Log inSign up
Objective-See Foundation
5,104 posts
Image
user avatar
Objective-See Foundation
@objective_see
🍎 🛡️ 🛠️ Open-Source Tools 📚 "The Art of Mac Malware" books 🫂 "Objective by the Sea" conference Support us on patreon.com/objective_see 🙏
Maui, Hawaii
objective-see.org
Joined October 2011
1
Following
18.8K
Followers
RepliesRepliesMediaMedia

New to X?

Sign up now to get your own personalized timeline!

Create account

By signing up, you agree to the Terms of Service and Privacy Policy, including Cookie Use.

Terms·Privacy·Cookies·Accessibility·Ads Info·© 2026 X Corp.
Don't miss what's happening
People on X are the first to know.
Log inSign up
  • Pinned
    user avatar
    Objective-See Foundation
    @objective_see
    Feb 13
    Our Valentine's Day gift 💝 objectivebythesea.org/v9/index.html Announcing Objective by the Sea (#OBTS) v9.0: 👩🏻‍💼 Train: Nov 15-17 👩🏻‍🏫 Talks: Nov 18-20 📍 Maui, Hawaii, 2026 CFP (talks & trainings) and tickets are now officially open! Hope to see you by the sea 🏝️ Special 🙏🏽 to @andyrozen!!
    Image
    11K
  • user avatar
    Objective-See Foundation
    @objective_see
    Apr 26, 2021
    A massive bug, affecting all recent versions of macOS was actively exploited as an 0day by malware 👾🍎 Read our blog post, #100 "All Your Macs Are Belong To Us"
    Image
    All Your Macs Are Belong To Us
    From objective-see.org
  • user avatar
    Objective-See Foundation
    @objective_see
    Jan 12, 2018
    OMG do we have the 1ˢᵗ macOS malware of 2018? and can I name it!? OSX/MaMi is undetected by AV (src: VT) infecting Macs around the world - persistently installs new root cert & hijacks DNS settings: objective-see.com/blog/blog_0x26… 🍎🤒👾☠️ ...mahalo to a good friend for the ping 🙏
    Image
    Ay MaMi
    From objective-see.org
  • user avatar
    Objective-See Foundation
    @objective_see
    Sep 12, 2017
    Say hi to LuLu, a macOS firewall🔥🛡️👾 It's 💯 free, 💯 open-source, & 💯 made w/ aloha😀 objective-see.com/products/lulu.… Still in alpha but check it out!
    Image
    LuLu
    From objective-see.org
  • user avatar
    Objective-See Foundation
    @objective_see
    Nov 29, 2017
    “Why <blank> Gets You Root” objective-see.com/blog/blog_0x24… New blog explaining (what appears to be) the root cause of Apple’s #iamroot password bug 🍎👾 tl;dr od_verify_crypt_passsword rets !=0, so system updates account w/ attacker specified pw 🙄
    Image
    Why _blank_ Gets You Root
    From objective-see.org
  • user avatar
    Objective-See Foundation
    @objective_see
    Dec 22, 2019
    Yikes! A top iOS app in @Apple's App Store, was a government spy tool!? 🍎📲🕵️‍♂️😱 "...used by the govt. of the United Arab Emirates to try to track every conversation, movement ...of those who install it on their phones" -@nytimes Our technical analysis:
    Image
    Mass Surveillance, is an (un)Complicated Business
    From objective-see.org
  • user avatar
    Objective-See Foundation
    @objective_see
    Mar 12, 2020
    💬 iMessage Exploitation 😱 Incredible exploit taking advantage of a vulnerability in NSunarchiver API requiring 0 user interaction. Faking ObjC objects & abusing memory via heap spraying to access user data 🐛 🩹 iOS 13.2 #OBTS @5aelo
    Image
  • user avatar
    Objective-See Foundation
    @objective_see
    Sep 17, 2021
    Wondering exactly how remote attackers were able exploit a zero-click 0day to infect Apple devices ...and how Apple patched it? Read our latest guest blog post, from Tom McGuire (a Senior Instructor at @JohnsHopkins) on CVE-2021-30860:
    Image
    Analysis of CVE-2021-30860
    From objective-see.org
  • user avatar
    Objective-See Foundation
    @objective_see
    Jan 2, 2023
    Just published our (7th) annual "The Mac Malware of <Year>" report for 2022 🥳 It's 70(!) pages of technical details covering each malware's: 🔎 IoCs 💉 Infection 💾 Persistence 📡 Capabilities + ☣️ Sample for download Read: "The Mac Malware of 2022"
    Image
    The Mac Malware of 2022 👾
    From objective-see.org
    109K
  • user avatar
    Objective-See Foundation
    @objective_see
    Nov 8, 2019
    There's a new Excel 0day which may allow for the automatic & silent execution of embedded macros on macOS 😱 New blog post: "[0day] Abusing XLM Macros in Slk Files" patreon.com/posts/31418067 👾🍎 Shoutouts to @ptrpieter/@StanHacked for initial bug discovery & their analysis 🙏🤩
    Image
  • user avatar
    Objective-See Foundation
    @objective_see
    Dec 22, 2021
    ⚠️ In macOS 12 (beta 6), Apple patched an intriguing flaw. Discovered by Gordon Long (@ethicalhax), CVE-2021-30853 allowed attackers to bypass: ▫️Gatekeeper ▫️Notarization ▫️File Quarantine Interested in exactly how? Read: "Where's the Interpreter!?"
    Image
    Where's the Interpreter!? (CVE-2021-30853)
    From objective-see.org
  • user avatar
    Objective-See Foundation
    @objective_see
    Jan 4, 2019
    Mac Malware may install persistent keyboard "event taps" to intercept your keystrokes 👾⌨️ Just released ReiKey v1.0, which aims to generically detect and monitor for such taps! Happy 2019 🥳 Add yes, ☑️ 100% free ☑️ full src on github patreon.com/posts/23747614
    Image
  • user avatar
    Objective-See Foundation
    @objective_see
    Apr 1, 2020
    🤔💭 This Zoom app ...is it secure!? ⛽🔥 Read, "The 'S' in Zoom, Stands for Security: Uncovering Security Flaws in the Latest macOS Client" 🔓(local) installer priv-esc vulnerability to r00t 👀(local) injection flaw allowing access to mic & camera
    Image
    The 'S' in Zoom, Stands for Security
    From objective-see.org
  • user avatar
    Objective-See Foundation
    @objective_see
    Nov 4, 2022
    DNSMonitor is a lightweight, (open-source), user-mode tool that displays all DNS requests & responses (directly from the Terminal) 📡👀 Just released v0.9.5: ▫️Support for JSON (& "pretty print") ▫️Leverages libresolv to parse packets More info/source: objective-see.org/products/utili…
    Image
Advertisement
Advertisement