Need to evaluate impact of leaked GCP credentials or VM compromise? We implemented a GCP Scanner to help with that! I am very excited to present GCP Scanner (github.com/google/gcp_sca…) w/ Jacob Butler at BlackHat Arsenal USA this year on August 10. blackhat.com/us-23/arsenal/…

Had a great time on Red Team Radio: youtube.com/watch?v=1fxRq3…

As always our #CTF challenges are up at - github.com/BSidesSF/ctf-2…. Ron Bowes (defunct)'s write-ups: skullsecurity.org/categories/bsi… Niru Ragupathy / itsc0rg1 🐶's write-ups: itsc0rg1.medium.com/bsidessf-2024-…

Qubes is actually hilarious because your networking will stop working and you'll be like "how do I debug this"? Only to realize networking is its own VM, so you just restart that qube and bam everything works again. "Did you try rebooting?" era OS

On the hunt for corporate devices being sold secondhand, a researcher found a trove of Apple corporate data, a Mac Mini from the Foxconn assembly line, an iPhone 14 prototype, and more. wired.trib.al/CdNnIKm

Cool article about the research I presented at DEFCON this year! wired.com/story/apple-pr…

🚨 DEFCON talks are up!! 🚨 If you're looking for a fun watch, I highly recommend mandatory.bsky.social's "The Secret Life of a Rogue Device": youtube.com/watch?v=QgeEHd… Or, where do developer iPhones end up?📱

Looks like DEF CON talks are up on YouTube! If you want to see a fun talk on crawling online markets for the spicy silicon, check mine out here: youtu.be/QgeEHdAmJDg

They don't think it be like it do, but it does.

A 12,600$ Bounty and a Software Supply Chain Attack that could have impacted millions 🤯 Let me share you those 2 stories in this article ! 🤟 Link in the thread 🧵

iPhone "Vesica Piscis" Prototype (Pre-PROTO/DROP Stage). It has completely unique hardware and a disguised logo on the back. This may very well be one of the most unique modern Apple prototype devices I’ve ever seen. It’s a model between the iPhone 13 and 14 Pro. #appleinternal

FYI, if you've moved to Bluesky I'm @mandatory.bsky.social

Finder automatically opening while you’re trying to work on an iOS device can be a big inconvenience. Here’s the fix: 1. Open terminal 2. defaults write -g ignore-devices -bool true 3. killall Finder To turn it back on, do the same but replace ‘true’ with ‘false’.

iPhone 15PM EVT on 17.2. Featuring “Project Bongo” capacitive power and volume buttons.

In case you have an #appleinternal device you don't want auto-bricking... use terminal to open a serial/ssh session and then: snapshottool golive 2 [Reboot] cd /user/libexec cp mobile_obliterator mobile_obliterator_old touch mobile_obliterator chmod +x mobile_obliterator

AirPod Pro

This shitpost may be a little too niche, but it's how the scraping struggle be these days (turn video audio on).

After 14 years, today was my last day at Bishop Fox, and I'll be joining the OffSec team at OpenAI next week!