OBTS v4.0: "The Wild World of macOS Installers" - Tony Lambert
OBTS v4.0: "All Your Macs Are Belong To Us" - Cedric Owens, Jaron Bradley & Parick Wardle
OBTS v4.0: "Plug-n-Play: Using Native Code with Installer Plugins for Initial Access" - Chris ross
OBTS v4.0: "Mac Detections by The Numbers" - Thomas Reed
OBTS v4.0: "Kernel Exploitation on Apple's M1 chip" - 08tc3wbb
OBTS v4.0: "Siri, Find My Ex" - Eva Galperin
OBTS v4.0: "Environmental Disaster: A LaunchServices Tale" - Ron Waisberg
OBTS v4.0: "Pocket Litter - A Peek Inside Your Apple Wallet" - Sarah Edwards
OBTS v4.0: "Apple's Envy: Root once, bypass TCC" - Andy Grant
OBTS v4.0: "Anti Analysis Logic of Arm Malware on macOS" - Patrick Wardle
OBTS v4.0: "Becoming a Yogi on Mac ATT&CK with OceanLotus Postures" - Cat Self & Adam Pennington
OBTS v4.0: Made In America: Analyzing US Spy Agencies macOS Implants - Runa Sandvik & Patrick Wardle
Hypothesis-driven MacOS Threat Hunting - Plug
#OBTS v5.0: "Sandboxing with ESF Playground on macOS" - Matt Carman
OBTS v1.0: "Code Signing Flaw in macOS" - Thomas Reed
macOS persistence, LaunchAgents and Beyond - BSides Portland 2022
#OBTS v6.0: "Unexpected, Unreasonable, Unfixable: Filesystem Attacks on macOS" - Gergely Kalman
#OBTS v6.0: A Journey into Reversing RustBucket on macOS - Jaron Bradley & Ferdous Saljooki
OBTS v1.0: "MacDoored" - Jaron Bradley
#OBTS v5.0: "Making oRAT, Go" - Patrick Wardle