitm-attack-reverse-engineering-an-encrypted-service/ https://t.co/GtpybZNdLd

[ Tools ]  Comparison of function hooking libraries : https://github.com/frida/frida/wiki/Comparison-of-function-hooking-libraries

[ Tools ]  Burp Infiltrator http://blog.portswigger.net/2016/07/introducing-burp-infiltrator.html

[ Tools ]  Burp Suite 1.7.04 released, with Burp Infiltrator, new IAST tool http://releases.portswigger.net/2016/07/1704.html

[ Tools ]  Snapper : A security tool for grabbing screenshots of many web hosts : https://github.com/dxa4481/Snapper

[ Virtualization ]  CVE-2016-6258 / XSA-182, PV Privilege Escalation in x86, break out of VM vulnerability now public: http://xenbits.xen.org/xsa/advisory-182.html Happy reboots!

[ Windows ]  Microsoft GDI+ rendering of uninitialized heap bytes as pixels when handling malformed RLE-compressed bitmaps https://code.google.com/p/google-security-research/issues/detail?id=825

[ WirelessSecurity ]  #KeySniffer vulnerability opens wireless keyboards to remote snooping http://ow.ly/i9CE302CjHG