[ Browser ]  Hunting bugs in the Microsoft Edge Script Engine : https://recon.cx/2017/brussels/resources/slides/RECON-BRX-2017-Your_Chakra_Is_Not_Aligned.pdf (Slides) cc @ natashenka #reconbrx

[ iOS ]  #iOS 10.3 (14E5260b) OTA [Beta: #iOS103DevBeta4] has been released for 36 devices https://ipsw.me/otas/10.3

[ Malware ]  #Unit42 observes threat group distributing new, custom developed malware. Learn more about the Gamaredon Group: http://oak.ctx.ly/r/5gexr

[ MalwareAnalysis ]  NCC Group Blog: Latest ISM RAT analysis used by a group called Greenbug - https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/february/ism-rat/ by our Cyber Defence Ops malware team

[ MalwareAnalysis ]  #Necurs botnet adds SOCKS/HTTP proxy, learns new #DDoS trick - http://bit.ly/2lgvtwp

[ MalwareAnalysis ]  #NDSS17 Today Enrico presents MaMaDroid, our paper on Android malware detection from API calls behavior. Read it at… https://t.co/DZmdJsc4MR

[ Mitigation ]  The Chakra Exploit and the Limitations of Modern Mitigation Techniques - https://www.endgame.com/blog/chakra-exploit-and-limitations-modern-mitigation-techniques

[ Mobile ]  SSD Advisory – HTC Sync Remote Code Execution https://blogs.securiteam.com/index.php/archives/3026

[ Operating System ]  How I ended up writing a new real-time kernel : https://dmitryfrank.com/articles/how_i_ended_up_writing_my_own_kernel https://t.co/HvLJ3bogXz

[ Others ]  ROP Primer - Walkthrough of Level 0: https://xpnsec.tumblr.com/post/156417043491/rop-primer-walkthrough-of-level-0 , Lvl - 1 : https://xpnsec.tumblr.com/post/156575450701/rop-primer-walkthrough-of-level-1 , Lvl 2: https://xpnsec.tumblr.com/post/156732742881/rop-primer-walkthrough-of-level-2 cc @ _xpn_

[ Pentest ]  OS Command Injection to Meterpreter https://hack2rule.wordpress.com/2017/02/25/os-command-injection-to-meterpreter https://t.co/1E1xXNhVgS

[ Popular Software ]  The project integrates #OpenPGP into #Gmail via a #Chrome extension. #E2EMail https://threatpost.com/google-releases-e2email-to-open-source/123923/ via @ threatpost

[ Popular Software ]  Multiple remote code execution vulnerabilities in Iceni Argus PDF Content Extraction affect MarkLogic http://blogs.cisco.com/security/talos/vulnerability-spotlight-multiple-remote-code-execution-vulnerabilities-in-iceni-argus-pdf-content-extraction-affect-marklogic

[ SecurityProduct ]  CVE-2016-9892 - Remote Code Execution as Root via ESET Endpoint Antivirus 6 https://goo.gl/fb/8rFncV #FullDisclosure

[ Tools ]  Just posted my source code to GitHub for reflectively loading a Windows kernel driver https://github.com/Professor-plum/Reflective-Driver-Loader

[ Tools ]  haveIbeenHarvested - Automated HaveIbeenPwned lookups using theharvester results https://github.com/depthsecurity/haveIbeenHarvested

[ Windows ]  First post in a series on Windows kernel shellcode on Windows 10 https://improsec.com/blog//windows-kernel-shellcode-on-windows-10-part-1

[ Windows ]  x64 version of my HEVD StackOverflow exploit with SMEP Bypass https://github.com/Cn33liz/HSEVD-StackOverflowX64/blob/master/HS-StackOverflowX64/HS-StackOverflowX64.c Works on Windows 8.1 x64 (ver… https://t.co/m2Fj4nAHiT

[ Windows ]  This week's release: Windows Kernel Local Denial-of-Service #2: win32k!NtDCompositionBeginFrame (Windows 8-10), http://j00ru.vexillium.org/?p=3151