Google, IBM & Meta Certificates — All 10,000+ Courses at 40% Off
One annual plan covers every course and certificate on Coursera. 40% off for a limited time.
Get Full Access
Explore a comprehensive analysis of macro-based attacks targeting Apple's macOS in this 28-minute conference talk from the Hack In The Box Security Conference. Delve into recent exploits, focusing on macOS-specific code and payloads. Uncover a novel exploit chain starting with CVE-2019-1457, involving a new sandbox escape and bypassing Apple's notarization requirements. Learn how simply opening a malicious Office document can persistently infect a fully-patched macOS Catalina system without additional user interaction. Gain insights from Patrick Wardle, a Principle Security Researcher at Jamf and founder of Objective-See, as he shares his expertise in macOS security. Follow the presentation's structure, covering an introduction to macros, extraction techniques, the macro chain, persistence methods, and concluding remarks.
