Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Watch a 19-minute conference talk exploring a critical security vulnerability (CVE-2024-40834) discovered in Apple's Shortcuts application across iOS, WatchOS, MacOS, and VisionOS platforms. Learn how manipulating specific functionalities enables arbitrary command execution on MacOSX systems while bypassing built-in security features, and allows unauthorized file access across all Apple operating systems with potential data leakage to remote hosts. Understand the implications of this vulnerability for drive-by-download phishing attacks, where malicious payloads can be distributed through Apple's native infrastructure with legitimate signatures and without triggering security alerts. Presented by Marcio Almeida, a Security Specialist at Tanto Security with over 10 years of experience in penetration testing, code review, and exploit development, this talk from Objective-See Foundation's conference provides valuable insights into potential exploitations within the Apple ecosystem and emphasizes the importance of developing protective measures for user safety.
