The ExPetr/Petya ransomware which hits the Ukraine last week is actually a disk wiper. Victims are not able to decrypt their data, as the encryption key is not stored anywhere.
Blog with details about the remotely triggerable stack-based buffer overflow found in Avast Antivirus software last year.
Linux Systemd gives root privileges to usernames started with number.
WikiLeaks published a manual describing "OutlawCountry" Linux malware which redirects outgoing Internet traffic using netfilter, iptables. The second published is ELSA, a geo-location malware for WiFi-enabled devices running the Microsoft Windows operating system.
Security researcher Benjamin Kunz-Mejri discovered a Skype (7.2, 7.35, and 7.36) zero-day remote buffer overflow vulnerability CVE-2017-9948.
Great blog post about the problems of a certificate revocation, alternative solutions and how to do it better.
Blog about the novel reflective DLL injection technique called ThreadContinue which uses SetThreadContext() and NtContinue() API calls.