⏳ Just one week left to submit your talk to #OBTS v8 objectivebythesea.org/v8/cfp.html (CFP closes June 30th). We’ve expanded to 3 days of talks this year, making room for even more cutting-edge research +  first-time speakers. So submit your Apple security-themed proposal today!

Deep dive into Azure OAuth phishing & detection! This article from Terrance DeJesus shows how rich telemetry is crucial for spotting identity-based attacks. Stop relying on static indicators & start: go.es.io/4k4A7LD #CloudSecurity #ThreatDetection #Azure

This overview of OAuth in Entra is fantastic! Highly recommended:

Did a write-up on OAuth phishing (offense and defense). It's based on phishing campaign's reported by Volexity earlier this year. - What are OAuth phishing links; what is the workflows behind them - How to emulate (examples) and use ROADtools for further compromise -

New research from our #ElasticSecurityLabs team: we dive into how infostealers are leveraging a stolen Shellter evasion tool to deploy data-stealing malware. Learn more & get our unpacker: go.es.io/4ldCM72 #malware #rhadamanthys #ghostpulse

Excited to host a hands-on investigation lab at #DEFCON33 in the #CloudVillage! Built from the perspective of an opportunistic adversary, this E2E AWS breach simulation leaves footprints for hunters and detection engineers to track across cloud, identity, storage, endpoint &

I am honored and could not be more excited to present again this year at #OBTS 🌴☀️. So many incredible talks and amazing researchers. It's gonna be awesome! Shoutout to Patrick Wardle and Objective-See Foundation who work hard to put on the best conference out there. Can't wait to see

🚨 Join Terrance DeJesus at Cloud Village Investigation Labs DEF CON 33! 🔍 “pAWS: The Breach Has Happened. Can You Catch It?” 🛡️ Hunt threats across AWS, identity & hybrid networks using Elastic dashboards 🗓️ Aug 8 | 🕓 4–6 PM PT 📍 Room 312 🔗 cloud-village.org/dc33 #DEFCON33

What is the Elastic AI SOC Engine (EASE)? James gives a run down in 30 seconds, live from #BHUSA!

Excited to share our research on ChillyHell, a modular macOS backdoor targeting officials in Ukraine. Check out our write-up for more details. jamf.com/blog/chillyhel…

macOS Tahoe ships with a 0day ...based on a bug disclosed 8(!) years ago at #OBTS v1.0 🫣 New post: "From Spotlight to Apple Intelligence: Abusing an 0day to steal the data that fuels macOS AI": objective-see.org/blog/blog_0x81… ...with open-source PoC! Takeaway? Always attend #OBTS 😄

nice technique! #Elastic EDR (Elastic Defend) is not affected + we do have an existing behavior protection rule that will terminate WerFaultSecure.exe (to protect other processes) github.com/elastic/protec…

#OBTS v8 is very close to selling out (only ~10 or so tickets left) 🫣 Get your ticket before they are gone: objectivebythesea.org/v8/attending.h…

A chat and demo with James Spiteri to see just how easy it is now to spin up Elastic -- and with several options completely free! youtu.be/7Z2zObdhN-Q

Linux syscall hooks were forever changed with kernel 6.9, check out this article from #ElasticSecurityLabs describing #FlipSwitch– the latest in Linux hooking: go.es.io/4nSrCW3

Research & PoC: FlipSwitch Rootkit A syscall-table hooking technique that works on modern Linux (6.9+), researched for and presented at Virus Bulletin by RemcoS and me. Revives syscall hooking by patching x64_sys_call call sites instead of table entries. elastic.co/security-labs/…

#ElasticSecurityLabs has kept tabs on #WARMCOOKIE, a backdoor we disclosed in June 2024 that used employment-related phishing lures to infect victims. Learn how this threat’s evolving: go.es.io/46O8pOo

Heading to my 3rd #OBTS 🌴☀️🌊today! Best conference out there. Honored to be speaking again this year alongside so many other incredible #Apple 🍎 security researchers. It’s gonna be a blast, can’t wait to see everyone! Pumped to get to share my research into using and abusing

Another awesome #OBTS 🌴🏖️☀️in the books. It was an honor to speak again this year and share my research with this incredible community 🍎. Such a blast spending time with newcomers and old friends. There is truly no other conference like it. Huge shout out and thank you to both

The #OBTS community is simply incredible!! 😍 From trainers & speakers to students & attendees, you made this the best #OBTS yet 🙏🏽 Photos, recordings & slides coming soon!