[ Browser ]  Exotic HTTP Headers - Exploration of HTTP security and other non-typical headers : https://peteris.rocks/blog/exotic-http-headers/

[ Firmware ]  Multiple Netgear routers are vulnerable to arbitrary command injection : http://www.kb.cert.org/vuls/id/582384 , More : https://cxsecurity.com/issue/WLB-2016120049

[ MalwareAnalysis ]  Ostap - A JScript malware used to deliver Dridex, Tinba, Ursnif, and Mr.White (leads to TinyLoader -> AbaddonPOS): https://t.co/pLD9OsNm6K

[ Others ]  Excited about Metasploitable3? Us, too. So we're hosting an online #CTF! Check it out: http://r-7.co/2ghDgL9 https://t.co/2RfPFXuEhd

[ Protocol ]  Reverse Engineering the HTC Vive watchman controller protocol https://www.youtube.com/watch?v=oHJkpNakswM

[ Tools ]  New Tool: CloakifyFactory. Turn any filetype into a list of everyday strings to hide/exfiltrate/infiltrate. Enjoy!… https://t.co/LwsRHYMOvD

[ Tools ]  Angular 1.6 is out https://angularjs.blogspot.se/2016/12/angular-160-released.html No more bypasses needed: {{0[a='constructor'][a]('alert(1)')()}} will do https://output.jsbin.com/hapacezilo

[ Tools ]  dedsploit - Framework For Attacking Network Protocols http://www.kitploit.com/2016/12/dedsploit-framework-for-attacking.html

[ Windows ]  Windows 10: protection, detection, and response against recent Depriz malware attacks https://blogs.technet.microsoft.com/mmpc/2016/12/09/windows-10-protection-detection-and-response-against-recent-attacks/

[ WirelessSecurity ]  GreedyBTS – Hacking Adventures in GSM : https://repo.t0x0sh.org/Papers/Network/2014_hacking_gsm.pdf (pdf/Slides) cc @ hackerfantastic