Will @willstraf - Twitter Profile

9 months ago

Excited to share our research on ChillyHell, a modular macOS backdoor targeting officials in Ukraine. Check out our write-up for more details. https://t.co/RakC7KEQAU

2

32

10

15

5K

willstraf retweeted

Lorenzo Franceschi-Bicchierai @lorenzofb

about 1 year ago

NEW: Citizen Lab researchers mapped out the infrastructure of spyware maker Paragon Solutions, and say they were able to identify servers likely used by customers in several countries: Australia, Canada, Cyprus, Denmark, Israel, and Singapore.

lorenzofb's tweet photo. NEW: Citizen Lab researchers mapped out the infrastructure of spyware maker Paragon Solutions, and say they were able to identify servers likely used by customers in several countries: Australia, Canada, Cyprus, Denmark, Israel, and Singapore. https://t.co/HZgdKD9uHH

2

75

36

16

27K

willstraf retweeted

Patrick Wardle

@patrickwardle

over 1 year ago

Interested in all the new macOS malware of 2024!? 🍎🐛 I've started my annual "The Mac Malware of <Insert Year>" report. Each day, I'll be adding details of a new (for '24) malware ...including its infection vector, persistence, & capabilities. Follow: https://t.co/gWpjkBZ5UT

3

309

91

148

49K

willstraf retweeted

The Citizen Lab

@citizenlab

almost 3 years ago

🚨🚨WE URGE EVERYONE TO UPDATE THEIR APPLE DEVICES AS SOON AS POSSIBLE. We have found an actively exploited #zero #click vulnerability that was used to deliver #NSO group’s #Pegasus #spyware. https://t.co/BS0ZI4QuIz

74

3K

2K

419

2M

Who to follow

Ari Weinstein

@AriX

@OpenAI. Previously co-founder of https://t.co/EpbAUfAcoO, manager of Shortcuts at Apple, co-founder of Workflow.

Joshua Hill

@p0sixninja

CTO/Co-Founder VivaSecuris. Supervillain Mad Scientist Hacker. 🥷 Chaotic Neutral

Chris

@cmwdotme

Founder of @CorelliumHQ. Now CTO at @Cellebrite. Focused on advanced virtualization, security research, and the future of digital intelligence.

willstraf retweeted

Rootshell @0xrootRE

almost 3 years ago

Nice talk from Harald Welte @LaF0rge Demystifying eSIM Technology https://t.co/IIsxYh4BD6

0

18

5

8

2K

willstraf retweeted

Lorenzo Franceschi-Bicchierai @lorenzofb

about 3 years ago

Sometimes spyware makes are really dumb. Someone who used to work for Quadream, an Israeli surveillance tech maker that recently shut down, left the source code of the web panel of the company's REIGN spyware agent on GitHub. https://t.co/1mAROGK98V

0

13

8

3

2K

willstraf retweeted

Breaking News

@BreakingNews

over 3 years ago

California regulators take over and shut down Silicon Valley Bank, one of the tech sector's favorite lenders, amid fear of broader fallout. https://t.co/XZW6E27XKX

6

63

38

7

71K

willstraf retweeted

Lauritz @_lauritz_

over 3 years ago

Ever wanted to obtain an APK from an Android device? You do not need to install fancy Apps for this, ADB and the following minimal Bash script is sufficient to do so: https://t.co/YOnSeMg4OS Usage: ./download_apks.sh https://t.co/BFCPfLwL0b #AppSec #Android #bugbountytips

0

65

7

14

12K

willstraf retweeted

Alex Plaskett

@alexjplaskett

over 3 years ago

Abusing iPhone coprocessors for Privilege Escalation at OBTS @i41nbeer https://t.co/mfflMoNq4p There is much more exploitation of co-processors, peripherals or firmware recently on mobile devices. This includes in-the-wild. Ian's talk provided a technical deep-dive of the DCP.

2

23

7

3

4K

willstraf retweeted

raptor @0xdea

over 3 years ago

Here’s another #vulnerability #research writeup, this time about the #xnu #kernel // by @pwningsystems A tale of a simple #Apple kernel bug https://t.co/J5dEKdVark

0

40

7

12

7K

willstraf retweeted

Andy Nguyen @theflow0

over 3 years ago

Late christmas present: https://t.co/JBW6tDh6h8 WebKit+Kernel exploit chain for all PS Vita firmwares. This is a WIP from 3 years ago that I never finished (exploit is fully working, but hasn't been turned into a jailbreak yet).

34

1K

213

73

146K

willstraf retweeted

Dino A. Dai Zovi

@dinodaizovi

over 3 years ago

This tailnet lock design and whitepaper by @Tailscale is *really* *really* good: https://t.co/mfMXRSvYAe

3

64

8

16

11K

willstraf retweeted

Zhuowei Zhang @zhuowei

over 3 years ago

New blog post: Get root on macOS 13.0.1 with CVE-2022-46689, the macOS Dirty Cow bug https://t.co/9ZqMOOHk1H % ./switcharoo /etc/pam.d/su overwrite_file.bin Testing for 10 seconds... RO mapping was modified % su sh-3.2# (Demo: https://t.co/UtQiFwJVbV)

3

209

80

33

32K

willstraf retweeted

Shane Huntley

@ShaneHuntley

over 3 years ago

Full details and IOCs on Variston's Heliconia framework in the blog post. https://t.co/2wfiFBa52d TAG will continue to focus of exposing and disrupting these commercial surveillance vendors in order to keep users safe online.

1

14

9

1

0

willstraf retweeted

simo @_simo36

over 3 years ago

I'm sharing two other iOS kernel vulnerabilities reachable from the default app sandbox that don’t require you to open a UserClient: https://t.co/a6ZOu8UWKR

15

465

116

70

0

willstraf retweeted

NULLCON @nullcon

over 3 years ago

📱#iOS Talk 💡Nikias @pimskeks showcased how a design flaw in MobileDevice.framework iOS / iPadOS etc Dev Tools allowed an attacker in the same network to gain RCE on a target device with a software version prior to #iOS14 🍿Watch here▶️https://t.co/79JSdDdA0i #NullconGoa2022

0

18

8

1

0

willstraf retweeted

J @Morpheus______

over 3 years ago

#macOS/#iOS #Entitlements Database now with Monterey and Ventura entitlements. https://t.co/03cA36yoFg With lots of Love (but no Thanks giving) to @Apple Happy holidays :-)

0

71

13

6

0

willstraf retweeted

Matthew Prince 🌥

@eastdakota

over 3 years ago

This is really cool to understand one of the biggest weaknesses of the Internet.

0

44

9

0

Will

@willstraf

Who to follow

Last Seen Users on Sotwe

Trends for you

Most Popular Users