[ Crypto ]  Google AI invents its own cryptographic algorithm : http://arstechnica.co.uk/information-technology/2016/10/google-ai-neural-network-cryptography/ , Paper : https://arxiv.org/pdf/1610.06918v1.pdf (pdf)

[ Fuzzing ]  shared a ppt about my js-kernel-fuzzer https://github.com/tinysec/public/blob/master/FuzzWindowsKernelViaJavascript/JSkernelFuzzer.pptx

[ iOS ]  Controlled vm_deallocate size can lead to UaF in launchd https://bugs.chromium.org/p/project-zero/issues/detail?id=896

[ iOS ]  Logic issue in launchd message requeuing allows arbitrary mach message control https://bugs.chromium.org/p/project-zero/issues/detail?id=893

[ Linux ]  DTrace for Linux 2016 : http://www.brendangregg.com/blog/2016-10-27/dtrace-for-linux-2016.html cc @ brendangregg https://t.co/tvVh9c0BPD

[ macOS ]  To top it all off, Ian also found a bug in auto-generated MIG code leading to a UAF on a mach_port_t: https://bugs.chromium.org/p/project-zero/issues/detail?id=882

[ macOS ]  HITCON 2016 - (P)FACE into the Apple core and exploit to root http://hitcon.org/2016/CMT/slide/day1-r2-c-1.pdf

[ macOS ]  Using email for persistence on OS X https://www.n00py.io/2016/10/using-email-for-persistence-on-os-x/

[ macOS ]  Strolling into Ring-0 via I/O Kit Drivers : https://speakerdeck.com/patrickwardle/o-kit-drivers (Slides) cc @ patrickwardle

[ Malware ]  Get your RAT on Pastebin https://blog.malwarebytes.com/cybercrime/2016/10/get-your-rat-on-pastebin/

[ Mitigation ]  New post: Control Flow Guard Improvements in Windows 10 Anniversary Update http://bit.ly/2eYdFn7 @ TrendMicro

[ Network ]  BinProxy - BinProxy is a proxy for arbitrary TCP connections http://www.kitploit.com/2016/10/binproxy-binproxy-is-proxy-for.html

[ Obfuscation ]  Tigress_protection : Playing w/ Tigress binary protection.Automatic deobfuscation using symbolic execution and LLVM: https://github.com/JonathanSalwan/Tigress_protection

[ Others ]  .@ Apple patches iTunes, iCloud for Windows, Xcode Server - http://bit.ly/2ejfpYa

[ Others ]  "Mozilla announces Project Quantum, an improved rendering engine for Firefox" http://www.androidpolice.com/2016/10/27/mozilla-announces-project-quantum-improved-rendering-engine-firefox/

[ Popular Software ]  Oliver Chang (@ halbecaf) has been working with Project Zero on a '20% project' to attack the NVidia GPU driver: http://nvidia.custhelp.com/app/answers/detail/a_id/4247

[ Tools ]  my chakra based javascript windbg extension , part of my jsrt project https://github.com/tinysec/jswd https://t.co/fh28BggmKV

[ Tools ]  Hacking Secret Ciphers using Python : http://inventwithpython.com/hacking/chapters/

[ Tools ]  Our #eko12 2016 Ebowla updates are posted! Includes slides and PowerShell payloads: https://github.com/Genetic-Malware/Ebowla/blob/master/README.md. Cc: @ wired33

[ Web Security ]  Joomla – From No One to the Highest Privilege https://blog.fortinet.com/2016/10/27/joomla-from-no-one-to-the-highest-privilege

[ Windows ]  New blog post! JavaScript extensibility and scripting in #WinDbg #JavaScript #debugging https://blogs.msdn.microsoft.com/windbg/2016/10/27/new-insider-sdk-and-javascript-extensibility/

[ Windows ]  New feature in @ Microsoft Office 2016 protects against macros in Office 2013 - http://bit.ly/2dOuwwH

[ Windows ]  Windows Metafiles : An Analysis of the EMF Attack Surface & Recent Vulnerabilities : http://www.slideshare.net/PacSecJP/jurczyk-windows-metafilepacsecv2 (Slides) cc @ j00ru

[ WirelessSecurity ]  #PacSec 2016 "You Can Hijack Nearly Any Drone Mid-flight Using This Tiny Gadget - http://thehackernews.com/2016/10/how-to-hack-drone.html"