-
December 12, 2024
The diskarbitrationd and storagekitd Audit Story Part 2
-
November 8, 2024
The diskarbitrationd and storagekitd Audit Story Part 1
-
July 19, 2024
Dock Tile Plugins Could Be Used to Escalate Privileges
-
May 24, 2024
CVE-2023-40424 - How Malware Can Bypass Transparency Consent and Control
-
March 15, 2024
How Apple Mitigates Vulnerabilities in Installer Scripts
-
August 29, 2022
CVE-2017-2533 - The details behind
-
October 29, 2021
CVE-2021-30808 - CVE-2021-1784 strikes back - TCC bypass via mounting
-
May 26, 2021
NOCVE - TeamViewer Local Privilege Escalation Vulnerability
-
April 20, 2021
CVE-2020-9900 & CVE-2021-1786 - Abusing macOS Crash Reporter
-
December 13, 2020
CVE-2020-9771 - Reversing Engineering the Fix
-
July 3, 2020
CVE-2020-9771 - mount_apfs TCC bypass and privilege escalation
-
June 16, 2020
CVE-2020-14977 - Secure coding XPC Services - Part 5 - PID reuse attacks
-
June 12, 2020
CVE-2020-14978 - Secure coding XPC Services - Part 4 - Improved client authorization
-
May 29, 2020
CVE-2020-0984 - Secure coding XPC Services - Part 3 - Incorrect client verification
-
March 18, 2020
TALK - Exploiting directory permissions on macOS
-
January 12, 2020
CVE-2019-20057 - Secure coding XPC services - Part 1 - Why EvenBetterAuthorization is not enough?
-
October 12, 2019
CVE-2020-14974 & CVE-2020-14975 - IOBit Unlocker 1.1.2 - Local Privilege Escalation
-
August 9, 2019
UninstallString - a possible LPE via Social Engineering
-
July 9, 2019
DYLD_INSERT_LIBRARIES DYLIB injection in macOS / OSX
-
June 1, 2019
TALK - macOS - Getting root with benign AppStore apps