#OBTS скачать в хорошем качестве
#OBTS
8 дней назад
Не удается загрузить Youtube-плеер. Проверьте блокировку Youtube в вашей сети.
Повторяем попытку...
Повторяем попытку...
Скачать видео с ютуб по ссылке или смотреть без блокировок на сайте: #OBTS в качестве 4k
У нас вы можете посмотреть бесплатно #OBTS или скачать в максимальном доступном качестве, видео которое было загружено на ютуб. Для загрузки выберите вариант из формы ниже:
-
Информация по загрузке:
Скачать mp3 с ютуба отдельным файлом. Бесплатный рингтон #OBTS в формате MP3:
Если кнопки скачивания не
загрузились
НАЖМИТЕ ЗДЕСЬ или обновите страницу
Если возникают проблемы со скачиванием видео, пожалуйста напишите в поддержку по адресу внизу
страницы.
Спасибо за использование сервиса ClipSaver.ru
#OBTS
Slides: https://objectivebythesea.org/v8/talk... Talk Description: The macOS threat landscape has changed considerably in recent years with the ever-increasing prevalence of macOS malware. In response, Apple has expanded the capabilities of XProtect by introducing new features such as XProtect Remediator (XPR) and XProtect Behavior Service. XPR periodically scans to remove malware and restores infected devices. However, due to a lack of detailed reverse engineering efforts, its detection or remediation capabilities remain unclear. In this presentation, we share our reverse engineering results of XPR. Since XPR binaries are stripped Swift binaries, the detailed analysis was challenging. We developed custom tools for static and dynamic analysis of Swift binaries, which allowed us to perform a thorough investigation. Our analysis uncovered intriguing detection logics that go beyond the previously known simple scanning using YARA rules. These include a creative mechanism that employs OCR to detect malware performing a Gatekeeper bypass. Furthermore, our examination revealed Apple-exclusive threat intelligence, including information related to malware believed to be the TriangleDB macOS implants. Remarkably, we discovered that XPR's detection logic is described with a custom DSL using Swift Result Builders—the same technology that powers SwiftUI's declarative syntax. Our analysis of the DSL demonstrated that it significantly helps in understanding the details of XPR's detection logic. This presentation provides valuable insights into XPR internals for blue teams working on macOS security. The tools being introduced will help security researchers analyze future XPR updates to obtain Apple's threat intelligence included in XPR. Additionally, information on XPR vulnerabilities will benefit red teams. Speaker's Bio: 👤 Koh M. Nakagawa is a security researcher at FFRI Security, Inc., mainly working on vulnerability research. His research interests are the security of Apple Products. He gave talks at security conferences such as Black Hat EU, Black Hat Asia, and CODE BLUE. https://x.com/tsunek0h Support the Objective-See Foundation: https://www.objective-see.org/ https://x.com/objective_see/ / objective-see
Comments