[ Android ]  Android Compiler Fingerprinting : http://hitcon.org/2016/CMT/slide/day1-r0-e-1.pdf (pdf) cc @ timstrazz || @ caleb_fenton https://t.co/KBV7zHXxBr

[ Android ]  Protecting Android with more Linux kernel defenses. Thank you kernel devs for your important work! http://android-developers.blogspot.com/2016/07/protecting-android-with-more-linux.html

[ Browser ]  ChakraCore's interpreter and runtime works on Linux and OS X! JIT and high performance GC is a work-in-progress: https://blogs.windows.com/msedgedev/2016/07/27/chakracore-on-linux-osx/

[ Crypto ]  Breaking BitLocker Encryption: Brute Forcing the Backdoor (Part II) http://blog.elcomsoft.com/2016/07/breaking-bitlocker-encryption-brute-forcing-the-backdoor-part-ii/

[ Debug ]  Tracing tricks with ptrace http://pramode.net/articles/lfy/ptrace/pramode.html

[ Malware ]  #Unit42 observed 9002 Trojan delivered using combination of shortened links & a shared file hosted on #Google Drive http://bit.ly/2a80gb9

[ Malware ]  If anyone wants to study Duqu2 exploit (CVE-2015-2360), here is a sample http://www.kernelmode.info/forum/viewtopic.php?f=16&t=3900&p=28947#p28947 #Duqu2 #exploit

[ Malware ]  A look into some RIG exploit kit campaigns https://blog.malwarebytes.com/threat-analysis/exploits-threat-analysis/2016/07/a-look-into-some-rig-exploit-kit-campaigns/

[ Network ]  Sniffing HTTPS URLS with malicious PAC files http://contextis.com/resources/blog/leaking-https-urls-20-year-old-vulnerability/

[ Network ]  New attack bypasses HTTPS protection on Macs, Windows, and Linux : http://arstechnica.com/security/2016/07/new-attack-that-cripples-https-crypto-works-on-macs-windows-and-linux/

[ Network ]  Over 100 suspicious, snooping Tor nodes discovered http://www.zdnet.com/article/over-100-spying-malicious-tor-nodes-discovered/#ftag=RSSbaffb68

[ Obfuscation ]  Using NodeJS to deobfuscate JavaScript. That is useful ! http://bit.ly/2a8TWPU

[ Others ]  TÜBİTAK MRC chooses QNX for safety-critical systems in the new E1000 electric locomotive http://ow.ly/abK7302rA0B https://t.co/ez7Fmjx2SI

[ Others ]  How I made LastPass give me all your passwords : https://labs.detectify.com/2016/07/27/how-i-made-lastpass-give-me-all-your-passwords/

[ Pentest ]  Red Team Tool Roundup | @ Mandiant http://www.fireeye.com/blog/threat-research/2016/07/red_team_tool_roundup.html

[ Popular Software ]  [local] - VMWare - Setuid vmware-mount Popen lsb_release Privilege Escalation (VMSA-2013-0010) https://www.exploit-db.com/exploits/40169/

[ SecurityProduct ]  CVE-2016-5840: Trend Micro Deep Discovery hotfix_upload.cgi filename Remote Code Execution Vulnerability - http://www.korpritzombie.com/cve-2016-5840-trend-micro-deep-discovery-hotfix_upload-cgi-filename-remote-code-execution-vulnerability/

[ Tools ]  Use the Shodan Honeyscore to validate your ICS honeypot settings: http://buff.ly/2aqVDdt

[ Tools ]  Ida-Pro-screen-recorder - PyQt4/PyQt5 plugin for recording your screen while you use Ida Pro. https://github.com/techbliss/Ida_Pro_Screen_Recorder

[ Tools ]  Here are the repo's for SysMon Logger: https://github.com/infoassure/sysmon-logger-client https://github.com/infoassure/sysmon-logger-server https://github.com/infoassure/sysmon-logger-ui

[ Virtualization ]  [BLOG] Xen exploitation part 2: XSA-148, from guest to host http://blog.quarkslab.com/xen-exploitation-part-2-xsa-148-from-guest-to-host.html by @ tlk___ #teasing before part 3 about XSA-182