[ Android ]  Derestricted a fun vuln yesterday; bypassing the TrustZone-enforced kernel module verification. https://bugs.chromium.org/p/project-zero/issues/detail?id=960

[ Backdoor ]  Debugging mechanism in Intel CPUs allows seizing control via USB port : http://www.slideshare.net/phdays/tapping-into-the-core (Slides) , Video : https://www.youtube.com/watch?v=QuuTLkZFsug

[ Browser ]  JavaScript Regular Expressions are now 7-15% faster in V8. Updates & tips on keeping your RegExps fast by @schuay https://t.co/RUhQOlpCyd ?

[ IoTDevice ]  IoT mode fuzzing with OpenBTS #GSM #SDR #IoT #GNURadio https://cn0xroot.com/2017/01/10/iot-mode-fuzzing-with-openbt/ http://www.freebuf.com/articles/wireless/124147.html https://t.co/PCHUY6uLni

[ Linux ]  updated Linux tools diagram (PNG & SVG) with recent bcc additions http://www.brendangregg.com/linuxperf.html https://t.co/ek5CMy3oUU

[ MalwareAnalysis ]  The second wave of Shamoon 2 attacks have been identified. Get the full #Unit42 report http://oak.ctx.ly/r/5cpsh

[ MalwareAnalysis ]  Clickjacking campaign abuses Google Adsense, avoids ad fraud bots https://blog.malwarebytes.com/cybercrime/2017/01/clickjacking-campaign-abuses-google-adsense-avoids-ad-fraud-bots/

[ MalwareAnalysis ]  Partial Evaluation of String Obfuscations for Java Malware Detection https://kar.kent.ac.uk/53716/7/main.pdf

[ Popular Software ]  Command execution on Ansible controller from host https://www.computest.nl/advisories/CT-2017-0109_Ansible.txt

[ Popular Software ]  New advisory and poc for Adobe Flash Player vulnerability found by the COSIG. https://cosig.gouv.qc.ca/en/cosig-2017-01-en/

[ SecurityReport ]  #PatchTuesday - #Security updates available for #Adobe #Flash Player: https://adobe.ly/2iB4awy

[ SecurityReport ]  Microsoft Security Bulletin Summary for January 2017 https://technet.microsoft.com/library/security/ms17-jan

[ SecurityReport ]  Just blogged: A data breach investigation blow-by-blow http://ift.tt/2izh91P

[ Tools ]  Announcing Alacritty, a GPU-accelerated terminal emulator written in #rustlang http://blog.jwilm.io/announcing-alacritty/

[ Tools ]  ceed : A tiny x86 compiler with ELF and PE target : https://github.com/intellectualheaven/ceed , Details : http://logicpundit.com/blog/ceed/

[ Tools ]  Build your own Bad USB Stick for pentesting with wifi and dip switches http://bit.ly/2i8Xpko #infosec #hacking… https://t.co/caCZqaiTm5

[ Tools ]  An automated script that download potential exploit for linux kernel from exploitdb, and compile them automatically http://www.kitploit.com/2017/01/autolocalprivilegeescalation-automated.html

[ Tools ]  Inspector : Privilege Escalation unix helper (Forensics, Kernel exploit list, process) : https://github.com/graniet/Inspector

[ Tools ]  Fluxion – Automated EvilAP Attack Tool http://www.darknet.org.uk/2017/01/fluxion-automated-evilap-attack-tool/

[ Vulnerability ]  CVE-2016-7056 ECDSA P-256 timing attack key recovery (OpenSSL, LibreSSL, BoringSSL) http://seclists.org/oss-sec/2017/q1/52

[ Vulnerability ]  Terror Exploit Kit? More like Error Exploit Kit https://www.trustwave.com/Resources/SpiderLabs-Blog/Terror-Exploit-Kit--More-like-Error-Exploit-Kit/

[ Windows ]  Great work on Windows Intel PT driver, now support kernel mode tracing. Cool guys @richinseattle and @aall86 !. https://t.co/WH0imtqunT

[ Windows ]  Walkthrough of CVE-2016-7255 (PrivEsc) with working POC for Windows 7, 8.1, 10, and 2012 R2 http://ricklarabee.blogspot.com/2017/01/virtual-memory-page-tables-and-one-bit.html