YoVDO

MacOS Security - Escaping The Sandbox & Bypassing TCC

Offered By: Hack In The Box Security Conference via YouTube

Tags

Hack In The Box Security Conference Courses Privilege Escalation Courses macOS Security Courses Security Research Courses iOS Security Courses

Course Description

Overview

Explore macOS security mechanisms, focusing on sandboxing and Transparency, Consent, and Control (TCC) in this 55-minute conference talk from the Hack In The Box Security Conference. Dive into the evolution of macOS security features, including the introduction of sandbox-like restrictions for non-sandboxed apps in macOS Catalina. Examine the new security boundaries created by these measures and the potential vulnerabilities they introduce. Learn about the challenges developers face in safeguarding app permissions and the importance of understanding these new security models. Discover techniques for bypassing protections in third-party applications and analyze real-world vulnerabilities that allowed sandbox escapes, TCC permission theft, and privilege escalation. Gain insights from security researchers Thijs Alkemade and Daan Keuper as they share their findings on macOS and iOS security, including specific CVEs in macOS and Adobe Reader.

Syllabus

#HITB2021AMS D1T1 - MacOS Security: Escaping The Sandbox & Bypassing TCC - T. Alkemade and D. Keuper


Taught by

Hack In The Box Security Conference

Related Courses

Cybersecurity Roles, Processes & Operating System Security
IBM via Coursera
Operating Systems and Security
IBM via edX
The Complete Cyber Security Course : Hackers Exposed!
Udemy
IT Security Foundations: Operating System Security
LinkedIn Learning
The Faces of MacOS Malware - Detecting Anomalies in a Poisoned Apple
nullcon via YouTube