[ Android ]  Android: Kernel information disclosure in "maxdsm_read" https://bugs.chromium.org/p/project-zero/issues/detail?id=964

[ Android ]  Android: Race condition in max86902 driver sysfs interfaces https://bugs.chromium.org/p/project-zero/issues/detail?id=963

[ Android ]  CVE-2016-8467: Attacking Nexus 6 & 6P Custom Bootmodes @ MichaelGoberman @ IBMSecurity #netsec https://securityintelligence.com/android-vulnerabilities-attacking-nexus-6-and-6p-custom-boot-modes/

[ Attack ]  DragonOK continues to update toolset and target Japanese organizations. Get the full #Unit42 report http://oak.ctx.ly/r/5cfks

[ Browser ]  The full list of CSP bypasses with all known vectors that came up during the recent discussions: http://sebastian-lekies.de/csp/bypasses.php

[ Browser ]  [remote] - Microsoft Windows 10 Edge - 'chakra.dll' Info Leak / Type Confusion Remote Code Execution https://www.exploit-db.com/exploits/40990/

[ Browser ]  Reverse Engineering and things I don't want to forget: Building Webkit on Windows http://djmanilaice.blogspot.com/2017/01/building-webkit-on-windows.html?spref=tw

[ Forensics ]  #DFIR Cheat Sheets http://www.dfir.training/index.php/lists/dfir-infographics

[ Language ]  Some notes on Luz - an assembler, linker and CPU simulator http://eli.thegreenplace.net/2017/some-notes-on-luz-an-assembler-linker-and-cpu-simulator/

[ Language ]  Getting started writing 6502 assembly language : https://skilldrick.github.io/easy6502/

[ macOS ]  task_t considered harmful - many XNU EoPs https://bugs.chromium.org/p/project-zero/issues/detail?id=837

[ MalwareAnalysis ]  Technical analysis of CryptoMix/CryptFile2 ransomware https://www.cert.pl/en/news/single/technical-analysis-of-cryptomixcryptfile2-ransomware/ by @ CERT_Polska_en

[ Network ]  IP, DNS & Domain Enumeration Cheatsheet : https://www.rebootuser.com/?p=2189 cc @ rebootuser

[ Pentest ]  [Blog] Lateral Movement using the MMC20.Application COM Object: https://enigma0x3.net/2017/01/05/lateral-movement-using-the-mmc20-application-com-object/

[ Pentest ]  Extracting Saved Credentials From a Pwn3d Nessus System https://www.appsecconsulting.com/blog/extracting-saved-credentials-from-a-pwn3d-nessus-system/

[ Protocol ]  S4U2Pwnage http://www.harmj0y.net/blog/activedirectory/s4u2pwnage/ constrained delegation and S4U2Self/S4U2Proxy, a follow on to @ meatballs__'s post https://t.co/VETJKSvweM

[ SecurityProduct ]  hmmm 2017 began with my own packet of death vulnerability/reported :) https://blog.exodusintel.com/2016/02/10/firewall-hacking

[ Tools ]  HexInject : A very versatile packet injector and sniffer : http://hexinject.sourceforge.net/

[ Tools ]  dress : add symbols back into a stripped ELF binary (~strip) : https://github.com/docileninja/dress

[ Windows ]  When whitelisting 3rd party software signed w/ a cert issued by a common issuer, Device Guard "Publisher" rules FTW. https://technet.microsoft.com/en-us/itpro/windows/keep-secure/deploy-code-integrity-policies-policy-rules-and-file-rules#code-integrity-file-rule-levels

[ WirelessSecurity ]  Hacking and Cloning a Garage Door Opener using SDR Radio #SDR #GnuRadio #Hacking https://www.youtube.com/watch?v=LE1CvGWqSsw

[ WirelessSecurity ]  How we broke into your house:Hacking alarm systems with rtl-sdr and rfcat #SDR #RTL #rfcat http://boredhackerblog.blogspot.hk/2016/02/how-we-broke-into-your-house.html https://t.co/EaxbjFHzou