https://objectivebythesea.com/v3/
About the talk...
On the Windows platform, macro-based attacks are well understood (and frankly are rather old news). However on macOS, though such attacks are growing in popularity and are quite en vogue, they have received far less attention from the research and security community.
In this talk, we will begin by analyzing recent macro-based attacks that target Apple's desktop OS, highlighting macOS-specific exploit code and payloads. Rather unsurprisingly though, these attacks are unsophisticated, requiring explicit user-approval to run the malicious macro code and remain constrained by Office's constrictive sandbox. Rather lame!
However, things could be worse! We'll end the talk by detailing a novel exploit chain (created by yours truly), that starts with CVE-2019-1457, leverages a new sandbox escape and ends with a full bypass of Apple's stringent notarization requirements. Triggered by simply opening a malicious (macro-laced) Office document, no other user interaction required, in order to persistently infect even a fully-patched macOS Catalina system!
...so maybe don't open any Office documents for the time being!?
About the talk...
On the Windows platform, macro-based attacks are well understood (and frankly are rather old news). However on macOS, though such attacks are growing in popularity and are quite en vogue, they have received far less attention from the research and security community.
In this talk, we will begin by analyzing recent macro-based attacks that target Apple's desktop OS, highlighting macOS-specific exploit code and payloads. Rather unsurprisingly though, these attacks are unsophisticated, requiring explicit user-approval to run the malicious macro code and remain constrained by Office's constrictive sandbox. Rather lame!
However, things could be worse! We'll end the talk by detailing a novel exploit chain (created by yours truly), that starts with CVE-2019-1457, leverages a new sandbox escape and ends with a full bypass of Apple's stringent notarization requirements. Triggered by simply opening a malicious (macro-laced) Office document, no other user interaction required, in order to persistently infect even a fully-patched macOS Catalina system!
...so maybe don't open any Office documents for the time being!?
Комментариев нет.
Следующее
Auto
-
05:55
Fifa 21 - How to complete the Patrick Bamford card - Premiership TOTS objective
-
30:54
OBTS v4.0: "Anti Analysis Logic of Arm Malware on macOS" - Patrick Wardle
-
46:35
OBTS v3.0: "Walking the bifrost" - Cody Thomas
-
08:44
Writing data to the documents directory – Bucket List SwiftUI Tutorial 2/13
-
39:23
OBTS v3.0: "iMessage Exploitation" - Samuel Grob
-
48:15
I Can Help You Travel And Get Italian Documents Easily - Ghanaian Immigration Expert In Italy
-
00:56
Map Firestore documents using Swift Codable
-
31:41
OBTS v3.0: "The Case of The Fly on the Wall" - Thomas reed
-
08:35
How to add documents to your Kotlin API using KDoc and Dokka?
-
01:00
Patrick’s Elliott Waves - Episode 69: SP500
-
01:04
Как добавить вибрацию при нажатии на кнопку (Swift 5, Xcode 13) / mrGURU
-
2:17:30
1. Разработка на Android. Введение | Технострим
-
22:17
![Android-разработка[8]. Работа с сетью](https://appdrafting.com/uploads/thumbs/c0b372616-1.jpg)
Android-разработка[8]. Работа с сетью
