Thank you for all the recommendations so far!

Some of you asked for me to share the list of what I got, so here it is:https://t.co/5MgcxwRhKH
More technical conference talk recommendations are welcomed! :) https://t.co/mo3NSVjjzR

— Gynvael Coldwind (@gynvael.bsky.social) (@gynvael) December 18, 2024

In 2015, Jiwon Han published a paper on why walking with a coffee mug often leads to spills.

Han discovered that our natural walking frequency unfortunately matches the frequency at which coffee prefers to slosh around.

He also explored various methods to prevent spills,… pic.twitter.com/ay7Xpf861Z

— Fermat's Library (@fermatslibrary) December 17, 2024

A side effect of 🍎's privacy mindset: in-memory payloads remain largely invisible/inaccessible to macOS security/3rd-party tools

Apple nuked their reflective code loading APIs - but was that enough? 🫣

From #OBTS v7:
"Restoring Reflective Code Loading"https://t.co/VtREKszXN4

— Patrick Wardle (@patrickwardle) December 17, 2024

🔥🔥🔥
[$55000](CVE-2024-8904)[365376497][wasm][jspi]JSPI stack switching breaks lazy deoptimization guarantees -> type confusion in V8 is now open with PoC(bypass stable map code dependencies) and exploit(rce + v8sbx escape[361862752])https://t.co/e0IxqH4vwR https://t.co/qtFlungB1b pic.twitter.com/rKQbDQkhgN

— xvonfers (@xvonfers) December 18, 2024

There are a lot of people here who really don't understand how phone snatching works.

They steal the unlocked phone. You have access to the person's SMS, email and phone number.

They know the exact issues in each banking app that allows them to gain access. https://t.co/eWHCpG64Yc

— Cybergibbons 🚲🚲🚲 (@cybergibbons) December 17, 2024

Niall McNamee was scrolling through his phone on the Ldn Underground when a thief on the platform snatched it from his hand just as the doors closed.

Two days later the 30-yr-old discovered his bank accounts had been drained by about £21,000 - including a £7,000 loan. pic.twitter.com/P58qUAiyz2

— London & UK Street News (@CrimeLdn) December 16, 2024

I think that people haven't realised that these are organised gangs working to a playbook.

It's not just some random dude hoping for the best.

— Cybergibbons 🚲🚲🚲 (@cybergibbons) December 17, 2024

Just because *you* normally open your banking app using biometrics or PIN doesn't mean you are secure.

So many banks have flows that allow someone with SMS and email access to bypass controls. It's not always the app itself either.

— Cybergibbons 🚲🚲🚲 (@cybergibbons) December 17, 2024

The Chinese threat intelligence report is here:https://t.co/X5TEiZHQXa

It’s always nice to see reports from other parts of the world because they can give a different perspective.

That said, the translation I read was super confusing so I’m sure I missed some details https://t.co/K1VYnXmQvh

— thaddeus e. grugq (@thegrugq) December 19, 2024

I’ve just added microphone support to USB Army Knife thanks to the @M5Stack AtomS3U platform. You can plug one of these into your victims PC and stream to your phone over WiFi!

Listen to your victim’s cries of pain as you compromise their infrastructure😃 https://t.co/iKWFX6ymyV pic.twitter.com/DL59rbleu9

— 丂卄ㄖᗪ卂几 - 👋 crack fingers (@therealshodan) December 18, 2024

I’ve just added microphone support to USB Army Knife thanks to the @M5Stack AtomS3U platform. You can plug one of these into your victims PC and stream to your phone over WiFi!

Listen to your victim’s cries of pain as you compromise their infrastructure😃 https://t.co/iKWFX6ymyV pic.twitter.com/DL59rbleu9

— 丂卄ㄖᗪ卂几 - 👋 crack fingers (@therealshodan) December 18, 2024

🛑🤡PSA: This is disingenuous marketing. Signal chats can't be 'monitored' by anyone not in those chats.

Dressing up "joining groups via publicly posted links, then exfiltrating group data" as an offensive 'cybercapability' borders on misinfo, and confuses/scares ppl who rely…

— Meredith Whittaker (@mer__edith) December 19, 2024