[ Android ]  Another Qualcomm kernel buffer overflow not included in the August security update: https://www.codeaurora.org/buffer-overflow-vulnerability-wcnsswlanwrite-cve-2016-5342. Including this for 5X/6P too.

[ Attack ]  German speakers targeted by Ozone RAT campaign #fortiguard https://blog.fortinet.com/2016/08/29/german-speakers-targeted-by-spam-leading-to-ozone-rat

[ Attack ]  71,000 Minecraft World Map accounts leaked online after 'hack' http://www.theregister.co.uk/2016/08/30/71000_minecraft_world_map_accounts_leak/

[ Attack ]  Exploring the Cybercrime Underground: Part 2 – The Forum Ecosystem http://researchcenter.paloaltonetworks.com/2016/08/unit42-exploring-the-cybercrime-underground-part-2-the-forum-ecosystem/

[ Attack ]  Kuwait Automotive Imports Company Hacked; 10k Accounts Leaked https://www.hackread.com/kuwait-automotive-imports-company-hacked/

[ Browser ]  Stop Cross-Site Timing Attacks with SameSite cookies: http://bit.ly/2bDDJ8C... and cross-site forgery in general. https://t.co/VkqbSUMTkg

[ Crypto ]  Argon2 compiled for browsers with asm.js and WebAssembly https://github.com/antelle/argon2-browser

[ Crypto ]  PyQemu - dynamic binary instrumentation based crypto detection framework. https://github.com/pleed/pyqemu

[ Fuzzing ]  NCC Group Research Insights Volume 9 - Modern Security Vulnerability Discovery - is out! - https://www.nccgroup.trust/uk/our-research/research-insights-vol-9-modern-security-vulnerability-discovery/?research=Whitepapers https://t.co/0K9IbWLGHo

[ macOS ]  OSX/Keydnap spreads via signed Transmission application http://www.welivesecurity.com/2016/08/30/osxkeydnap-spreads-via-signed-transmission-application/ via @ ESET

[ Malware ]  Malware Analysis – Dridex Loader – Part 2 https://countuponsecurity.com/2016/08/28/malware-analysis-dridex-loader-part-2/

[ Malware ]  Inside the Demise of the Angler Exploit Kit https://threatpost.com/inside-the-demise-of-the-angler-exploit-kit/120222/

[ Malware ]  Double-click me not: Malicious proxy settings in OLE Embedded Script https://blogs.technet.microsoft.com/mmpc/2016/08/29/double-click-me-not-malicious-proxy-settings-in-ole-embedded-script/

[ MalwareAnalysis ]  Pythons and Unicorns and #Hancitor…Oh my! Decoding binaries through emulation http://bit.ly/2bYiuPA #Unit42

[ Others ]  The slides from my @ BSidesMCR talk "Hunting Asynchronous Vulnerabilities" are available at https://portswigger.net/knowledgebase/papers/HuntingAsynchronousVulnerabilities2.pdf Video coming soon!

[ Others ]  Mobile Security News Update August 2016 https://www.mulliner.org/blog/blosxom.cgi/security/mobile_security_news_update_august2016.html Much Mobile Malware (also more regular updates from now on!)

[ Others ]  How to Leak Data From Air-Gapped Computers With a USB Device: https://threatpost.com/how-to-leak-data-from-air-gapped-computers-with-a-usb-device/120221/ via @ threatpost

[ Rootkit ]  The SMM Rootkit Revisited: Fun with USB (paper published at ARES 2014): https://www.computer.org/csdl/proceedings/ares/2014/4223/00/4223a279.pdf

[ Tools ]  HanzoInjection injecting arbitrary codes in memory to bypass common antivirus solutions https://github.com/P0cL4bs/hanzoInjection

[ Virtualization ]  PV Calls: a new paravirtualized protocol for POSIX syscalls - https://blog.xenproject.org/2016/08/30/pv-calls-a-new-paravirtualized-protocol-for-posix-syscalls/

[ Web Security ]  The Easiest Way to Bypass XSS Mitigations http://brutelogic.com.br/blog/the-easiest-way-to-bypass-xss-mitigations/

[ Windows ]  [Blog Post] http://subt0x10.blogspot.com/2016/08/advanced-use-case-for-sct-files.html Advanced Use Cases and Bypass with .SCT Files. regsvr32.exe/certutil.exe Feedback Welcome.

[ Windows ]  Doesn't carbonblack have a filter driver to catch SET_REPARSE_POINT FSCTL rather than check cmdline for mklink? https://www.carbonblack.com/2015/08/05/bit9-carbon-black-threat-research-team-unveils-nefarious-intents-of-volume-shadows-copies/