Runa Sandvik Profile picture
Aug 25 4 tweets 4 min read
Pretty excited for this talk by @patch1t about a one-click macOS takeover, starting out mentioning P0’s iMessage exploit and NSO’s Pegasus spyware. #HITB2022SIN
In his talk, @patch1t also gives a shoutout to @patrickwardle for this 2021 blog post about bypassing macOS's file quarantine, gatekeeper, and notarization requirements. #HITB2022SIN objective-see.org/blog/blog_0x64…
The story of CVE-2021-30657 was one of my favorite talks at #OBTS last year, esp. the way @cedowens, @jbradley89 and @patrickwardle talked through the steps to finding the initial flaw.
The demo code from @patch1t’s talk about a one-click macOS bypass can be found here.👇 github.com/jhftss/One-Cli…

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Runa Sandvik

Runa Sandvik Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @runasand

Sep 29, 2021
Was digging through court records related to Vault 7 and found this tidbit. The FBI used the wifi at Starbucks to download the leak. #OBTS
If you want to better understand how government agencies, such as the CIA, create and use cyber tools, there are some helpful bits in the #Vault7 court records. Here's one example. #OBTS
Makes sense for the CIA (and others, really) to have a code library of basic components in a state that can be readily used. #Vault7 #OBTS
Read 6 tweets
Jun 7, 2020
When I worked at the @nytimes, I had a manager who for two years told me that I’m difficult, nasty, fragile, territorial, controlling. He always told me this in person, in private. (thread)
He told me that I don’t care about other people. That no one wanted to work with me. That people were "more relaxed" when I was away. I respected him. Believed every word he said, every time. I even internalized it, tried to fix it. It was a full year before I told HR.
I simply thought that if I changed, he'd stop. If I did everything right, he'd approve. If I fit in, everything would be OK. That if I used the right words, at the right time, in the right way, he would not lash out.
Read 10 tweets
May 9, 2019
Former intel analyst charged with disclosing classified information to a reporter, the indictment illustrates challenges/risks with journalist/source comms. justice.gov/usao-edva/pres…
P5 outlines comms: analyst researched reporter, attended reporter's book event, searched for classified info re: reporter's beat, texted friends about the event + meeting reporter, reporter emailed analyst article about Snowden, analyst and reporter exchanged texts, emails, etc.
Indictment suggests the analyst and the reporter communicated via emails, texts and in-person meetings prior to using encrypted comms. Book event in April 2013, reporter suggested Jabber in September. Could be they used encrypted comms sooner without this being highlighted here.
Read 4 tweets
Mar 29, 2018
An FBI agent has been charged with leaking information to @theintercept. This article by @mukhtaryare does a good job illustrating how the agency runs leak investigations. A short thread. (1/6) mprnews.org/story/2018/03/…
The search warrant filed in Minneapolis federal court against Albury did not identify The Intercept, but the documents described in the warrant match the documents posted by The Intercept in January 2017. (2/6) theintercept.com/series/the-fbi…
The Intercept filed two FOIAs with the agency in late March 2016. The requests contained specific information about the documents that were not available to the public. The FBI determined that The Intercept "obtained these documents from someone with direct access to them." (3/6)
Read 6 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

:(