[ Browser ]  Security vulnerabilities fixed in Firefox 52 https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/

[ Challenges ]  flAWS #aws #security challenges by @ 0xdabbad00 -> check it out. http://flaws.cloud/

[ Linux ]  Security issue in Linux kernel (v4.5+) persistent memory enabling http://seclists.org/oss-sec/2017/q1/570

[ MalwareAnalysis ]  Analyzing PowerShell based attacks in PowerShell v5.0 with ScriptBlockLogging - http://blog.joesecurity.org/2017/03/powershell-scriptblocklogging-rocks.html?m=1 #blueteam

[ MalwareAnalysis ]  Shamoon 2.0 / Stonedrill technical report : https://securelist.com/files/2017/03/Report_Shamoon_StoneDrill_final.pdf (pdf) https://t.co/x1rvdRZRPN

[ Obfuscation ]  Analyzing obfuscated scripts using nothing but a text editor http://blog.nviso.be/2017/03/07/analyzing-obfuscated-scripts-using-nothing-but-a-text-editor

[ Others ]  [BLOG] How to Attack Common SSO Vulnerabilities - http://bit.ly/2lSRlyh - nice work Jem!

[ Others ]  How to securely sign .NET assemblies https://lowleveldesign.org/2017/03/07/how-to-securely-sign-dotnet-assemblies/

[ Pentest ]  PSExec For Lateral Movement (How it works, including PowerShell variants) https://www.toshellandback.com/psexec

[ Popular Software ]  #WesternDigital #MyCloud Multiples #RCE PoC Video https://www.youtube.com/watch?v=aKu_yWrIIFI https://www.exploitee.rs/index.php/Western_Digital_MyCloud #WD #infosec #NAS

[ Programming ]  awesome-safety-critical : Resources about programming practices for writing safety-critical software : https://github.com/stanislaw/awesome-safety-critical

[ SecurityReport ]  Analysing the use of outdated JavaScript libraries on the web https://blog.acolyer.org/2017/03/07/thou-shalt-not-depend-on-me-analysing-the-use-of-outdated-javascript-libraries-on-the-web/

[ Tools ]  What’s new in Visual Studio 2017 - https://www.visualstudio.com/en-us/news/releasenotes/vs2017-relnotes #VisualStudio2017

[ Tools ]  Check-out info from @ChrisTruncer on Veil 3 including the latest update, evasion techniques, and release https://t.co/ZLFVOa7ax5 #Veil3

[ Tools ]  The CIA have nice IOS exploits from GCHQ - MACHO parsing to defeat codesign, KASLR bypass OSKextCopyLoadedKextInfo https://t.co/PnY8LZoFFb

[ Tools ]  Best way to integrate into @ blockadeio is the cloud node "/admin/add-indicators" call. Python script sample here - https://github.com/blockadeio/cloud_node/blob/master/test-scripts/add-indicators.py

[ Tools ]  Introducing BinSkim – a binary static analysis tool by Microsoft https://blogs.msdn.microsoft.com/secdevblog/2016/08/17/introducing-binskim/

[ Tools ]  INTERLOCK release 2017.03.07: file creation feature, default-deny all resources in CSP, UI improvements. https://t.co/PPtUnFQe0B

[ Windows ]  Another post in the series: Windows Kernel Local Denial-of-Service #3: nt!NtDuplicateToken (Windows 7-8), http://j00ru.vexillium.org/?p=3187

[ Windows ]  Easy local Windows Kernel exploitation : https://media.blackhat.com/bh-us-12/Briefings/Cerrudo/BH_US_12_Cerrudo_Windows_Kernel_WP.pdf (pdf) #BHUSA12

[ Windows ]  New Core Labs blog "Kerberos Delegation, SPNs and More..." http://hubs.ly/H06zJPb0 by @ agsolino https://t.co/niz2ZjDH8m