Watch This Space @wtsdev
Watch This Space: A security research blog. wts.dev The Interwebs Joined August 2024-
Tweets2K
-
Followers604
-
Following542
-
Likes8K
Apple Internals: Swift in the Kernel open.substack.com/pub/calif/p/ap…
@calif_io Oh wow. I wonder if this is going to put pressure on for better Swift reversing tooling.
@theo With this government? It's really a toss-up. Sometimes things get thrown out quickly. Other times, it gets dragged on for a *while*. I honestly wasn't holding my breath for the former, so I'm not really surprised at all.
@gergely_kalman I was trying it with the user one. It worked once, but I realized I had SIP disabled and, when I re-enabled it, it stopped working.
@gergely_kalman I think I tried it once before and, at the very least, it couldn't touch the TCC database directly (tried copying it to Desktop and back). But I never tried indirection.
@gergely_kalman Does it? Is there some tradecraft I'm unaware of?
@gergely_kalman To push back on my own point, getting access to the database file is arguably a full bypass, while others could be only partial. It's still a weird requirement, though, imo.
@gergely_kalman The TCC bypass guidelines explicitly say that, if you don't touch the database, you get less of a payout. Which I find odd, as it's the same impact anyway, but it's their program to run however they want.
@gergely_kalman I'd also be curious to see how it affects corporate IT admins, who may have scripts and such designed with the idea that that file is where it is and can be edited with Full Disk Access.
@gergely_kalman This is interesting, but it also will probably kill the last remaining bits of research into local logic attacks on macOS. Corrupting that database directly was one of the last remaining logic bugs that Apple actually payed somewhat well for. That, and Gatekeep bypasses, I guess.
@probonopd This is... interesting. I wonder how far it will get.
@EricParker Theo's theory is that Arch finally became popular enough for it to be valuable for threat actors to target. x.com/theo/status/20…
This would never have been worth it when Arch was only used by “Arch people” (unemployed nerds) Now that we’ve tricked normal people into using Arch, it is suddenly valuable as an attack surface
@LeakerApple I'd take a look at @theo's historical coverage if you want to know more.
@theo I've been thinking a lot more recently about the tactics of threat actors and the values of attack surfaces. Things definitely seem to be shifting, and it's incredible to watch.
@theevilbit @zippgod24 Honestly, I think the timeline point here is a bit valid. Due to Apple's months-long release cadence, bugs take a while to have the patch in place. Other vendors have much quicker release cadences.
@p_x9 This is terrifying, and I love it.
@theo This from Anthropic: x.com/AnthropicAI/st…
Our internal data shows Claude is accelerating AI development—a possible path to recursive self-improvement, or AI autonomously building a more capable successor. It’s happening faster than we thought, and the implications deserve greater attention. anthropic.com/institute/recu…
@cultcrit @LouiseS1996 @ShamashAran That is a valid criticism.
@cultcrit @LouiseS1996 @ShamashAran The command in the screenshot is (arguably) safe. But the more you get used to this, the easier it is for threat actors to trick you down the line with fake lookalike pages if you don't read the script every time you paste. And, as mentioned, they have been successful with that.
Lil Bindle @YungBindlestiff
105 Followers 5K Following
AT @Adrien_Thuau
19 Followers 2K Following
Volker @volkertech
0 Followers 55 Following
キリル @khgoblinn
3 Followers 181 Following
d3thtripp3r @d3thtripp3r
0 Followers 347 Following
d4rkc0nd0r @d4rkc0nd0r
273 Followers 873 Following
theonexc @theonexc1
0 Followers 5K Following
impostor @impost0r_
2K Followers 424 Following prompt engineer for binaries | reverse engineer, exploit developer, equally bad at both | https://t.co/FJ88dlQw7W | mastodon: @[email protected] former s.c
whitecyberduck @whitecyberduck
4K Followers 671 Following Ayub Jabril Yusuf | 🇸🇴🇺🇸 (he/him) | Hacker @SpecterOps | GSE • OSCP
Teodor Sorescu @teodorsorescu
8 Followers 28 Following
cem @cemonatk
10 Followers 628 Following
Whyteee @whyteee404
5 Followers 62 Following
jon jacobsons @jonjacobsons
44 Followers 4K Following
Jamf Threat Labs @JamfThreatLabs
221 Followers 29 Following Mac security research and threat hunting team. Sharing findings discovered by @JamfThreatLabs at @JamfSoftware.
Abhishek Chaudhary @abhizz
135 Followers 4K Following Now - Security minion. Before - A bit of cloud
Colee Gideon @coleegideon
1 Followers 577 Following
Ellie Winters @N104AP
612 Followers 417 Following
Jessy🇮🇪 @Jessycakeboi
111 Followers 710 Following I play roblox and I love messing with Windows OS: Windows 10, Android 15, iPadOS 18.7.8 I help Asher get streams on @KreekVODArchive on yt ALT: @TrueRobloxPro
Danielle Cortez @DaniByTheBeach
1K Followers 3K Following
Snakesan @Snakesan
676 Followers 1K Following Creating assistive technologies | OVERSEER // ACK // NEON FLUX // VITALITY.SYS // Protocol: Hydration | Cybersecurity hobbyist | I use X more as a dev log
Mohammed | مُحَم... @mmuteb_
3K Followers 1K Following Mobile (Development/Security/Forensics) | DevSecOps
Jopraveen @jopraveen18
894 Followers 734 Following { 23 y/o | VR @zoho | CTFs with @Infobahn_ctf | https://t.co/OFX17OHmJX }
Tu Tri Mi @trimituvn
22 Followers 2K Following
johnny @zeroxjf
4K Followers 175 Following iOS & MacOS Researcher (AI-Assisted) @trycua https://t.co/4vu4rvK5b5
Hajorda @thehajorda
0 Followers 27 Following
Mark Vella @mark__vella
108 Followers 524 Following typesafety e2e, nvim tinkering, selfhosting, mech kbs, bjj, arsenal fc, f1 trivia, etc retweeting bangers
Su Ho @vansu_ho
18 Followers 481 Following Engineering Lead @ Nimble. Software engineer at heart. Talks about AI/LLMs, leadership, engineering growth.
Rishikesh S @rishikesh_s_18
4 Followers 147 Following
crux @cruxya
1 Followers 370 Following
hamayoon khan @khan_hamay39080
2 Followers 145 Following
cesar @cesar_az1
36 Followers 382 Following
Camil Blanaru @camilblanaru
192 Followers 830 Following Systems Engineer with a passion for clouds. Building https://t.co/CbEYr7xPDX
Vivien Chantrel @vivienchtrl
5 Followers 215 Following
Steven Matthews @sfmatthews
157 Followers 638 Following Steven Matthews, CTO for Greenville-based non-profit.
Asukiko @asukiko_f
39 Followers 1K Following Seek and destroy threats | I will find your malware and take down it | DM for Study together | I do not use Twitter so much | him, his | @Intelis_ABIN Agent/SEC
Paradigm Shift @prdgmshift
1K Followers 0 Following Premium European cybersecurity research provider, powered by a world-class team with a decade-long track record.
Mundays @i_love_mundays
1K Followers 1K Following doing things for @theo | Founder of Weekend Ventures | Content Strategy & Production | Tampa
lcamtuf @lcamtuf
40K Followers 499 Following Substack: https://t.co/yFvmNisGW3 Homepage: https://t.co/iFAXZxCO5H
2lay @twolays
923 Followers 1K Following swe & infra hobbyist & stock trader, running zen 5 out of a swedish garage
Nightmare Eclipse @ChaoticEclipse0
13K Followers 576 Following
Ashish Kunwar @D0rkerDevil
13K Followers 6K Following ex @Microsoft | Vulnerability Research | ios/mac research 🙂
d1ngbat @d1ngbat_
536 Followers 426 Following musician turned infosec analyst. premium goofs as a service. my employer has no clue this account exists but my thoughts are my own.
trish ang @feesh
1K Followers 1K Following Designer slash developer, climber of rocks, boarder of snow. EM @slackhq. Volunteers @oakland_cm. Hella gay. she/they 🌈
Michael Gillespie @demonslay335
37K Followers 66 Following Loves cats, bunnies, and coding. #Ransomware Hunter. Creator of the service ID Ransomware. Views expressed are my own.
MalwareHunterTeam @malwrhunterteam
254K Followers 37 Following Official MHT Twitter account. Check out ID Ransomware (created by @demonslay335). More photos & gifs, less malware.
キリル @khgoblinn
3 Followers 181 Following
d4rkc0nd0r @d4rkc0nd0r
273 Followers 873 Following
Malware Village @MalwareVillage
2K Followers 91 Following Founded by @LambdaMamba & @cybersyrupblog | Run by World Cyber Health Non-Profit | Discord: https://t.co/JE25nRRco6 | Email: [email protected]
Haus of Decline @hausofdecline
271K Followers 2K Following Hank of Decline Website - https://t.co/x1yxb0BWDM Patreon - https://t.co/Awbuy7xogD
_ZN4DionC1Ev @justdionysus
5K Followers 1K Following I write software and drive around Baltimore looking for stuff to do.
Bruce Dang @brucedang
5K Followers 1K Following Sweeping the floor at https://t.co/CM8ErzxC5z (we are hiring). Previously at Microsoft/Veramine/Apple. author of Practical Reverse Engineering.
Yiğit Can Yılmaz @yilmazcanyigit
3K Followers 611 Following 🧑💻 Computer Engineer | Cyber Security Analyst
Alex Rad @defendtheworld
2K Followers 1K Following On a mission to make networking secure and simple. https://t.co/NnoAMwpuYA
Corbin Crutchley @crutchcorn
7K Followers 479 Following Senior Engineering Manager @GetSTORD | @GitHub Star | @Microsoft MVP | @Playful_Program Founder | @tan_stack Maintainer | Opinions are my own
Dillon Mulroy @dillon_mulroy
32K Followers 4K Following principal engineer @cloudflare • tweets about functional programming, typescript, neovim, & formula 1 • https://t.co/6Vr6DiQUoM • https://t.co/tlUe9v9eZC
Linghua Jin 🥥 🌴 @LinghuaJ
5K Followers 3K Following cofounder @cocoindex_io infra & AI, ex-google tech lead star ⭐ https://t.co/Hd5tSRgQi8
clairebear @geckotailzz
20K Followers 202 Following reformed edgelord / Black Lives Matter / Trans Rights are Human Rights / comics: @geckowo / asexual
Safia 👩🏾💻 @captainsafia
23K Followers 515 Following building at @warpdotdev, prev: @microsoft • dream big and follow through even bigger
David Stern @vorporeal
388 Followers 237 Following Engineer, thinker, procrastinator, idealist. Too many projects, not enough time. He/him. Currently @warpdotdev; formerly @youtube, @gmail.
eric zakariasson @ericzakariasson
75K Followers 587 Following @cursor_ai & tinkering. https://t.co/udyDUjFI0i
Xint @xint_official
1K Followers 16 Following What if the world's best hackers rebuilt AppSec from the ground up with AI? Meet Xint - autonomous, comprehensive, fast, and actionable.
Bob Ippolito @etrepum
4K Followers 3K Following @missionbit board member. Former founder/CTO of Mochi Media and Fig. Sometimes enjoys writing code. he/him https://t.co/8VABmVoPGI & https://t.co/XjXgNrSq8s bsky
Josh Cohenzadeh @jshchnz
7K Followers 432 Following co-founder, ceo @emergetools (backed by yc, acquired by @sentry) vibing on https://t.co/zd1VJilHqz
Alex Matrosov @matrosov
20K Followers 2K Following Security REsearch @Anthropicai · Breaking & Fixing AI Failure Modes | Founder @binarly_io · @SBOM_Tools · @REhints | Author “Rootkits & Bootkits" (https://t.co/1wd2dfYHY6)
john @nyan_satan
17K Followers 149 Following demonic beast from another era (with F20.0) | https://t.co/W7w9FmL4Fd
Barrel Of Lube @barre_of_lube
2K Followers 753 Following 21, Stay Freaky, math + stat, @hexclave, ex @orchid_hq music n people enjoyer
Jamf Threat Labs @JamfThreatLabs
221 Followers 29 Following Mac security research and threat hunting team. Sharing findings discovered by @JamfThreatLabs at @JamfSoftware.
Ellie Winters @N104AP
612 Followers 417 Following
安坂星海 Azaka ||... @AzakaSekai_
14K Followers 7K Following ‧₊˚ ⋅ VTuber ⊹˚. Employed CTI Researcher ♡‧₊˚ SV Cover Artist @azakasekaip ✧・゚https://t.co/h3frxp4AWO *:・˚ @jamama_666 / @MomoiroKohi / @justNovaj / #artsyaz
Felix Rieseberg @felixrieseberg
68K Followers 720 Following Claude Cowork / Code @AnthropicAI, Co-Maintainer https://t.co/g4potti8nqYou might like
