Wojciech Reguła @_r3ggi
iOS/macOS app security researcher & blogger. All opinions are my own 🤐 wojciechregula.blog Katowice, Poland Joined August 2015-
Tweets2K
-
Followers5K
-
Following851
-
Likes5K
The PS4 (up to FW 11.00) and PS5 (up to FW 8.20) were vulnerable to CVE-2006-4304: hackerone.com/reports/2177925. I'll share details about successful exploitation at TyphoonCon.
The PS4 (up to FW 11.00) and PS5 (up to FW 8.20) were vulnerable to CVE-2006-4304: hackerone.com/reports/2177925. I'll share details about successful exploitation at TyphoonCon.
My highlight for the second day of #BHASIA @_r3ggi and @theevilbit “The Final Chapter - Unlimited Ways to Bypass your macOS Privacy Mechanisms” - for the third time they cracked TCC on macOS in various ways - impressive!
Talk me iOS/macOS #appsec at @BlackHatEvents Asia today #BHASIA. 🎩🍎
Join us at @typhooncon in Seoul on May 27-31! @_r3ggi will talk about broken isolation and draining credentials from popular macOS password managers. #typhooncon #itsec #cybersec typhooncon.com/blog/conitems/…
> me coding all my exploits still in ObjC 😂
In #BHASIA Briefings “The Final Chapter: Unlimited ways to bypass your macOS privacy mechanisms” @theevilbit and @_r3ggi will discuss bypassing macOS's privacy mechanisms and show many new vulnerabilities and a couple of new techniques. Reg now >> bit.ly/493HkpJ
5 years ago today on March 19th, 2019 at 11:24PM, I started MrMacintosh. com and made my first post.🖥️ I created my little website because I wanted to share all the knowledge I've gained over the last 20 years. If I was able to help, I would love to hear from you below.❤️
🆕🍎My new blogpost @KandjiMDM about how Apple attempts to mitigate some installer script vulnerabilities using "Install Script Actions" and "Install Script Mutations" in the PackageKit framework. blog.kandji.io/apple-mitigate…
My slides for my talk on reversing Flutter are online: fortiguard.com/events/5403/nu… #NullconBerlin2024 #flutter #Dart #reverse #radare2 #grehack
I've exploited MadDirtyCow (CVE-2022-46689) and 2022 CoreTrust bug (CVE-2022-26766) to allow installation of perma-signed apps with arbitrary entitlements (a-la TrollStore) on my Apple Watch, running watchOS 8.3. \o/
Patrick Wardle @patrickwardle
37K Followers 959 Following Founder of the Objective-See Foundation 🛠️🍎0xor0ne @0xor0ne
55K Followers 525 Following | CyberSecurity | Reverse Engineering | C and Rust | Exploit | Linux kernel | PhD | My Tweets, My Opinions :) |Csaba Fitzl @theevilbit
7K Followers 905 Following macOS Security -- Trail running 🏃 -- Mountains ⛰ -- Tolkien fanGrzegorz Tworek @0gtweet
29K Followers 1K Following My own research, unless stated otherwise. Not necessarily "safe when taken as directed". GIT d- s+: a+ C++++ !U !L !M w++++$ b++++ G-simo @_simo36
7K Followers 106 FollowingInformatyk Zakładowy @InfZakladowy
26K Followers 270 Following najnowszy projekt - Monitor SLPS - https://t.co/la6rxubKR5Mike Felch (Stay Read.. @ustayready
15K Followers 2K Following Pentester / Red Team | Hacking since Renegade BBS backdoors | Dev since vb3 | Content since '99-'03 ezines | Prior CrowdStrike / BHIS | In Christ's gripAlex Plaskett @alexjplaskett
9K Followers 589 Following Security Researcher | Pwn2Own 2018, 2021, 2022, 2024 | Tweets about 0day, OS, mobile and embedded security.Kacper Szurek @KacperSzurek
13K Followers 412 Following Opowiadam o bezpieczeństwie w prosty i zrozumiały sposób. https://t.co/G7JVu4ctCUJoseph Thacker @rez0__
49K Followers 866 Following the promptfather. christian. hacker. hobby jogger. principal ai engineer @appomnisecurity.mgeeky | Mariusz Bana.. @mariuszbit
11K Followers 610 Following 🔴 Red Team operator, ex-MWR/F-Secure pentester, ex-AV engine developer @ESET, green tea addict. 🫖 @[email protected]tihmstar @tihmstar
65K Followers 215 Following Finding offsets since 2017 Email: [email protected] Patreon: https://t.co/FdMYUYWbqrBug Bounty Reports Ex.. @gregxsunday
38K Followers 555 Following Grzegorz Niedziela - a hacker who documents his hacking journey by creating and curating the best content about bug bounty and offensive security.Mr. Macintosh @ClassicII_MrMac
12K Followers 165 Following macOS Platform Engineer🧑💻 I tweet about new & old Macs +macOS 🖥️ OCLP Evangelist 💻 https://t.co/WmUuHTzKOT 📺 https://t.co/ZkhyUekflx🌳 https://t.co/ZXsbM0kRoAMobile Security @mobilesecurity_
31K Followers 1K Following Mobile Security ✌🏻 #MobileSecurity #AndroidSecurity #iOSsecurity[email protected].. @axi0mX
64K Followers 2K Following Bootrom exploit philanthropist. Apple silicon hacker. iOS jailbreaker. Join us as we dance madly on the lip of the volcano.Thomas Anderson @mrthomasanders
12 Followers 636 Following Programmer/ graduated in Mathematics, Researcher/ Hacking/ Pentester 🧑💻Hndidi @Huuuz_
11 Followers 118 FollowingSignalOnSky @on_signal_sky
0 Followers 51 FollowingDaniel Berman @danielcberman
3 Followers 91 Following Network Administrator | Sec+ | 10+ Years Experience in IT | Opinions are my own.Patrick Vaglienti @pvaglienti
10 Followers 923 Followingwooda @wooda_x
9 Followers 338 FollowingJharoo @Jharoo_
29 Followers 255 Following #infosec enthusiast🦈 / Osint 👁 / MS Security Stack addict / Speak #Kubernetes to me / #BlueTeam 🛡️/ I identify as a Raccoon 🦝Ananay @ananayarora
7K Followers 2K Following Building in stealth 🥷 , prev SWE @Apple . App Developer & Cybersecurity Researcher. 🎓 @ASU 🔱cscfufo @cscfufo
24 Followers 1K FollowingMarcin Iwanicki @marciniwanicki
125 Followers 490 Following Software Engineer @Bloomberg. Opinions are my own. he/him.Nox @MrNox_
2K Followers 640 Following Casual CTF player at @id10t_ctf. Independent Vulnerability REsearcher, formerly @Immunityinc and @CoreSecurity.Hercules Junior @herculesjr
162 Followers 949 FollowingLou Zell @louzell_
229 Followers 476 Following Engineer. Building https://t.co/VnSyDYQjoY. Previously led the Telematics team @lyft.Fry @KahneSky
0 Followers 112 FollowingAxel Kee 🐐🇲🇾 @soulchildpls
2K Followers 2K Following I like to make simple helpful apps. Learn how to customize your Shopify store without coding knowledge : https://t.co/vZI65P6puCBastien Gares @BastienGares
2K Followers 3K Following Software engineer 🇫🇷 Master’s degree in Computer Science and AI - Deep Learning and Computer Vision - Rust / Python / C++ / Flutter / Swiftt0muxx @t0muxx
12 Followers 54 Followinganother1024 @another1024
44 Followers 150 Following Security researcher|Find Zero Day |Black Hat Speaker|Table Game Player(TM)Or Yair @oryair1999
313 Followers 52 Following Security Research Team Lead @SafeBreach | Creativity is a decryption key for vulnerabilities🙃 | Speaker at BH USA+Europe+Asia, RSAC, SecTor, and moreJay @jay_yaqb88
15 Followers 610 Following IT staff, new tech, cybersec, science, law enthusiast, kind observerGary Wayne @user31fibcxw2
1 Followers 530 Followingrezaduty @rezaduty
958 Followers 369 Following Offensively Defensive Continuous Developer #TryHarderShanna Niggans 🦄 @fancy_4n6
4K Followers 2K Following Digital forensics & incident response #DFIR + #CTI | Horse and Dog mum | Co-host @ComfyConAU | Work @Cosiveco | RB/SCP for @BlackHatEvents & @BSidesMelbourneJimm @Jimm78148666
29 Followers 155 Followingbooker @sbooker_
69 Followers 864 FollowingMarcelo Diniz @marcelodinizsl
206 Followers 2K Following Security Researcher | Software Engineer | Cybersecurity | Digital Forensic Specialistek1ng @k1nge3
831 Followers 510 Following Opinions are my own. 丨Vidar-Team 丨Security Engineer@BytedanceObinna Igbe @obi_wanKenobe
60 Followers 402 Following Security Engineering | DFIR | PhD | AI/ML in SecurityJimmy @l4c0bus
4 Followers 20 FollowingYoni Rozenshein @1yoni
282 Followers 385 Following Security, internals, cryptography, math, and AI. Monitoring LLM cyber capabilities at Pattern Labs.Njabulo Sigwane @bakedswordsman
469 Followers 495 FollowingL0tus He @Lotus_Chris_
824 Followers 324 Following Sophomore / Trainee @SecurityGoSSIP / CTF player @ Vidar-Team @ El3ctron1c / Security learnerJev 🇵🇸 @h33tjubaer
605 Followers 258 Following Senior Security Consultant @ Bitdefender/Horangi | Security Automation | H1 Former Hunter |Simon Parker @progswiftly
96 Followers 1K FollowingOscar @oscarzpa
3 Followers 138 Followingelw00dblu3s @elw00dblu3s
25 Followers 557 Following A lifelong learner. Technology enthusiast. CSIRT. Mainly DFIR, CTI and TH. Opinions expressed are solely my own and not of my employer.annumeena @annumeena19
57 Followers 4K FollowingPatrick Wardle @patrickwardle
37K Followers 959 Following Founder of the Objective-See Foundation 🛠️🍎Zhuowei Zhang @zhuowei
34K Followers 198 Following link in bio ⬛⬛⬛⬛⬛🟩🟩🟩🟩🟩🟩 ⬛⬛⬛⬛🟩🟩🟩🟩🟩🟩🟩🟩 ⬛⬛🟧⬛🟩🟫🟫🟫🟫🟫🟫🟩 ⬛⬛🟧⬛🟫🟫🟫🟫🟫🟫🟫🟫 ⬛⬛🟧🟧🟫🟧🟩🟧🟧🟩🟧🟫🟧 ⬛⬛🟧🟧🟫🟧🟫🟧🟧🟫🟧🟫🟧 ⬛⬛⬛🟧🟧🟧🟧🟧🟧🟧🟧🟧🟧 ⬛⬛⬛🟩🟩🟧🟧🟫🟫🟧🟧🟩🟩 ⬛🟫🟫🟫🟫🟫🟧🟧🟧🟧🟩🟩🟫 🟫🟫🟧🟫🟫🟫🟫🟩🟩🟩🟩🟩🟧 🟫🟧🟧🟧🟫🟫🟧🟫🟫🟩🟩🟧🟧Csaba Fitzl @theevilbit
7K Followers 905 Following macOS Security -- Trail running 🏃 -- Mountains ⛰ -- Tolkien fanGrzegorz Tworek @0gtweet
29K Followers 1K Following My own research, unless stated otherwise. Not necessarily "safe when taken as directed". GIT d- s+: a+ C++++ !U !L !M w++++$ b++++ G-Objective-See Foundat.. @objective_see
19K Followers 1 Following 🍎 🛡️ 🛠️ Open-Source Tools 📚 "The Art of Mac Malware" books 🫂 "Objective by the Sea" conference Support us on https://t.co/tuGceSeyiC 🙏simo @_simo36
7K Followers 106 FollowingBinni Shah @binitamshah
132K Followers 175 Following Linux Evangelist, Malwares , Security Enthusiast, Philanthropist , Reformist , Jain. binitamshah at protonmail dot comLiveOverflow 🔴 @LiveOverflow
142K Followers 1K Following wannabe hacker... he/him 🌱 grow your hacking skills @hextreeioInformatyk Zakładowy @InfZakladowy
26K Followers 270 Following najnowszy projekt - Monitor SLPS - https://t.co/la6rxubKR5Jakub Mrugalski 🔥 @uwteam
35K Followers 490 Following 🤖 Piszę o technologii, cybersecurity i biznesie. 🛠 Dzielę się użytecznymi narzędziami. 💰 Jestem właścicielem https://t.co/l36gk8FHxY 🤔 #DigitalEUAmbassador 🛑 Nie czytam DMAlex Plaskett @alexjplaskett
9K Followers 589 Following Security Researcher | Pwn2Own 2018, 2021, 2022, 2024 | Tweets about 0day, OS, mobile and embedded security.Łukasz @maldr0id
13K Followers 999 Following Military-grade @Android malware reverse engineer @Google || "Tom Brady of malware strings analysis" - @MalwareTech || Tweets are my own opinions || he/him ✨🌈🦄Zero Day Initiative @thezdi
77K Followers 17 Following Trend Micro’s Zero Day Initiative (ZDI) is a program designed to reward security researchers for responsibly disclosing vulnerabilities.Kacper Szurek @KacperSzurek
13K Followers 412 Following Opowiadam o bezpieczeństwie w prosty i zrozumiały sposób. https://t.co/G7JVu4ctCUmgeeky | Mariusz Bana.. @mariuszbit
11K Followers 610 Following 🔴 Red Team operator, ex-MWR/F-Secure pentester, ex-AV engine developer @ESET, green tea addict. 🫖 @[email protected]Gareth Heyes \u2028 @garethheyes
32K Followers 1K Following JavaScript for hackers: Learn to think like a hacker. https://t.co/e0aNEbEDk5Ananay @ananayarora
7K Followers 2K Following Building in stealth 🥷 , prev SWE @Apple . App Developer & Cybersecurity Researcher. 🎓 @ASU 🔱another1024 @another1024
44 Followers 150 Following Security researcher|Find Zero Day |Black Hat Speaker|Table Game Player(TM)Helthydriver @Helthydriver
404 Followers 482 FollowingKarol Mazurek @karmaz95
145 Followers 124 Following Offensive Security Engineer 🍎 Portfolio: https://t.co/Ri2KXi92e5Manfred Paul @_manfp
5K Followers 279 Following Maths and cyber and stuff. Playing CTFs with @redrocket_ctf (and @Sauercl0ud). Pwn2Own Vancouver 2020..=2022, 2024. @[email protected]Marcin Ratajczyk @znanyproblem
166 Followers 163 Following Zawodowo: Threat Hunting driven by Threat Intelligence, Sysmon, DFIR Hobbystycznie: Atrybucja cyberoperacji, Stosunki międzynarodowe Tylko prywatne opinie.Zhongquan Li @Guluisacat
20 Followers 68 Following Security researcher at Dawn Security Lab of JingDong, focusing on bug hunting and fuzzing in Android, IoT, and Apple products🔥🌸 tjkr0wn @tjkr0wn
2K Followers 46 Following (Independent) iOS security researcher. Professional banterer.Johan Carlsson @joaxcar
4K Followers 155 Following Father and developer during the day, looking for bugs at night 🐞. Using Twitter for infosec only. Also on: @[email protected]James Lee @Windowsrcer
8 Followers 0 Following I monetize noice 0days and disclose smol one time to timeluckyu @uuulucky
324 Followers 220 FollowingJoseph Ravichandran @0xjprx
3K Followers 545 Following PhD Student studying Microarchitectural Security @MITlateralusd @lateralusd_
215 Followers 361 Following Just a person trying to hack iOS related things. stop using medium for your blog postsJoshua Rogers @MegaManSec
605 Followers 268 Following something of an nes expert, something of a hacker. i login to twitter once every 6 months on averagePaul Jerimy @PaulJerimy
846 Followers 203 Following Cybersecurity professional | Occasional web app developer | Has opinions on IT certificationsGreg Linares (Laughin.. @Laughing_Mantis
29K Followers 2K Following 20+ yrs in Infosec. Cybergoth. Musician. Autistic. Art @MalwareArt. 4x Pwnie Nominee. Red Teamer. 𝕍𝕏. Chronic Illness Fighter. I love Smite, Gamedev & SynthsTa-Lun Yen @logonfail
273 Followers 297 Following uncertified unethical hacker (@TXOneNetworks): breaking everything running on 0 and 1'sPacSec jp @PacSecjp
2K Followers 309 Following PacSec is a cutting edge international security conference held in Tokyo as a series with CanSecWest, EU-SecWest & BA-Con.Aleksander Młodak @imaprot
50 Followers 137 FollowingMatěj Kašpar Jirás.. @mkj_is
542 Followers 246 Following iOS Staff Engineer @DisneyPlusHS, pushing the boundaries using @SwiftLang. In my free time trying to balance on border between art and technology.Matt @byaaaaahhh
77 Followers 72 FollowingPete Markowsky @PeteMarkowsky
680 Followers 538 Following Currently @google working on Security Agents including Santa. Past: Cofounder and Chief Architect @capsule8 (tweets are my own.)August Żywczyk @august_zywczyk
3K Followers 1K Following Mąż wspaniałej żony i tata trzech synów😉 ▪️VP - Defence24 Group▪️ @Defence24pl @InfoSecurity_24 @Energetyka_24 @Space24pl @CyberDefence24 @Academy24_pldosdude1 @dosdude1
13K Followers 36 Following Apple Enthusiast, iOS and macOS Software Developer, enjoy collecting, repairing, and upgrading Macs and other Apple products.Jiantao Li @CurseRed
2K Followers 370 Following Security Researcher @starlabs_sg , playing CTF with @r3kapigCarl Smith @cffsmith
696 Followers 589 Following V8 Security @Google/@v8js; @FluxFingers/@Sauercl0ud; previously Intern {Project Zero, @XI_Research}. Personal account.Zion Leonahenahe Basq.. @mahal0z
2K Followers 206 Following Native Hawaiian Hacker | Prev Co-captain of @Shellphish | PhD Student in Comp Sci @ASU l Decompiler Research | Mastodon: @[email protected]LaurieWired @lauriewired
30K Followers 204 Following Reverse engineer specializing in cross-platform malware analysis with a focus on mobile threats.NSSpain XI @NSSpain
6K Followers 203 Following A worldwide known conference for Apple developers, surrounded by vineyards. Sept 14-15, 2023. By @lascorbe & @borjareinares. Sponsorships: [email protected]𝚙𝚛𝚢𝚠𝚊�.. @prywatnieEU
801 Followers 497 Following https://t.co/KC3I4mf9UP - prywatność w sieci, treści edukacyjne, porady, newsy i recenzjezeph @aboutzeph
1K Followers 56 Following 23 | iOS Developer | Swift Student Challenge 2024 WinnerMaurice Heumann @momo5502
12K Followers 193 Following 🐍 DRM Developer & Reverse Engineer. My girlfriend rates me 4/5 stars.Jakub Mościcki @Jakub_moscicki
37K Followers 532 Following https://t.co/Vhfr6nR2O1 https://t.co/QXiCgWkjDP #nieinwestujMateusz Chrobok @MateuszChrobok
8K Followers 440 Following CyberSecurity Geek, founder, ML & XAI enthusiast. Education & evangelization.Tony Gorez @tonygo_
626 Followers 595 Following senior systems engineer @getpostman • open source hacker • @nodejs diagnostic wg • devtools enthusiastAndrew Tsai @Andytizer
1K Followers 57 Following PC and Mac gamer, founder of @PCGamingWiki @AppleGamingWiki - YouTube: https://t.co/QCmWEIH9Arsferrini @Simone_Ferrini
4K Followers 1K Following *OS Security Researcher. Interested in RE, fuzzing, hardware and low-level binary stuff. Occasional CTF player.Leonid Bezvershenko @bzvr_
3K Followers 286 Following Studying math, reversing and Twitter... | Security Researcher @ Kaspersky, GReAT | Drovosec CTF team | Tweets are my own💥 𝕭𝖑4𝖈�.. @bl4ckh0l3z
4K Followers 220 Following #Mobile #threat HEXorcist 👹👼🏻💣 • Android/iOS/ARM malware analyst 🔎✏️ • Mobile apps exploiter 📲🧨 • #italiansdoitbetter 🇮🇹🍕🍝 🎸 • Opinions are mine 🤙tsunekoh @tsunek0h
466 Followers 98 Following Security Researcher, macOS, Arm-based Windows, @[email protected]bigshortbets research @bigsb_research
33K Followers 270 Following 🇵🇱 @bigshortbets Research & Analizy RynkoweDonncha Ó Cearbhaill @DonnchaC
5K Followers 5K Following Head of Security Lab at @AmnestyTech - Hunting spyware and unlawful surveillance targeting civil society (He/Him) - Fedi: @[email protected]Dan Revah @danrevah
267 Followers 33 Following@[email protected].. @cfp_time
4K Followers 3 Following All about #infosec Call for Papers. Proudly sponsored by @perimonisec@cedowens @philofishal Thanks for the tip @philofishal @cedowens will get this added to LOOBins! github.com/infosecB/LOOBi…
The PS4 (up to FW 11.00) and PS5 (up to FW 8.20) were vulnerable to CVE-2006-4304: hackerone.com/reports/2177925. I'll share details about successful exploitation at TyphoonCon.
 🌪️ PlayStation 4 Kernel RCE will be presented by @theflow0 at #TyphoonCon24! Early bird tickets are now on sale: typhooncon.com/playstation-4-…
@_r3ggi @_saagarjha @theevilbit @BlackHatEvents Ha! So it was you guys who ruined this one :D Well done!
The slides to our @BlackHatEvents talk "The Final Chapter: Unlimited ways to bypass your macOS privacy mechanisms" with @_r3ggi is now available at the event's website: i.blackhat.com/Asia-24/Presen…
@_r3ggi used NSPredicates to find TCC Infoleaks on macOS. You can see the actual use in the slides. NSExpression which are a subset of those were heavily abused by NSO and others to exploit iOS. Here is an excellent example of using Predicates for finding vulns!
My highlight for the second day of #BHASIA @_r3ggi and @theevilbit “The Final Chapter - Unlimited Ways to Bypass your macOS Privacy Mechanisms” - for the third time they cracked TCC on macOS in various ways - impressive!
The MagicDot talk by @oryair1999 at #BHAsia24 was great! Messing with file system is so much fun 😎
Stoked to announce "Objective by the Sea" v7.0: objectivebythesea.org/v7/index.html #OBTS v7: 📍 Maui, Hawai'i 🗓️ Dec. 2nd - 6th '24 ...hope to see you all there! 🌞🌴
@_xpn_ And all the top vba developers are maldevs…
The top #VBA developers globally are: 🥁 1. @MDSecLabs - ★1.72k, 1 repo 2. @ShitSecure - ★1.23k, 2 repos 3. ivankokan - ★1.18k, 1 repo 4. itm4n - ★779, 1 repo 5. @JonathanLeRoux - ★708, 1 repo 🌍 Total: 14.3k #developers, 19k repos stardev.io/top/developers…
Great talk by @Turmio_ about abusing macOS Calendar for code execution! Title: "Have U Been Invited (episode 2) - MacOS Logic Bugs" youtube.com/watch?v=9NlQXL…
Zoom Desktop Client (now rebranded as “Zoom Workplace”) is now at version 6.0.0 for macOS, Windows, and Linux. It includes “security enhancements.” (Zoom hasn’t released security bulletins or CVE details yet.) Also watch for iOS and Android updates, which should be coming soon.
I've just published a new blog post analyzing another macOS 🍎 stealer - CloudChat. link.medium.com/wzlES5FsOIb #malware #macos #stealer