Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Documents of Doom - Infecting macOS via Office Macros

Hack In The Box Security Conference via YouTube

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore a comprehensive analysis of macro-based attacks targeting Apple's macOS in this 28-minute conference talk from the Hack In The Box Security Conference. Delve into recent exploits, focusing on macOS-specific code and payloads. Uncover a novel exploit chain starting with CVE-2019-1457, involving a new sandbox escape and bypassing Apple's notarization requirements. Learn how simply opening a malicious Office document can persistently infect a fully-patched macOS Catalina system without additional user interaction. Gain insights from Patrick Wardle, a Principle Security Researcher at Jamf and founder of Objective-See, as he shares his expertise in macOS security. Follow the presentation's structure, covering an introduction to macros, extraction techniques, the macro chain, persistence methods, and concluding remarks.

Syllabus

Introduction
What is a macro
How to extract macros
Macro chain
Persistence
Conclusion

Taught by

Hack In The Box Security Conference

Reviews

Start your review of Documents of Doom - Infecting macOS via Office Macros

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.