[ APT ]  New blog post on Red|Blue: Automating APT Scanning using the Open Source Loki APT Scanner and Splunk! https://goo.gl/7zyuhS Thx @ cyb3rOps

[ Browser ]  MS Edge - SOP bypass abusing of the reading mode view. Spoof the user! Courtesy of the read: pseudo-protocol ??… https://twitter.com/i/web/status/853943139626831873

[ Browser ]  Phishing with Unicode Domains - https://www.xudongz.com/blog/2017/idn-phishing/

[ Browser ]  Mozilla kills Firefox Aurora channel, builds will move directly from Nightly to Beta https://venturebeat.com/2017/04/17/mozilla-kills-firefox-aurora-channel-builds-will-move-directly-from-nightly-to-beta/

[ Browser ]  Attacking Microsoft Edge to identify users by leaking URLs from Fetch requests http://mov.sx/2017/04/16/microsoft-edge-leaks-url.html

[ Industry News ]  .@ VMware fixes critical RCE in vCenter Server - http://bit.ly/2oijCAt https://t.co/PnJ5lg2F1m

[ Industry News ]  This trend holds for all heap boundary violation CVEs (read & write). Historically, heap out-of-bound reads have be… https://twitter.com/i/web/status/854026092738338816

[ Industry News ]  Wave of Java-Based RATs Target Tax Filers: https://threatpost.com/wave-of-java-based-rats-target-tax-filers/125006/ via @ threatpost

[ Linux ]  CVE - CVE-2017-7889 - CVE http://nzzl.us/rC56qkz

[ Others ]  Rigorous Analysis of Software Countermeasures against Cache Attacks http://software.imdea.org/~bkoepf/papers/pldi17.pdf

[ Others ]  A list of publicly known but unfixed security bugs : https://github.com/ludios/unfixed-security-bugs

[ Others ]  [Good Read] Using Debugging Tools to Find Token and Session Leaks https://blogs.technet.microsoft.com/askds/2017/04/05/using-debugging-tools-to-find-token-and-session-leaks/

[ Others ]  Calling JNI Functions with Java Object Args from Cmd Line https://calebfenton.github.io/2017/04/14/calling_jni_functions_with_java_object_arguments_from_the_command_line/ Great follow-up on https://t.co/gn3QYN4Lik @ caleb_fenton

[ Tools ]  #Nmap Converter - Python script for converting nmap reports into XLS https://github.com/mrschyte/nmap-converter

[ Tools ]  We've run some quick analysis on the latest Shadow Brokers dump. Weird obfuscation decisions, stolen code and more https://t.co/PazX3VCwgM ?

[ Tools ]  Made a new script to automatically setup an Apache2 Mod_Rewrite redirector. Blog Post here: https://blog.inspired-sec.com/archive/2017/04/17/Mod-Rewrite-Automatic-Setup.html

[ Virtualization ]  Our @ WEareTROOPERS slides from #TR17 with @ mikhailgorobets @ c7zero: Attacking hypervisors through hardware emulation https://www.troopers.de/downloads/troopers17/TR17_Attacking_hypervisor_through_hardwear_emulation.pdf