MacOS Security - Escaping The Sandbox & Bypassing TCC
Offered By: Hack In The Box Security Conference via YouTube
Course Description
Overview
Explore macOS security mechanisms, focusing on sandboxing and Transparency, Consent, and Control (TCC) in this 55-minute conference talk from the Hack In The Box Security Conference. Dive into the evolution of macOS security features, including the introduction of sandbox-like restrictions for non-sandboxed apps in macOS Catalina. Examine the new security boundaries created by these measures and the potential vulnerabilities they introduce. Learn about the challenges developers face in safeguarding app permissions and the importance of understanding these new security models. Discover techniques for bypassing protections in third-party applications and analyze real-world vulnerabilities that allowed sandbox escapes, TCC permission theft, and privilege escalation. Gain insights from security researchers Thijs Alkemade and Daan Keuper as they share their findings on macOS and iOS security, including specific CVEs in macOS and Adobe Reader.
Syllabus
#HITB2021AMS D1T1 - MacOS Security: Escaping The Sandbox & Bypassing TCC - T. Alkemade and D. Keuper
Taught by
Hack In The Box Security Conference
Related Courses
Cybersecurity Roles, Processes & Operating System SecurityIBM via Coursera Operating Systems and Security
IBM via edX The Complete Cyber Security Course : Hackers Exposed!
Udemy IT Security Foundations: Operating System Security
LinkedIn Learning The Faces of MacOS Malware - Detecting Anomalies in a Poisoned Apple
nullcon via YouTube