Created
October 20, 2025 22:10
-
-
Save psifertex/8ddbb63f5bd58c467db2664d9c8fe34f to your computer and use it in GitHub Desktop.
Revisions
-
psifertex created this gist
Oct 20, 2025 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,52 @@ Timestamps for all the talks if people want to watch them. I sent them to OBTS so hopefully they update video descriptions: https://www.youtube.com/watch?v=lWLVOJrNBW Day 1 Timestamps 00:00:00 Video Start 00:00:05 Opening slides (no audio) 00:02:30 Jaron Bradley: "Gotta Catch 'em All" (no audio) 00:12:50 Jaron Bradley: "Gotta Catch 'em All" (audio fades in) 00:29:36 Csaba Fitzl & Gergely Kalman: "Breaking the Sound Barrier: Exploiting CoreAudio via Mach Message Fuzzing" 00:51:48 Dillon Franke: "Breaking the Sound Barrier: Exploiting CoreAudio via Mach Message Fuzzing" 01:51:49 Kseniia Yamburh & Nazar Grycshuk: "Catch me if you Scan: MITRE-enhanced ML Magic to Solve Mac Malware’s Identity Crisis at Scale" 02:17:43 Sarah Edwards: "The Power of Powerlogs" 04:21:43 Stuart Ashenbrenner & Alden Schmidt: "BlueNoroff’s Clues: Investigating a DPRK Intrusion" 04:46:06 Yarden Hamami: "Unpacking the iOS Sandbox" 05:07:51 Nils Rollshausen: "Trust me, I’m an Apple Watch — On Protocol Reversing, Mimicry, and Data Exfiltration" 05:49:28 Anje Knottnerus: "From Bits to Behavior: Detecting macOS Command and Control Through Statistical Analysis" 06:13:48 Colson Wilhoit: "BYOB: Bring your own Blackbox - Containerized Defense Evasion on macOS" https://www.youtube.com/watch?v=ch1l45uKcAs Day 2 Morning Timestamps 00:00:00 Video Start 00:09:25 Day 2 Intro 00:15:02 Adva Gabay & Daniel Frank: "Hook, Line and Koi Stealer: New macOS Malware in DPRK Fake Job Interviews" 00:46:01 Lukas Arnold: "What’s at the Bottom of the Sea, One Baseband? - Diving into the C1" 01:10:56 Jonathan Levin: "Make XNU <del>GREAT</del> Little Again" 02:07:32 Callista Gratz: "It's all Fun and Games: Analyzing the Authentication Protocol in Apple's Private Cloud Compute" 02:34:40 John McIntosh: "Reverse Engineering Apple Security Updates" https://www.youtube.com/watch?v=APwICrPsTCU Day 2 Afternoon Timestamps 00:00:00 Video Start 00:02:57 Rousana Charles: "Beyond Static Labels: A Behavioral Framework for macOS Grayware Classification" 00:26:50 Wojciech Reguła: "Who Cares Where Waldo is. Locating macOS Users Without their Consent" 00:55:10 Brandon Dalton: "Introducing the Next Generation of Mac Monitor" 01:17:46 Paweł Płatek: "macOS privilege escalation via traceroute6" 01:45:01 Olivia Gallucci: "macOS Internals for Threat Detection Engineers: Logs, ESF, and Automation Utility Risks" 02:08:57 Zhi Zhou: "Queen B: Apple Compressor 0-click RCE" https://www.youtube.com/watch?v=2IaqyN3NO_0 Day 3 Timestamps 00:00:00 Video Start 00:42:15 Day 3 Intro 00:46:13 Ferdous Saljook: "Revoked, Not Dead: When CDHash Revocation Fails to Kill" 01:13:10 Ian Beer: "Something from Nothing - Exploiting Memory Zeroing in XNU" 01:52:43 Christine Fossaceca & Jonathan Bar Or: "Sploitlight: Exploiting Spotlight to Bypass TCC on macOS and Leak Private Data from Apple Intelligence" 02:37:41 Gregor Carmesin: "Using Type Metadata from Swift Binaries" 03:01:45 Marie Fischer: "What’s new in Lockdown Mode?" 05:09:05 Koh M. Nakagawa: "XUnprotect: Reverse Engineering macOS XProtect Remediator" 05:37:23 Sharvil Shah: "Exploring FSKit: Writing filesystems for fun, profit, and defense, detections and evasion?" 05:57:50 Matthias Frielingsdorf: "Placeboed Apples: A New Way to Hunt Spyware on iOS" 06:46:35 Tara Gould: "OopsSec: The Short Lived Campaign of Cthulhu Stealer" 07:09:51 Patrick Wardle: "The Battle Over Dylib Hijacking: 10 Years Later, Is It Finally Over?"