jiska

This is Limburg BE, not NL - though they are pretty close.

www.bsides-limburg.be/home

GrapheneOS released some innovative mitigations prior to Apple. Yet, it needs Big Tech to apply such ideas and make phones more secure at scale.

Using an iPhone 17, which now also ships with EMTE, Inactivity Reboot, SPTM, TXM, Conclaves, ...? — Oh, just the average Apple fangirl/boy who gets a new device every year due to camera improvements. ✅

GrapheneOS im Visier der Strafverfolgung Quelle der Bedenken scheinen Berichte mehrerer französischer Medien zu sein, darunter einer der Tageszeitung Le Parisien. Darin wird GrapheneOS als "Geheimwaffe" bezeichnet, mit der Drogenhändler und andere Kriminelle ihre Daten vor der Polizei schützten. Dass sich das Betriebssystem im Vergleich zum Standard-Android besonders schwer knacken lässt, hatte zuletzt eine geleakte Präsentationsfolie des Forensikdienstleisters Cellebrite gezeigt.

Using a Pixel with GrapheneOS that features Inactivity Reboot, MTE, and more? — You must be a drug dealer. 🚨

A Simple WhatsApp Security Flaw Exposed 3.5 Billion Phone Numbers By plugging tens of billions of phone numbers into WhatsApp’s contact discovery tool, researchers found “the most extensive exposure of phone numbers” ever—along with profile photos and more.

Researchers tried plugging every possible phone number into WhatsApp's web app. They found they could collect 3.5 billion users' phone numbers, plus photos for half and profile text for more than a third, the biggest personal data exposure ever by some measures. www.wired.com/story/a-simp...

Binary Ninja 5.2, Io, is live and it's out of this world! binary.ninja/2025/11/13/b...

With some of our most requested features of all time including bitfield support, containers, hexagon, Ghidra import, and a huge upgrade to TTD capabilities, plus a ton more, make sure to check out the changelog!

USENIX WOOT Conference 2026: two submission deadlines this year!

- Cycle 1: December 12, 2025 *only one month away* !
- Cycle 2: March 3, 2026

WOOT still has a SoK track and an "Up-and-coming track" (~Industry), CFP for details:
www.usenix.org/conference/w...

Dein erster Congress? Die Chaospat:innen sind für dich auf dem 39C3 da! Auch in diesem Jahr sind die Chaospat:innen wieder beim Chaos Communication Congress in Hamburg am Start! Interessierte Mentor:innen und Mentees können sich bis zum 25. November 2025 um 23:59 Uhr…

Dein erster Congress und pures Chaos? Die Chaospat:innen sind für dich da. Melde dich bis zum 25. November. Willkommen sind alle, die den #39c3 offener und vielfältiger machen wollen! events.ccc.de/2025/11/10/3...

OBTS v8.0: Diving into C1 Learn more about my talk “What’s at the Bottom of the Sea, One Baseband? - Diving into the C1” at eight edition of the Objective by the Sea conference.

I just published the slides of my #OBTS v8.0 talk about Apple's #C1 baseband. Our C1 #binja loader is now available on GitHub, and you can find a recording on YouTube.

lukasarnold.de/posts/obtsv8...

39C3 Presale: Modus Operandi Wir freuen uns, euch den Vorverkauf für den diesjährigen Chaos Communication Congress anzukündigen. Der Vorverkauf wird dieses Jahr ziemlich genau ablaufen wie letztes Jahr: Der Vorverkauf wird…

Wir freuen uns, den Vorverkauf für den #39c3 anzukündigen. Im Anschluss an die Voucherphase gibt es zwei offene Verkaufstermine. (Fast) alle Engel erhalten heute eine E-Mail mit Voucher events.ccc.de/2025/10/16/3...

On a Saturday night I stumbled across something on the internet that made me feel like ****** my pants. A giant dataset of real surveillance operations targeting 1000s of people across nearly every country. Unraveling it and the mysterious company behind it has consumed 1.5 years of my life

Modern iOS Security Features -- A Deep Dive into SPTM, TXM, and Exclaves The XNU kernel is the basis of Apple's operating systems. Although labeled as a hybrid kernel, it is found to generally operate in a monolithic manner by defining a single privileged trust zone in whi...

Want to know more details on Apple's SPTM, TXM, and Exclaves? Read more on this in the paper based on Moritz Steffin's thesis. Lots of low-level details including their security implications are covered.

arxiv.org/abs/2510.09272

CCC | Lectures, music, art, punk: Join us at the 39th Chaos Communication Congress! Der Chaos Computer Club ist eine galaktische Gemeinschaft von Lebewesen für Informationsfreiheit und Technikfolgenabschätzung.

Lectures, music, art, punk: Join us at the 39th Chaos Communication Congress and please submit! The deadline for all submissions for the stages is October 24. #39C3 will take place from December 27 to 30 www.ccc.de/en/updates/2...

USB Restricted Mode already does that - data lines are disabled when the phone is locked. There's logic to still allow devices to maintain a connection when you connected them while unlocked, making it usable but still increasing security a lot. In Lockdown Mode, the policy is more aggressive.

Apple's latest iPhone security feature just made life more difficult for spyware makers | TechCrunch Buried in an ocean of flashy novelties announced by Apple this week, the tech giant also revealed new security technology for its latest iPhone 17 and

NEW: Apple launched a new security feature specifically to fight against spyware and zero-day exploit makers.

We spoke to a researcher who sells zero-days to the U.S. government, who thinks this will make their life much harder and raise the cost of developing and selling hacking tolls for iPhones.

Job Opportunity: Information Security Program Manager - The Citizen Lab The Information Security Program Manager will be responsible for providing strategic leadership to develop and implement Information Security Programs for the Citizen Lab as well as other units at the...

JOB ALERT: We are recruiting for the newly created role of Information Security Program Manager.

Apply by Sept 30.

citizenlab.ca/2025/09/job-...

Places usually go quickly! Use this link to register - you can even select only the days with the topics that interest you and skip others.
blackhoodie.re/Hexacon2025/

Want to learn reverse engineering? There'll be a free, women*-only BlackHoodie workshop from October 6th to 9th in Paris!

Topics:
• Linux memory forensics 🕵️‍♀️ (by Sonia)
• Web app and mobile app pentesting 🕸️📱 (by Paula)
• iOS reversing 🍎 (by me)

Kürzung des Mindestlohnes, da Arbeit wieder bezahlbar sein muss. Zusammen mit Kürzungen der Sozialleistungen, da sich Arbeit lohnen muss. Kinderarbeit wird dann natürlich steuerbegünstigt, um die Jugend schon früh in den Arbeitsmarkt zu integrieren und vom Mindestlohn ausgenommen.

WOOT '25 Technical Sessions All sessions will be held in Room 611-612 unless otherwise noted.

WOOT 2025 schedule, all papers are now online open access:
usenix.org/conference/w...
Talks are recorded, and should be online in a few weeks.

I'm the Mobile track lead this year and happy to chat if you've got questions about what we're looking for in submissions.

europe-briefings-cfp.blackhat.com

Been working on some interesting mobile security research lately? 📱🔬 Submit it to Black Hat Europe, the CFP deadline is August 11. Speaker honorarium + travel to London 🎡💂🏼‍♀️🏙️ are covered!

My first day with a fancy new title 👩‍🏫🎉

WOOT '25 Technical Sessions

Discounted early bird registration for WOOT '25 is still open until Monday - www.usenix.org/conference/w... - join us in Seattle on Aug 11/12 (right before USENIX Security) for talks and discussions on great cutting-edge offensive security research. Full program at www.usenix.org/conference/w...

Easy, beginner-friendly class teaching how to use Binary Ninja's debugger. Had the pleasure of beta testing it :)

Has anyone noticed/looked at the SPTM/TXM headers in the tahoe KDK?

Demo video: www.youtube.com/watch?v=dHz8...
Read the full paper: arxiv.org/abs/2507.07210

(2/2)

The WatchWitch app in context, showing the Apple Watch and the paired iPhone as well as the Android phone running the app.

The Apple Watch has a closed down ecosystem, only compatible with the iPhone. Nils reverse engineered its interfaces to open it up for Android! ✨ WatchWitch ✨ allows using your Apple Watch ⌚ on Android devices, interpreting your health data, answering messages on the Watch & more. (1/2)

Announcing RE//verse 2026! Website is updated with info for sponsors, trainers, speakers, and more importantly, attendees! Are you ready for another year of high quality reverse engineering talks and networking? Join us the first week of March, 2026!

re-verse.io

Changelog Changelog # 1.6.0 # CellGuard now supports dual SIM setups. When two SIM cards are activated simultaneously, the app can distinguish between their connected cells and packets. We’re working on extract...

We've released CellGuard 1.6.0, our iOS app, to make use of the iPhone's internal baseband communication. The update enhances support for dual SIM, adds new #C1 packet types, automatic navigation to sysdiagnoses, and more: cellguard.seemoo.de/docs/changel...