[ Android ]  For an unspecified reason, Google switched all the Nexus factory image files to ZIP (instead of TGZ) today. http://droidsec.org/nexus updated!

[ Android ]  How Trojans manipulate Google Play https://securelist.com/blog/research/75894/how-trojans-manipulate-google-play/

[ Attack ]  Dropbox Data Breach, more than 68 Million account details leaked online http://securityaffairs.co/wordpress/50803/data-breach/dropbox-data-breach.html

[ Browser ]  Stealing all browser data (passwords,history etc.) from Yandex Browser by exploiting a CSRF in Yandex's sync system https://www.netsparker.com/blog/web-security/csrf-vulnerability-yandex-browser/

[ Crypto ]  New cloud attack takes full control of virtual machines with little effort http://arstechnica.com/security/2016/08/new-attack-steals-private-crypto-keys-by-corrupting-data-in-computer-memory/ by @ dangoodin001

[ Detect ]  Best paper I've ever read for Intrusion detection with Windows Events! https://cyber-ir.com/2016/08/27/intrusion-detection-with-windows-event-ids/ #dfir #ThreatHunting

[ Fuzzing ]  NCC Group Open Source: Hodor Fuzzer - a generic fuzzer design - https://github.com/nccgroup/hodor by Joel St. John, Braden Hollembaek, and Frank Arana

[ IoTDevice ]  Exploiting PS Vita kernel: sceNetIoctl use-after-free https://blog.xyz.is/2016/vita-netps-ioctl.html

[ Linux ]  So I lost my OpenBSD FDE password - reversing the metadata and building a bruteforcer https://blog.filippo.io/so-i-lost-my-openbsd-fde-password/

[ MachineLearning ]  Baidu releases deep learning framework - nice work @ AndrewYNg https://twitter.com/jeremyphoward/status/770760275213430784

[ Operating System ]  #Genode 16.08 released https://genode.org/documentation/release-notes/16.08

[ Others ]  Using #Intel #SGX to Protect On-line #Credentials. Read this http://ow.ly/pyQ4303DcZi https://t.co/3fpB29uXDy

[ Others ]  Comma Separated Vulnerabilities explanation (With different attack vectors) - http://www.contextis.com/resources/blog/comma-separated-vulnerabilities/

[ Others ]  New #infosec course by the Dr. himself @ JaredDeMott "Sec for #hackers & #devs: Code Auditing" @ pluralsight https://app.pluralsight.com/library/courses/code-auditing-security-hackers-developers/table-of-contents

[ Others ]  Smaller and faster data compression with Zstandard https://code.facebook.com/posts/1658392934479273/smaller-and-faster-data-compression-with-zstandard/

[ Others ]  Code Injection and Its Types- Part 1 http://resources.infosecinstitute.com/code-injection-types-part-1/

[ Others ]  Fake ransomware spreading via Redis compromise: https://duo.com/blog/over-18-000-redis-instances-targeted-by-fake-ransomware

[ Protocol ]  Attacking SS7: Mobile Operators Security Analysis http://blog.ptsecurity.com/2016/08/attacking-ss7-mobile-operators-security.html

[ Tools ]  New version of Sysinternals Suite is out https://technet.microsoft.com/en-us/sysinternals/bb842062

[ Tools ]  SQL Map tamper scripts guide - http://www.forkbombers.com/2016/07/sqlmap-tamper-scripts-update.html

[ Windows ]  Windows 10 symbols are on symbol server finally. Yay! It turns out the best email address for symbol bugs is on: https://developer.microsoft.com/en-us/windows/hardware/download-symbols