Explore a critical macOS vulnerability (CVE-2021-30657) that bypassed key security features like File Quarantine, Gatekeeper, and Notarization in this 40-minute conference talk from Ekoparty 2021. Dive deep into the macOS policy subsystem to uncover the root cause of the bug, examine malware exploiting it as a zero-day, and learn about Apple's patch. Discover novel detection and prevention methods for this vulnerability that allowed attackers to compromise macOS systems with a simple user double-click. Gain insights from security expert Patrick Wardle, founder of Objective-See, as he shares his expertise on macOS security and malware analysis.
Bundles of Joy - Breaking macOS via Subverted Applications Bundles
Ekoparty Security Conference via YouTube
Overview
Syllabus
Bundles of Joy: Breaking macOS via Subverted Applications Bundles â–ª Patrick Wardle â–ª Ekoparty 2021
Taught by
Ekoparty Security Conference
Related Courses
-
Breaking, Entering, and Staying - Adventures in Hacking macOS
-
Synthetically Breaking macOS - Patrick Wardle - Ekoparty Security Conference - 2019
-
Meet and Greet with the macOS Malware Class of 2016
-
Process Injection - Breaking All macOS Security Layers With a Single Vulnerability
-
1-Click to Infiltrate Your Organization via Vulnerable VS Code Extensions
-
Documents of Doom - Infecting macOS via Office Macros
