Ferdous Saljooki @malwarezoo
staff macOS security researcher @jamfsoftware views are my own Toronto Joined June 2017-
Tweets400
-
Followers752
-
Following385
-
Likes2K
It’s an honor to be speaking at #OBTS again alongside so many incredible researchers. I’ll be sharing simple bugs that bypass Gatekeeper and CDHash revocation, allowing revoked ad-hoc signed malware to run without any re-signing.
It’s an honor to be speaking at #OBTS again alongside so many incredible researchers. I’ll be sharing simple bugs that bypass Gatekeeper and CDHash revocation, allowing revoked ad-hoc signed malware to run without any re-signing.
2
26
61
47K
8
Ferdous Saljooki retweeted
Jamf Threat Labs uncovered a new variant of the Odyssey Infostealer — signed and notarized at the time of discovery. This variant includes backdoor functionality and techniques that align with recent Atomic Stealer research by @moonlock_lab. More here: jamf.com/blog/signed-an…
Ferdous Saljooki retweeted
excited bc today @HuntressLabs is releasing our analysis of a gnarly intrusion into a web3 company by the DPRK's BlueNoroff!! 🤠 we've observed 8 new pieces of macOS malware from implants to infostealers! and they're actually good (for once)! huntress.com/blog/inside-bl…
Ferdous Saljooki retweeted
💪 Our team has identified a new variant of XCSSET malware and blogged about it! microsoft.com/en-us/security…
After posting the hunting query for macOS stealers yesterday, I noticed today that the ".file" extension for the scripts was changed to randomized extensions like "BraveTalk_Setup.ASpCp" and "Harmony.hklnP". The malware authors are paying attention 😆
XCSSET payload recently uploaded to VirusTotal appears to align with Microsoft's findings, including persistence via zshrc and dock virustotal.com/gui/file/a0ee7…
XCSSET payload recently uploaded to VirusTotal appears to align with Microsoft's findings, including persistence via zshrc and dock virustotal.com/gui/file/a0ee7…
Ferdous Saljooki retweeted
"Radiant Capital was targeted by a highly sophisticated [macOS] cyberattack that resulted in a loss valued at approximately $50M USD." 👀 "This deception was carried out so seamlessly ...[it made] the threat virtually invisible" 👀 medium.com/@RadiantCapita…
I had an amazing time at #obts catching up with old friends and meeting new ones. The talks were all fantastic and this community is truly one of a kind. Huge thanks to @andyrozen and @patrickwardle for hosting yet another successful conference. Looking forward to Ibiza next…
I had an amazing time at #obts catching up with old friends and meeting new ones. The talks were all fantastic and this community is truly one of a kind. Huge thanks to @andyrozen and @patrickwardle for hosting yet another successful conference. Looking forward to Ibiza next…
Ferdous Saljooki retweeted
Today we released a blog post detailing how threat actors are using the Flutter Engine to build malware for macOS. This results in a very complex app architecture that is difficult to reverse. Check out the details here... jamf.com/blog/jamf-thre…
Ferdous Saljooki retweeted
Great find and fantastic write-up by my friends @malwarezoo and @jbradley89 over @JamfSoftware. Go check it out. Very interesting, signed and notarized at the time they were active, similar to the samples found by the team at @LabsSentinel (blog also linked below). DPRK is…
Ferdous Saljooki retweeted
As promised, I just dropped a dozen new sandbox escape vulnerabilities at #POC2024 If you missed the talk, here is the blog post: jhftss.github.io/A-New-Era-of-m… Slides: github.com/jhftss/jhftss.… Enjoy and find your own bugs 😎
As promised, I just dropped a dozen new sandbox escape vulnerabilities at #POC2024 If you missed the talk, here is the blog post: jhftss.github.io/A-New-Era-of-m… Slides: github.com/jhftss/jhftss.… Enjoy and find your own bugs 😎
Ferdous Saljooki retweeted
My bug CVE-2024-44131 got patched on iOS 18.0. It’s an iOS TCC bypass bug that lets third-party apps access data stored on iCloud Drive. I’ll be sharing the technical details, along with demo screenshots of leaking (encrypted) WhatsApp backup data, on the Jamf Blog.
Csaba Fitzl @theevilbit
8K Followers 1K Following macOS Security -- Trail running 🏃 -- Mountains ⛰ -- Tolkien fan For mountain pictures, go to: https://t.co/Xf7KDW5fKu
Wojciech Reguła @_r3ggi
6K Followers 863 Following iOS/macOS app security researcher & blogger. 🍎 Black Hat / DEF CON / TyphoonCon speaker. Head of mobile appsec @SecuRingPL
Jaron Bradley @jbradley89
3K Followers 300 Following MacOS Intrusion Analyst, APT Smiter , Haole. Author of OS X Incident Response Scripting and Analysis Owner of https://t.co/oApHpiRaQ0
Jonathan Bar Or (JBO)... @yo_yo_yo_jbo
4K Followers 1K Following Hacker, security research architect for @Microsoft Defender. Member of @thegooniesctf. Linux, Windows, Android, MacOS, iOS, ChromeOS, bare metal. 日本語オーケーです👌
Cedric Owens @cedowens
3K Followers 659 Following Proud Husband to @sgowens0716 and Father | Offensive Security Engineer | https://t.co/CQv4PZcuvG
Antonio Piazza 🇺�... @antman1P
2K Followers 2K Following GIAC x10 | SANS MSISE Grad | OSCP | Offensive AF | OIF Veteran | Tweets are mine, not yours, nor anyone else's... Certainly not my employer's.
J⩜⃝mie Williams @jamieantisocial
10K Followers 7K Following threats && stuff || #UNC1799 forever 🤘|| @DistrictHeather ♥️ + 🍷 **𝚅𝚒𝚎𝚠𝚜 𝚎𝚡𝚙𝚛𝚎𝚜𝚜𝚎𝚍 𝚊𝚛𝚎 𝚖𝚈 օ𝚠𝚗**
John Hammond @_JohnHammond
298K Followers 3K Following Cybersecurity Researcher @HuntressLabs || Just Hacking Training @JustHackingHQ w/ @ethicalhacker || https://t.co/UtsNJiyQtS || https://t.co/narO3sz7y6
mikey @0xmachos
2K Followers 741 Following Former @AbertayHackers Vice Gaffer. Purveyor of macOS security & rum. @warstudies postgrad Terrorism, Radicalisation & British intelligence.
Tony Lambert @ForensicITGuy
6K Followers 1K Following Recovering sysadmin that now chases adversaries instead of uptime. Sr Malware Analyst @redcanary
Katie Nickels @likethecoins
55K Followers 3K Following Director of Intel at @redcanary. SANS Certified Instructor for FOR578: CTI. Senior Fellow at @CyberStatecraft. She/her. Mastodon: @[email protected]
Stuart Ashenbrenner �... @stuartjash
2K Followers 1K Following Principal macOS Security Researcher at @HuntressLabs | Creator of @Crash_Security | Reviewer at @bestthrillbooks | @MillennialGirlDad on @SubstackInc
Gergely Kalman @gergely_kalman
2K Followers 377 Following bug bounty hunter I guess @[email protected] | https://t.co/zdeLP8lSEy
Will @BushidoToken
36K Followers 3K Following Senior Threat Intel Advisor @TeamCymru | Co-founder @CuratedIntel | Co-author @SANSForensics FOR589 | Co-founder @BSidesBournemth | @darknetdiaries #126: REvil
Matthew @embee_research
14K Followers 2K Following Security Researcher, Creating and Sharing Educational Content.
tsunekoh @tsunek0h
754 Followers 122 Following Security Researcher, macOS, Arm-based Windows, @[email protected]
Wesley de Groot 🥷 @0xWDG
1K Followers 881 Following 🪄 | 34 | Developer | Hacker | /🤖/🌐 | @Aurora_Editor | @appsterdam | GDG Amsterdam | https://t.co/PVpckB9S1E | take life with a grain of salt
fariss @revfariss
23 Followers 323 Following
nuyo4h @nuyo4h
0 Followers 2K Following
Ramesh @Ramesh278220
0 Followers 71 Following
tri nguyen @tringuyen833831
37 Followers 1K Following
L1g1 @_L1g1
7 Followers 152 Following
Norbert @NB1r0
59 Followers 3K Following
astronoutdonut @astronoutdonut
0 Followers 237 Following
jaybird1291 @jaybird1291
164 Followers 469 Following Cybersecurity student at École2600 🇫🇷 - Focused on DFIR & iOS Security - Learning Japanese on my own /日本語は独学で学んでいて、まだまだ初心者なので、間違いがあればご容赦ください🙇🏻♂️
KrakenLabs @KrakenLabs_Team
627 Followers 131 Following 🔍 KrakenLabs Team | Threat Intelligence at Outpost24 🌐 | Uncovering Threat Actors & Malware |Pioneering Digital Risk Protection Innovation 🚀 | #CyberSecurity
solst/ICE @IceSolst
21K Followers 2K Following Pentester turned seceng turned meeting canceller - https://t.co/5hHG2R5lRS (-13$ ARR)
Kris Armstrong @kristophera
212 Followers 1K Following SecOps Geek. Slinging bits to solve problems. Backyard campfire enthusiast. Sometimes I like to workout, sometimes I don't, but I always do. Pocket Knives FTW
George Karchemsky @gkarchemsky
83 Followers 1K Following
Ernestas Naprys @ernestas_naprys
81 Followers 567 Following
aridjourney @aridjourney
14 Followers 509 Following Threat research @HarfangLab. Opinions are my own.
Georges Fournel @Fournel0
4 Followers 269 Following
bab0sh @_bab0sh_
1 Followers 210 Following
Vb @ghhbbhbbnkku
29 Followers 111 Following
MacDevOpsYVR @MacDevOpsYVR
1K Followers 700 Following Join us June 11-13, 2025 for the 11th annual MDO YVR. MDO is the conf for Mac Admins interested in integrating GitOps, and security into their IT practice.
Nick Vidal @nikolaipozdnii
103 Followers 790 Following Sr CTI Analyst @secalliance | @warstudies alum | Russia watcher & strategic culture evangelist | 🇺🇸 in 🇬🇧
Christine Cordova @ChristineC76250
19 Followers 811 Following
Bhavesh Suthar @Mr_TechGaming
476 Followers 2K Following #InfoSec Postgraduate | Gamer | Technology Enthusiast | Youtuber | PSN And XBL: Shooter841
𝓙𝓪𝓬𝓴2 @2RunJack2
1K Followers 3K Following #ThreatIntel Researcher @S2W_Official @TALON_INTEL Main Author of Threat Intel Report 'Campaign DOKKAEBI : Documents of Korean and Evil Binary' / Formerly FSI
MOHIT DABAS @DabasMonty
252 Followers 879 Following Threat Hunting and Detection | Writing Security Tools...
happycancer @aurelieget
36 Followers 842 Following
parkour @parkoursec
11 Followers 1K Following
比个心 @vbigthing
91 Followers 4K Following
23pds (山哥) @im23pds
14K Followers 6K Following Dad/@SlowMist_Team Partner&CISO/#Web3 Security Researcher/RedTeam/Pentester/Ai安全猎人 #bitcoin
A19B @CFCA19B
216 Followers 2K Following Chelsea fc||pirates||Hip-Hop || bio: "I'm applying to DO on 03/01/2024
Fthgb @bili2058600
45 Followers 1K Following As a college student studying the application of information security technology, I am working hard to move forward.
Ross @PwnDexter
1K Followers 297 Following Security Engineer | Ex Red Team Lead now turned Blue Team | Author of SharpEDRChecker | Build, Hack, Break, Fix, Learn, Repeat | Every day is a school day!
Lorenzo @ptrac3
649 Followers 2K Following
threathunterxx @threathuntxx
44 Followers 1K Following This account is for threat research purposes 😬 (not affiliated with any account) | For personal use
Oxdine @DINESHPrathi12
232 Followers 7K Following #CybersecurityResearcher #Ethical Hacking #Pentester #IoT #CodeReview #WirelessSecurity #Automotive #NatureEnthusiast
Josh Parnham @joshparnham
779 Followers 1K Following
Csaba Fitzl @theevilbit
8K Followers 1K Following macOS Security -- Trail running 🏃 -- Mountains ⛰ -- Tolkien fan For mountain pictures, go to: https://t.co/Xf7KDW5fKu
Objective-See Foundat... @objective_see
19K Followers 1 Following 🍎 🛡️ 🛠️ Open-Source Tools 📚 "The Art of Mac Malware" books 🫂 "Objective by the Sea" conference Support us on https://t.co/tuGceSeyiC 🙏
vx-underground @vxunderground
368K Followers 290 Following The largest collection of malware source code, samples, and papers on the internet. Password: infected
Wojciech Reguła @_r3ggi
6K Followers 863 Following iOS/macOS app security researcher & blogger. 🍎 Black Hat / DEF CON / TyphoonCon speaker. Head of mobile appsec @SecuRingPL
Jaron Bradley @jbradley89
3K Followers 300 Following MacOS Intrusion Analyst, APT Smiter , Haole. Author of OS X Incident Response Scripting and Analysis Owner of https://t.co/oApHpiRaQ0
Jonathan Bar Or (JBO)... @yo_yo_yo_jbo
4K Followers 1K Following Hacker, security research architect for @Microsoft Defender. Member of @thegooniesctf. Linux, Windows, Android, MacOS, iOS, ChromeOS, bare metal. 日本語オーケーです👌
Florian Roth ⚡️ @cyb3rops
206K Followers 3K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vim
Howard Oakley, Eclect... @howardnoakley
4K Followers 137 Following Chief illuminator at the Eclectic Light Company, writing about macOS, paintings; author of over 40 free utilities for macOS.
Dave Kennedy @HackingDave
223K Followers 6K Following Founder @Binary_Defense @TrustedSec Co-Owner https://t.co/HQC75WhdJh. @WeHackHealth Pod. God + Family/Hacker/CSO/USMC/Intel/Fitness. Make the world a better place.
J @Morpheus______
27K Followers 0 Following No longer in this cesspool. Just popped by to announce my https://t.co/ktI8HgxRAQ. Not doing DMs, not looking for likes. See you in the next book :-)
Cedric Owens @cedowens
3K Followers 659 Following Proud Husband to @sgowens0716 and Father | Offensive Security Engineer | https://t.co/CQv4PZcuvG
Justin Bui @slyd0g
4K Followers 345 Following I break computers and skateboards | red/blue/whatever let's make security better | Offensive Security @Snowflake | Prev @Zoom @SpecterOps
Antonio Piazza 🇺�... @antman1P
2K Followers 2K Following GIAC x10 | SANS MSISE Grad | OSCP | Offensive AF | OIF Veteran | Tweets are mine, not yours, nor anyone else's... Certainly not my employer's.
John Hammond @_JohnHammond
298K Followers 3K Following Cybersecurity Researcher @HuntressLabs || Just Hacking Training @JustHackingHQ w/ @ethicalhacker || https://t.co/UtsNJiyQtS || https://t.co/narO3sz7y6
Greg Linares (Laughin... @Laughing_Mantis
37K Followers 2K Following 20+ yrs in Infosec. Malware Influencer. I turn Malware into Art and Music. Art @MalwareArt. 4x Pwnie Nominee. 𝕍𝕏. GameDev. Autistic.
Microsoft Threat Inte... @MsftSecIntel
187K Followers 1K Following We are Microsoft's global network of security experts. Follow for security research and threat intelligence.
Binni Shah @binitamshah
141K Followers 165 Following Linux Evangelist, Malwares, Security enthusiast , Investor, Contrarian , Philanthropist , Reformist , Sigma female 🦋 https://t.co/WOvf41tMKV
mikey @0xmachos
2K Followers 741 Following Former @AbertayHackers Vice Gaffer. Purveyor of macOS security & rum. @warstudies postgrad Terrorism, Radicalisation & British intelligence.
tsunekoh @tsunek0h
754 Followers 122 Following Security Researcher, macOS, Arm-based Windows, @[email protected]
Thijs Xhaflaire @txhaflaire
108 Followers 49 Following Senior Threat and Detections Researcher at Jamf Threat Labs
Zscaler ThreatLabz @Threatlabz
7K Followers 45 Following Threat intelligence and security research from @zscaler
Mykola Grymalyuk @khronokernel
5K Followers 123 Following Stuff at Fruit Co. Formerly OpenCore Legacy Patcher.
Moonlock by MacPaw @moonlock_com
424 Followers 12 Following Cybersecurity wing @macpaw 🇺🇦 ⚡Powering the Malware Removal module @cleanmymac 🧪Our advanced analysis of malware threats @moonlock_lab
radare @radareorg
20K Followers 8 Following Reverse Engineering Framework for the commandline cowboys. Follow us in our primary fediverse for more updates https://t.co/aC9GtrVSVm
Mohamed Ashraf @X__Junior
1K Followers 479 Following Detection @nextronsystems, Challenges Developer @CTFCreators, CTF Player @F1R3F411. Interested in #RE #Malware #Cryptography #WindowsInternals #DFIR.
POC_Crew 👨👩�... @POC_Crew
7K Followers 677 Following Organizer of Zer0Con, MOSEC and #POC2025 (https://t.co/LP1W4KC4vY)
Victor Kubashok @victorkubashok
182 Followers 32 Following
ReversingLabs @ReversingLabs
7K Followers 852 Following ReversingLabs is the trusted name in file and software security. RL - Trust Delivered.
xiu @osint_barbie
783 Followers 462 Following SAD GIRLZ LUV THREAT INTEL&MAC MALWARE 🤟🏼 opinions and tweets are my own
Moonlock Lab @moonlock_lab
1K Followers 35 Following Malware research lab @moonlock_com Assembled by @macpaw to detect and study cybersecurity threats.
Anastasiia Kiosieva @Mrs_Moof
228 Followers 560 Following Senior PR specialist at MacPaw's Moonlock, surfer, skater, active life-addicted 🇺🇦
alden @birchb0y
3K Followers 2K Following sr threat researcher @ huntress • re/malware enjoyer • macOS security
Securelist @Securelist
19K Followers 1K Following The resource for Kaspersky experts' technical research, analysis, and thoughts.
Nasreddine Benchercha... @nas_bench
11K Followers 1K Following Detection @Splunk & @cisco | previously @nextronsystems | @sigma_hq & @magicswordio maintainer | Eternal Learner
Austin Larsen @AustinLarsen_
1K Followers 1K Following Principal Analyst @Google Threat Intelligence Group
Boris Larin @oct0xor
18K Followers 655 Following Former console hacker (PS3/PS4). Hunting in the wild 0-days at Kaspersky GReAT. All tweets are my own.
POM @hey_pom
784 Followers 341 Following
The Banshee Queen👑 @cyberoverdrive
2K Followers 830 Following #threatintel @PwC_uk but views are mine only. Malware & infrastructure analysis with a side of cyberpunk. 🌃🌌 She/her, support 🏳️🌈🏳️⚧️✨
Brendan Chamberlain @infosecb
987 Followers 678 Following Threat Detection Engineer | detection & response | automation | macOS security | awesome-detection-engineering, LOOBins, Rulehound
Tom Hegel @TomHegel
7K Followers 750 Following Threat Research Lead @SentinelOne, Advisor with @ValidinLLC
Devon Kerr @_devonkerr_
8K Followers 722 Following Director of Threat Research and @ElasticSecLabs team lead; custodian of secret histories. Posts are my own.
Nicolas Caproni @ncaproni
8K Followers 4K Following Head of @sekoia_io Threat & Detection Research (TDR) Team #SOCplatform #XDR #SIEM #CTI #TIP
Benjamin Wiley @BenWiley
218 Followers 676 Following Senior Intrusion Analyst @ CrowdStrike OverWatch
Konstantin Klinger @kk_onstantin
699 Followers 744 Following Detection Engineering | he/him | 🌱⚽️🏃♂️🚴♂️🏊♂️ | tweets are my own
Mark @_marklech_
4K Followers 394 Following Senior TI Analyst @ MSTIC. Ex Senior RE @ FLARE (Mandiant/Google).
Elastic Security Labs @elasticseclabs
4K Followers 599 Following Elastic Security Labs is democratizing security by sharing knowledge and capabilities necessary to prepare for threats. Spiritually serving humanity since 2019.
Andrew Pease @andythevariable
1K Followers 291 Following Elastic Security Labs Technical Lead. Lawful Neutral. Threat Hunting with the Elastic Stack author. Retired CW4.
Bill Marczak @billmarczak
13K Followers 358 Following senior researcher @citizenlab, phd @UCBerkeley, co-founder @BHWatch. كلنا راجعين
LaurieWired @lauriewired
98K Followers 294 Following researcher @google; serial complexity unpacker; https://t.co/Vl1seeNgYK ex @ msft & aerospace
Dinesh_Devadoss @dineshdina04
807 Followers 918 Following Threat Hunter | Malware Analyst | Reverse Engineer | Wanderer in the world of binary
Josh Avraham @josh_avraham
316 Followers 444 Following spelunking Mach-Os. Tweets mine, no one else's 𓉱 הראש הגדוד מגיני השפה
Adrian Luca (infosec.... @adrian__luca
760 Followers 2K Following Security Test & Threat intelligence Engineer @virusbtn
Virus Bulletin @virusbtn
60K Followers 1K Following Security information portal, testing and certification body. Organisers of the annual Virus Bulletin conference. @[email protected]
Keith @kwm
3K Followers 605 Following Award-winning husband and dad. Co-founder @redcanary. Tweets are my own, unless otherwise noted.
Marc-Etienne M.Lévei... @marc_etienne_
3K Followers 666 Following Security stuff @Google (Previously @ESETresearch). Montréal security: @NorthSec_io // @MontreHack. Father of two. VE2XME https://t.co/ahEQ1MJEaF
Seongsu Park @unpacker
12K Followers 1K Following Zscaler APT Research | Formerly Kaspersky GREAT | Threat Intelligence Hustler | Tweets are my own | Keybase: @seongsupark | Mastodon: @[email protected]Trends for United States
9.247 posts
16,4 B posts
12,8 B posts
96,4 B posts
8.219 posts
18,2 B posts
4.370 posts
21,8 B posts
3.892 posts
4.516 posts
1.278 posts
20,9 B posts
3.485 posts
4.046 posts
2.483 posts
You might like
Jaron Bradley
@jbradley89
3K Followers
Stuart Ashenbrenner �...
@stuartjash
2K Followers
Csaba Fitzl
@theevilbit
8K Followers
Wojciech Reguła
@_r3ggi
6K Followers
Jordy Zomer
@pwningsystems
3K Followers
Mickey Jin
@patch1t
5K Followers
Thijs Alkemade
@xnyhps
2K Followers
Brendan Chamberlain
@infosecb
987 Followers
ⓑⓔⓝⓨⓞ
@mattbenyo
391 Followers
tsunekoh
@tsunek0h
754 Followers
Howard Oakley, Eclect...
@howardnoakley
4K Followers
Cat
@coolestcatiknow
2K Followers
Dan Revah
@danrevah
287 Followers
Jonathan Bar Or (JBO)...
@yo_yo_yo_jbo
4K Followers
Gergely Kalman
@gergely_kalman
2K Followers