[ Browser ]  Decrypting Google Chrome Safe Storage Passwords on OS X http://bufferovernoah.com/2016/10/17/chrome/

[ Conference ]  the speakers' list for SyScan360 in Shanghai is out. go check out https://www.syscan360.org/en/speakers/ http://fb.me/7QGGFHoQv

[ Crypto ]  #AppSecUSA2016 HTTP & TLS in 2016 by @ kennwhite https://speakerdeck.com/kwhite/https-and-tls-in-2016-security-practices-from-the-front-lines [v hard https://twitter.com/daniel_bilar/statuses/573434668655091713?tw_i=573434668655091713&tw_e=permalink&tw_p=archive see also… https://t.co/vb7rsz5puM

[ Forensics ]  Writeup on extracting LastPass Site Credentials and LastPassPrivateKey from Memory with… https://techanarchy.net/2016/10/extracting-lastpass-site-credentials-from-memory/ https://t.co/qej0KfO0DT

[ IoTDevice ]  Setting up a Research Environment for IP Cameras https://insinuator.net/2016/10/setting-up-a-research-environment-for-ip-cameras/

[ Language ]  The slides for my high performance #golang workshop are online, http://talks.godoc.org/github.com/davecheney/high-performance-go-workshop/high-performance-go-workshop.slide#1 Enjoy!

[ Linux ]  Exploiting #Linux kernel heap using a real #UAF method against CVE-2016-6187 vulnerability. cc: @binitamshah… https://t.co/to3ApobQvF

[ Malware ]  #PrincessLocker increases ransom to 3 bitcoins when victim fails to pay within 7 days. Other detections: http://bit.ly/2do2W7p #ransomware

[ Others ]  Insecure Defaults - Exploiting LOAD DATA LOCAL INFILE https://blog.tarq.io/insecure-defaults-exploiting-load-data-local-infile/

[ Others ]  This is a great blog post about applied CFI on OSX/Linux. Let’s talk about CFI: clang edition | Trail of Bits Blog https://t.co/E1x1NJfjXM

[ Others ]  New on the MicrosoftEdge GitHub: We've open-sourced the scripts we use to generate our free testing VMs https://t.co/H2Y50iqjwA

[ Others ]  New blog post: Linq Injection – From Attacking Filters to Code Execution https://insinuator.net/2016/10/linq-injection-from-attacking-filters-to-code-execution/

[ Popular Software ]  [remote] - Ruby on Rails - Dynamic Render File Upload Remote Code Execution https://www.exploit-db.com/exploits/40561/

[ Popular Software ]  Security assessement of VeraCrypt 1.18. http://blog.quarkslab.com/security-assessment-of-veracrypt-fixes-and-evolutions-from-truecrypt.html

[ Programming ]  Exploring ARM inline assembly in @ rustlang http://embed.rs/articles/2016/arm-inline-assembly-rust/ < awesome!

[ Tools ]  Hypercalls fuzzing is now supported from within Linux VMs as well: https://github.com/chipsec/chipsec/pull/103

[ Web Security ]  Published the Net Cease tool to help admins to harden their environments against malicious net sessions scans… https://t.co/fineC6RNfw

[ Windows ]  Use the new Nano Server Image Builder to create a custom Nano image: https://blogs.technet.microsoft.com/nanoserver/2016/10/15/introducing-the-nano-server-image-builder/

[ Windows ]  Windows: DFS Client Driver Arbitrary Drive Mapping EoP https://bugs.chromium.org/p/project-zero/issues/detail?id=885

[ WirelessSecurity ]  Code is up! Transmit your own HD Radio signal with a HackRF or USRP. https://github.com/argilo/nrsc-5 #GnuRadio #SDR https://t.co/m3TgRwYJ6q