Bundles of Joy - Breaking macOS via Subverted Applications Bundles
Ekoparty Security Conference via YouTube
Overview
Explore a critical macOS vulnerability (CVE-2021-30657) that bypassed key security features like File Quarantine, Gatekeeper, and Notarization in this 40-minute conference talk from Ekoparty 2021. Dive deep into the macOS policy subsystem to uncover the root cause of the bug, examine malware exploiting it as a zero-day, and learn about Apple's patch. Discover novel detection and prevention methods for this vulnerability that allowed attackers to compromise macOS systems with a simple user double-click. Gain insights from security expert Patrick Wardle, founder of Objective-See, as he shares his expertise on macOS security and malware analysis.
Syllabus
Bundles of Joy: Breaking macOS via Subverted Applications Bundles â–ª Patrick Wardle â–ª Ekoparty 2021
Taught by
Ekoparty Security Conference