[ Attack ]  M-Trends Asia Pacific: Organizations Must Improve at Detecting and Responding to Breaches https://www.fireeye.com/blog/threat-research/2016/08/m-trends_asia_pacifi.html

[ Attack ]  Here are 2016’s most prominent breaches and security incidents so far: http://bit.ly/2be7OYp https://t.co/7apFKkMkY1

[ Attack ]  NEW REPORT: “The Million Dollar Dissident: NSO Group’s iPhone Zero-Days used against a UAE Human Rights Defender” https://citizenlab.org/2016/08/million-dollar-dissident-iphone-zero-day-nso-group-uae/

[ Attack ]  Threat Intelligence Report for the Telecommunications Industry - Securelist https://securelist.com/analysis/publications/75846/threat-intelligence-report-for-the-telecommunications-industry/

[ Cloud ]  Azure 0day Cross-Site Scripting with Sandbox Escape https://www.securesolutions.no/guest-blog-at-pen-testing-sans-org-azure-0day-cross-site-scripting-with-sandbox-escape/

[ Conference ]  #HITBGSEC #CommSec LIVE STREAM: https://www.youtube.com/watch?v=EODWYP0z58g - Slides are here: http://gsec.hitb.org/materials/sg2016/ (RTs greatly appreciated)

[ iOS ]  Greetings from SG! #HITBGSEC Presentation, and a new SBTool to inspect #iOS/#MacOS #sandbox: http://newosxbook.com/articles/hitsb.html https://t.co/vwTX2QYwqI

[ iOS ]  iOS 9.3.5: WebKit RCE & kernel privilege escalation… upgrade now now now https://support.apple.com/en-gb/HT207107

[ Linux ]  Great implementation of CVE-2016-5696 TCP Session RST or Hijacking by @ jduck: https://github.com/jduck/challack

[ Linux ]  My "State of the Kernel Self Protection Project" slides from the Linux Security Summit: https://outflux.net/slides/2016/lss/kspp.pdf

[ Malware ]  Alma Ransomware: Analysis of a New Ransomware Threat (and a decrypter!) https://info.phishlabs.com/blog/alma-ransomware-analysis-of-a-new-ransomware-threat-and-a-decrypter

[ Malware ]  MMD-0055-2016 - Linux/PnScan ; #ELF worm that still circles around. http://blog.malwaremustdie.org/2016/08/mmd-0054-2016-pnscan-elf-worm-that.html Via @ MalwareMustDie. https://t.co/GI4n8O3Jdk

[ Malware ]  My new post for @ Malwarebytes "Unpacking the #spyware disguised as antivirus": https://blog.malwarebytes.com/threat-analysis/2016/08/unpacking-the-spyware-disguised-as-antivirus/ //#KorplugRAT

[ Network ]  How the Consumer Product Safety Commission is (Inadvertently) Behind the Internet’s Largest DDoS Attacks https://blog.cloudflare.com/how-the-consumer-product-safety-commission-is-inadvertently-behind-the-internets-largest-ddos-attacks/

[ Obfuscation ]  Protecting Software through Obfuscation: Can It Keep Pace with Progress in Code Analysis? http://www.cs.rhul.ac.uk/home/kinder/papers/csur16-obfuscation.pdf

[ Others ]  By analysing how FINGERS interact w/WiFi signals, #InfoSec researchers accurately recover 93.5+% of all keystrokes. https://www.sigmobile.org/mobicom/2015/papers/p90-aliA.pdf

[ Others ]  Hacking Soft Tokens - Advanced Reverse Engineering on Android http://gsec.hitb.org/materials/sg2016/whitepapers/Hacking%20Soft%20Tokens%20-%20Bernhard%20Mueller.pdf

[ Others ]  New blog post: "How many x86 instructions are there?" https://fgiesen.wordpress.com/2016/08/25/how-many-x86-instructions-are-there/ It's surprisingly tricky to answer meaningfully.

[ Tools ]  We have two code releases for you today! Windows Intel Processor Trace Driver https://github.com/talos-vulndev/TalosIntelPtDriver and FuzzFlow https://github.com/talos-vulndev/FuzzFlow

[ Tools ]  #Python application to reverse engineering http://buff.ly/2bitcMK #infosec #security #re

[ Tools ]  Introducing vcsmap: a plugin-based tool to scan public version control systems for sensitive information. http://vcsmap.org/

[ Web Security ]  The Mozilla Observatory is handy for spot-checking common web server configuration issues: https://observatory.mozilla.org

[ Windows ]  Getting Physical: Extreme abuse of Intel based Paging Systems – Part 3 – Windows HAL’s Heap https://blog.coresecurity.com/2016/08/25/getting-physical-extreme-abuse-of-intel-based-paging-systems-part-3-windows-hals-heap/

[ Windows ]  I never knew that .NET could be manually loaded from C/C++. http://www.ownedcore.com/forums/world-of-warcraft/world-of-warcraft-bots-and-programs/wow-memory-editing/320083-guide-loading-net-4-0-clr.html - The dll can be dumped & then analyzed in dnspy

[ Windows ]  Windows Update borks PowerShell – Microsoft won't fix it for a week http://m.theregister.co.uk/2016/08/25/microsoft_breaks_powershell_with_borked_update_wont_fix_it_for_a_week/

[ Windows ]  Data Driven Software Security - recap on new mitigations in windows 10 AU - http://gsec.hitb.org/materials/sg2016/COMMSEC%20D1%20-%20Sweety%20Chauhan%20-%20Data%20Driven%20Software%20Security.pdf

[ Windows ]  Just posted an @ SS_WarRoom blog on my analysis of MS16-098 complete with a BSOD inducing PoC https://warroom.securestate.com/an-analysis-of-ms16-098/