🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

New RE Video: youtube.com/watch?v=3imRXE… In this video, I analyze a recent DPRK attributed Mach-O. Not a complicated sample, however does highlight some strange function calling which may interfere with static analysis. Enjoy! :)

Found multiple #Clickfix domains connecting to odyssey1[.]to:3333 AMOS Malware 45[.144.233.192 83[.222.190.250 185.39.206.183 appmacosx[.com financementure[.com appsmacosx[.com macosxapp[.com macosapp-apple[.com macapps-apple[.com macapp-apple[.com republicasiamedia[.com

Since I haven't posted any exploit videos in a while, here's a macOS Tahoe LPE. 🐟

As always, another fun read by alden :) there are some really cool techniques too!

BlueNoroff has been actively targeting victims in the crypto space. On macOS, they've used Script Editor for initial access and now leveraging Automator to bypass Gatekeeper checks. Here are two lures that cleverly download additional payloads and display a decoy PDF, all via

Hot on the heels of the researched published by Huntress, hunting for Zoom-themed lures from DPRK's #BlueNoroff 💥Learn hunting techniques 💥Leverage new Validin features and data 💥Full, unredacted indicator list (domains, IPs, hashes) validin.com/blog/zooming_t…

⏳ Just one week left to submit your talk to #OBTS v8 objectivebythesea.org/v8/cfp.html (CFP closes June 30th). We’ve expanded to 3 days of talks this year, making room for even more cutting-edge research +  first-time speakers. So submit your Apple security-themed proposal today!

Hello friends. Check out this awesome and unique role that just opened up on my team in SEAR. Wanna secure Apple silicon, ROMs, iBoot, and more? jobs.apple.com/en-us/details/…

Fun crossover blog about TA829 (RomCom) & TransferLoader with my ecrime pals it’s got everything: 🛰️ Popped routers for sending phish 📊 ACH on attribution 👾 custom protocols 👽 cool malware 🕵️ crime 🎯 espionage ❔many unanswered questions proofpoint.com/us/blog/threat…

Check out our new blog post !

The feeling of building a road in Death Stranding 2 is unparalleled.

🗞️ We couldn't fit our analysis of a new #AMOS #macOS #backdoor into a thread here, so we published a whole article! We appreciate SANS Institute, BleepingComputer, and others for sharing it! Give it a read! moonlock.com/amos-backdoor-…

The Huntress US SOC is looking for some analysts. So if anyone is looking for a role that can be challenging, has malware to play with, and the chance to learn and grow from some awesome people, then take a look at the roles here: lnkd.in/g2aN3hNk.

Doing a Swift RE talk at #DEFCON33 Malware Village :) Never been to DEFCON before so I’m looking forward to meeting people! #DC33 #MalwareVillage

📢 Just dropped: the full #OBTS v8 talk lineup! objectivebythesea.org/v8/talks.html And for the first time we'll have 3 full days of presentations! 🤩 Congrats to the selected speakers and mahalo to all who submitted. With ~100 submissions, selecting the final talks was a daunting task! 😫

[email protected] 🇺🇦 We were given a live demo of reversing a macOS malware sample and annotating the disassembly to make it all make sense by L0Psec using Vector 35’s Binary Ninja #OFTW

🍎🐛macos 15.6 is out, a few new CVEs and mentions... NetAuth Impact: An app may be able to break out of its sandbox CVE-2025-43275 PackageKit Impact: An app may be able to bypass certain Privacy preferences CVE-2025-43232 CoreUtils We would like to acknowledge...