[ Android ]  Dumb question...how is the ashmem bug supposed to lead to privilege escalation? Does the mapped mem contain objects? https://www.codeaurora.org/invalid-path-check-ashmem-memory-file-cve-2016-5340

[ Android ]  Smartphone Antivirus and Security Applications Under Fire - https://media.defcon.org/DEF%20CON%2024/DEF%20CON%2024%20presentations/DEFCON-24-Huber-Rasthofer-Smartphone-Antivirus-And-Security-Applications-Under-Fire.pdf via @ trufae

[ Android ]  Fuzzing Android Devices - https://media.defcon.org/DEF%20CON%2024/DEF%20CON%2024%20presentations/DEFCON-24-Anto-Joseph-Fuzzing-Android-Devices.pdf via @ trufae

[ Attack ]  Snakes in the Satellites: On-going Turla Infrastructure shows continued operations. http://blog.passivetotal.org/snakes-in-the-satellites-on-going-turla-infrastructure/ #infosec #APT #ThreatHunting

[ Attack ]  Operation Ghoul: targeted attacks on industrial and engineering organizations https://securelist.com/blog/research/75718/operation-ghoul-targeted-attacks-on-industrial-and-engineering-organizations/

[ Exploit ]  Post containing summary of implants and exploits included in the #EquationGroup #Shadowbrokers dump https://musalbas.com/2016/08/16/equation-group-firewall-operations-catalogue.html

[ Fuzzing ]  Coverage-based Greybox Fuzzing as Markov Chain https://www.comp.nus.edu.sg/~mboehme/paper/CCS16.pdf && code https://github.com/mboehme/aflfast

[ macOS ]  How a malware could infects digitally signed files without altering hashes on macOS https://medium.com/@ sabrihaddouche/how-a-malware-can-infects-digitally-signed-files-without-altering-hashes-on-macos-c7dc9e391a8e#.3vw053iey

[ Malware ]  Nice analisys of fastly evolving Rex malware by @ benkow_ #golang #p2p https://thisissecurity.net/2016/08/17/from-website-locker-to-ddos-rex/

[ Malware ]  Nemucod Ransomware Analysis https://www.webroot.com/blog/2016/08/16/nemucod-ransomware-analysis/

[ Malware ]  #Unit42 researchers find #Aveo #malware family targeting Japanese speaking users http://bit.ly/2b3hhUs

[ Malware ]  Shakti Trojan: Technical Analysis https://blog.malwarebytes.com/threat-analysis/2016/08/shakti-trojan-technical-analysis/

[ Malware ]  Locky Ransomware Distributed Via DOCM Attachments in Latest Email Campaigns http://www.fireeye.com/blog/threat-research/2016/08/locky_ransomwaredis.html

[ Malware ]  CryptXXX Technical Deep Dive - https://blogs.cisco.com/security/cryptxxx-technical-deep-dive by @ JershMagersh

[ NetworkDevice ]  Cisco ASA (Adaptive Security Appliance) SNMP Remote Code Execution Vulnerability - CVE-2016-6366 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-snmp

[ Pentest ]  i published on Github a curated list of public penetration testing reports released by several consulting firms: https://github.com/juliocesarfort/public-pentesting-reports

[ Tools ]  Azurite - a tool for recon and enumeration of Azure clouds https://github.com/mwrlabs/Azurite

[ Windows ]  Small #PowerShell Module for the Antimalware Scan Interface | https://github.com/adamdriscoll/AMSI/

[ Windows ]  Bypassing User Account Control (UAC) using TpmInit.exe The story continues.... http://uacmeltdown.blogspot.nl https://t.co/7xp5S0neR8

[ Windows ]  Windows Kernel win32k.sys FON font processing: divide-by-zero exception in win32k!MAPPER::bFoundExactMatch https://bugs.chromium.org/p/project-zero/issues/detail?id=855#c_ts1471445053

[ Windows ]  The reports of my EMF processing GDI+ RCE bugs fixed in latest MS16-097 are now public, see https://bugs.chromium.org/p/project-zero/issues/detail?id=824, #826, #828.