Posts

• January 19, 2021 About com.apple.private.security.clear-library-validation
• January 17, 2021 Divide and Conquer - A technique to bypass NextGen AV
• December 13, 2020 Reversing engineering the fix of CVE-2020-9771
• November 17, 2020 Microsoft Teams for macOS Local Privilege Escalation
• October 26, 2020 Getting started in macOS security
• October 22, 2020 Let's talk macOS Authorization
• July 3, 2020 CVE-2020-9771 - mount_apfs TCC bypass and privilege escalation
• June 16, 2020 Secure coding XPC Services - Part 5 - PID reuse attacks (CVE-2020-14977)
• June 12, 2020 Secure coding XPC Services - Part 4 - Improved client authorization (CVE-2020-14978)
• June 9, 2020 The AMFI MACF policy system call
• May 29, 2020 Secure coding XPC Services - Part 3 - Incorrect client verification (CVE-2020-0984)
• May 12, 2020 Kernel Debugging macOS with SIP
• March 22, 2020 Secure coding XPC Services - Part 2 - Checking CS (CodeSigning) flags of the client
• March 18, 2020 Exploiting directory permissions on macOS
• January 12, 2020 Secure coding XPC services - Part 1 - Why EvenBetterAuthorization is not enough? (CVE-2019-20057)
• October 25, 2019 GateKeeper - Bypass or not bypass?
• October 12, 2019 IOBit Unlocker 1.1.2 - Local Privilege Escalation (CVE-2020-14974 & CVE-2020-14975)
• October 5, 2019 Few click RCE via GitHub Desktop macOS client with Gatekeeper bypass and custom URL handlers
• August 9, 2019 UninstallString - a possible LPE via Social Engineering
• July 31, 2019 A simple protection against HMValidateHandle technique

• 1
• 2
• ›
• »