-
October 22, 2020
Let's talk macOS Authorization
-
July 3, 2020
CVE-2020-9771 - mount_apfs TCC bypass and privilege escalation
-
June 16, 2020
CVE-2020-14977 - Secure coding XPC Services - Part 5 - PID reuse attacks
-
June 12, 2020
CVE-2020-14978 - Secure coding XPC Services - Part 4 - Improved client authorization
-
June 9, 2020
The AMFI MACF policy system call
-
May 29, 2020
CVE-2020-0984 - Secure coding XPC Services - Part 3 - Incorrect client verification
-
May 12, 2020
Kernel Debugging macOS with SIP
-
March 22, 2020
Secure coding XPC Services - Part 2 - Checking CS (CodeSigning) flags of the client
-
March 18, 2020
TALK - Exploiting directory permissions on macOS
-
January 12, 2020
CVE-2019-20057 - Secure coding XPC services - Part 1 - Why EvenBetterAuthorization is not enough?
-
October 25, 2019
GateKeeper - Bypass or not bypass?
-
October 12, 2019
CVE-2020-14974 & CVE-2020-14975 - IOBit Unlocker 1.1.2 - Local Privilege Escalation
-
October 5, 2019
NOCVE - Few click RCE via GitHub Desktop macOS client with Gatekeeper bypass and custom URL handlers
-
August 9, 2019
UninstallString - a possible LPE via Social Engineering
-
July 31, 2019
A simple protection against HMValidateHandle technique
-
July 9, 2019
DYLD_INSERT_LIBRARIES DYLIB injection in macOS / OSX
-
June 1, 2019
TALK - macOS - Getting root with benign AppStore apps
-
May 28, 2019
CVE-2020-14976 - GNS3 ubridge SETUID bit - arbitrary file read
-
March 31, 2019
CVE-2019-5514 - VMware Fusion 11 - Guest VM RCE