🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

Deserialization of items in the BTM "database" is handled by the BTM daemon (via private "Storage" & "ItemRecord" classes). dlopen'ing the daemon's *binary* gives you runtime access to these classes & deserialization becomes trivial 🤯 (TIL dlopen a non-library binary works 👀)

Have you used a web shell on an offensive assessment recently? Were you able to task and create it through your C2 framework? I'm excited to announce the new Arachne agent for Mythic that allows you to do just that! Check it out posts.specterops.io/spinning-webs-…

ahhh Csaba Fitzl, here we go again! 😁😁 #BHASIA Black Hat

Okay! We did it with Wojciech Reguła ! Another round of TCC vulnerabilities are coming! Next up at Blackhat Asia 🎉🎉 : “The Final Chapter: Unlimited ways to bypass your macOS privacy mechanisms” blackhat.com/asia-24/briefi…

🔥🍎

Stoked to announce "Objective by the Sea" v7.0: objectivebythesea.org/v7/index.html #OBTS v7: 📍 Maui, Hawai'i 🗓️ Dec. 2nd - 6th '24 ...hope to see you all there! 🌞🌴

We’re thrilled to share the news of our partnership with our friends Patrick Wardle & Mikhail Sosonkin over at DoubleYou! At Phorion our mission is simple: empower defenders with the tools they need to protect their macOS estates - no compromises. Partnering with the industry experts

This is huge for Phorion, having integrated the technology built by Patrick Wardle and Mikhail Sosonkin into our product, we’ve teamed up with the best minds in the industry. 🤜🤛

Interested in all the new macOS malware of 2024!? 🍎🐛 I've started my annual "The Mac Malware of <Insert Year>" report. Each day, I'll be adding details of a new (for '24) malware ...including its infection vector, persistence, & capabilities. Follow: objective-see.org/blog/blog_0x7D…

1️⃣3️⃣ The DPRK continued targeting macOS users in 2024. HiddenRisk, (uncovered by SentinelOne), uses phishing emails to install a persistent backdoor. Its most notable trick? Persistence via .zshenv 👀 Read more: objective-see.org/blog/blog_0x7D…

With a process that began two and a half years ago, I'm very excited to announce that I've written a book with No Starch Press! 🎉 "Practical Purple Teaming" tells you all you need to know to get started with collaborative offensive testing. nostarch.com/purple-teaming

Stoked to announce #OFTW v3.0 🥳 This *free* student-centric event provides 🍏 trainings & talks! 📍 London 🗓️ July 24-25th Note: Due to limited space you must apply to attend ℹ️More info/apply: objective-see.org/oftw/v3.html Mahalo to Kandji for supporting this event!

This is going to be a lot of fun! 🍎 I'll be talking about macOS tradecraft and internal red teaming more generally. Attendance is completely free and gives access to the talks and trainings. If you're a student or are starting your career in security, check it out! 🤙

excited bc today Huntress is releasing our analysis of a gnarly intrusion into a web3 company by the DPRK's BlueNoroff!! 🤠 we've observed 8 new pieces of macOS malware from implants to infostealers! and they're actually good (for once)! huntress.com/blog/inside-bl…

Introducing Phorion. A modern EDR platform purpose-built for macOS. Because security teams shouldn’t have to settle for Windows-first tools. 🛡️🍎 🧵

⏳ Just one week left to submit your talk to #OBTS v8 objectivebythesea.org/v8/cfp.html (CFP closes June 30th). We’ve expanded to 3 days of talks this year, making room for even more cutting-edge research +  first-time speakers. So submit your Apple security-themed proposal today!

Known malware is the first line of defence. Phorion keeps it locked down We integrate with Wouter De Clercq (built by Patrick Wardle + Mikhail Sosonkin) and combine it with high-confidence IOCs from internal research and trusted partners. 🧵(1/3)

After a lot of hard work we're finally ready for #OFTW v3 to kick off tomorrow in London! 🇬🇧 "Objective for the We" is a free 2-day event for students, packed with trainings, talks, and panels on intro Apple security topics 👩🏻‍🏫 Huge mahalo to Kandji for supporting it 🙏🏽

[email protected] 🇺🇦 L0Psec Vector 35 After lunch Luke Roberts gave us some Red Team action, showing us how to bridge Python to Objective-C to execute native functions to steal pasteboard contents #OFTW

#OFTW v3 in London is a wrap! 🤩 This free 2-day event brought together Apple security researchers & local students for trainings/talks. Mahalo to the trainers & speakers (+ mikey) & Kandji for supporting us! 😍 Photos, slides, & recordings, to be posted soon.