Podcasts about objective see

Jaron Bradley from Jamf Threat Labs is sharing their work on "Jamf Threat Labs discovers new malware embedded in pirated applications." Jamf Threat Labs has detected a series of pirated macOS applications that have been modified to communicate to attacker infrastructure. The research states "These applications are being hosted on Chinese pirating websites in order to gain victims." The discovery marks new and advanced malware, similar to the ZuRu malware, first discovered by Objective-See in 2021 within the iTerm2 application. The research can be found here: Jamf Threat Labs discovers new malware embedded in pirated applications Learn more about your ad choices. Visit megaphone.fm/adchoices

Jaron Bradley from Jamf Threat Labs is sharing their work on "Jamf Threat Labs discovers new malware embedded in pirated applications." Jamf Threat Labs has detected a series of pirated macOS applications that have been modified to communicate to attacker infrastructure. The research states "These applications are being hosted on Chinese pirating websites in order to gain victims." The discovery marks new and advanced malware, similar to the ZuRu malware, first discovered by Objective-See in 2021 within the iTerm2 application. The research can be found here: Jamf Threat Labs discovers new malware embedded in pirated applications Learn more about your ad choices. Visit megaphone.fm/adchoices

Tweet  【関連記事】 ・Objective-See ・「ニトリアプリ」への不正アクセスによる個[...]

Some deeper articles this month, but I am sure we will manage.Here are this week's links:Writing Effective Software Development Notes for Future YouHow I Prepare Presentations and Workshops | Bas' BlogEXC_BAD_ACCESS crash error: Understanding and solving it - SwiftLeeAnalysis of CVE-2021-30860 - Objective-See's BlogSolving CPU Usage Crashes with Xcode's Energy OrganizerMultipeer Connectivity TutorialProgrammatic navigation in SwiftUI | Swift by SundellDonny Wals on TwitterPlease rate me on Apple Podcasts.Send me feedback on SpeakPipeOr contact me through twitterNewsletter, sign up!My book: Being a Lead Software DeveloperLead Software Developer Learn best practices for being a great lead software developer. Support the show (https://pod.fan/appforce1)

This week, we kick off the show with a technical segment, all about working with OpenVAS! Next up, we welcome Patrick Wardle, founder of Objective-See, to talk Trends in Mac Malware and Apple Security!! In the Security News: Some describe T-Mobile security as not good, if kids steal bitcoin just sue the parents, newsflash: unpatched vulnerabilities are exploited, insiders planting malware, LEDs can spy on you, hacking infusion pumps, PRISM variants, 1Password vulnerabilities, plugging in a mouse gives you admin,& more!   Show Notes: https://securityweekly.com/psw708 Visit https://www.securityweekly.com/psw for all the latest episodes!   Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, we kick off the show with a technical segment, all about working with OpenVAS! Next up, we welcome Patrick Wardle, founder of Objective-See, to talk Trends in Mac Malware and Apple Security!! In the Security News: Some describe T-Mobile security as not good, if kids steal bitcoin just sue the parents, newsflash: unpatched vulnerabilities are exploited, insiders planting malware, LEDs can spy on you, hacking infusion pumps, PRISM variants, 1Password vulnerabilities, plugging in a mouse gives you admin,& more!   Show Notes: https://securityweekly.com/psw708 Visit https://www.securityweekly.com/psw for all the latest episodes!   Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

For the 200th episode of the Intego Mac Podcast, we welcome independent security researcher Patrick Wardle, who shares tales of finding bugs and vulnerabilities on the iPhone and Mac. Show Notes: Objective-See Objective by the Sea Intego Mac Premium Bundle X9 is the ultimate protection and utility suite for your Mac. Download a free trial now at intego.com, and use this link for a special discount when you're ready to buy.

The first two pieces of malware for the first Apple Silicon processor - the M1 - have been spotted. The first, GoSearch22, was found by Mac security expert Patrick Wardle. He stops by to talk about that one, about the other piece of malware - Silver Sparrow, and the future of malware on Apple Silicon. All of that on episode 220 of The Checklist, brought to you by SecureMac.   Keep up with Patrick on his website: Objective-See.com Don't forget to check out our show notes:  SecureMac.com/Checklist And get in touch with us: Checklist@Securemac.com

Recorded 7th July 2020 Nick, Jim and Simon are joined by Son Nguyen Kim of SimpleLogin.io to talk about his service (which allows you to create disposable email aliases for many purposes) and later take a look at some stories from the week. GIVEAWAYS & OFFERS Glenn Fleishman's Working From Home book is completely FREE and can be downloaded here and now he has also released Take Control of Zoom and Take Control of Slack too. Steve at Geeks Corner has restarted his podcast which is a 5-15 min show of his thoughts on tech. Also keep an eye on his site or follow him on Twitter @GeekCorner_uk to watch for regular giveaways. Why not come and join the Slack community? You can now just click on this Slackroom Link to sign up and join in the chatter! Slacker @MacJim has a family friendly Flickr group for listeners to share photos because the Darkroom channel in the Slack has become so popular - if you're interested head over to to the Essential Apple Flickr and request an invitation. On this week's show: SON NGUYEN KIM Creator of Simple Login @simple_login on Twitter SimpleLogin on Reddit SimpleLogin code on Github JAMES ORMISTON In charge of the Essential Apple Flickr Also on Flickr as thesrpspaintshop Has videos on Vimeo NICK RILEY @spligosh on Twitter very occasionally. Sometimes appears on Bart Busschots' Let's Talk Apple APPLE PSA: Don't Install macOS Big Sur on the Same APFS Container as Older Versions – The Mac Observer Apple's A12Z Bionic GPU Running macOS 11 Through Rosetta 2 Beats Both Ryzen 5 4500U, Core i7-1065G7 iGPUs in OpenCL Test – Wccftech App Library for iOS 14 allows hiding of 3rd party apps as well as Apple ones and whole pages... TECHNOLOGY Microsoft OneDrive updates include 100GB file size boost, dark mode, new admin controls – ZDNet Most Americans Are At Great Risk of Losing Their Computer Data – Backblaze SECURITY & PRIVACY Police bust organized crime networks linked to special Android smartphones – Input Mag @Robrait says: “This is an incredible story that shows the true value of co-operation between international police forces. The French managed to decrypt the system and passed details of several million messages to their colleagues all over the world. In the UK they have, apparently, recovered over £20 million in cash, loads of guns and other weapons, huge quantities of drugs and, most importantly, managed to nail the Mr (and Mrs) Big types who run the crime syndicates who normally manage to keep their noses clean whilst their minions get caught.” @Dougee says: “The EncroChat phones were a really good device. They are based on a customized OnePlus X device and later transitioned to BQ Aquarius device.It worked by changing the Android Recovery partition with a heavily modified OS.The cool thing was when it first boots it looks like it was wiped. They have been a royal pain the butt for us for quite awhile.” TikTok and others revealed to be Clipboard scraping by iOS 14... Which Apps Spy on the iOS Clipboard? – Mac Observer New Mac ransomware spreading through piracy – Malwarebytes This is a good write up from ObjectiveSee about Mac Ransomeware. It also features 'Suspicious Package' a really good app for looking at the contents of packages on Mac, I have been using it for a while now. {Objective See](https://objective-see.com/blog/blog_0x59.html) WORTH A CHIRP / ESSENTIAL TIPS Pocket Earth App – Offline Maps & Travel Guides for iPhone & iPad I wish I'd found this iPhone accessory years ago – ZDNet This one is for Mark!! *‎*Adobe Fill & Sign－Form Filler Handoff shared clipboard - shared clipboard usually works for me but you have to be quick as the ability to handoff the clipboard only lasts 30 seconds - for security I guess JUST A SNIPPET For things that are not worth more than a flypast Some are thinking that Apple's iPhone MacBook-Like Accessory has a chance of coming to market because of what transpired at WWDC20 – Patently Apple iPhone 13 could morph into a MacBook — literally – Tom's Guide NEMO'S HARDWARE STORE (33:52) ATH-ANC300TW QuietPoint Wireless Active Noise-Cancelling In-Ear Headphones from Audio-Technica ($229 US Direct) Amazon $229 US I did find them on the UK store but via a third party for over £330 UK - buy direct or via Amazon US! Essential Apple Recommended Services: Pixel Privacy – a fabulous resource full of excellent articles and advice on how to protect yourself online. Doug.ee Blog for Andy J's security tips. Ghostery – protect yourself from trackers, scripts and ads while browsing. Simple Login – Email anonymisation and disposable emails for login/registering with 33mail.com – Never give out your real email address online again. AnonAddy – Disposable email addresses Sudo – get up to 9 “avatars” with email addresses, phone numbers and more to mask your online identity. Free for the first year and priced from $0.99 US / £2.50 UK per month thereafter... You get to keep 2 free avatars though. ProtonMail – end to end encrypted, open source, based in Switzerland. Prices start from FREE... what more can you ask? ProtonVPN – a VPN to go with it perhaps? Prices also starting from nothing! Comparitech DNS Leak Test – simple to use and understand VPN leak test. Fake Name Generator – so much more than names! Create whole identities (for free) with all the information you could ever need. Wire – free for personal use, open source and end to end encryted messenger and VoIP. Pinecast – a fabulous podcast hosting service with costs that start from nothing. Essential Apple is not affiliated with or paid to promote any of these services... We recommend services that we use ourselves and feel are either unique or outstanding in their field, or in some cases are just the best value for money in our opinion. Social Media and Slack You can follow us on: Twitter / Slack / EssentialApple.com / Spotify / Soundcloud / YouTube / Facebook / Pinecast Also a big SHOUT OUT to the members of the Slack room without whom we wouldn't have half the stories we actually do – we thank you all for your contributions and engagement. You can always help us out with a few pennies by using our Amazon Affiliate Link so we get a tiny kickback on anything you buy after using it. If you really like the show that much and would like to make a regular donation then please consider joining our Patreon or using the Pinecast Tips Jar (which accepts one off or regular donations) And a HUGE thank you to the patrons who already do. Support The Essential Apple Podcast by contributing to their Tip Jar: https://tips.pinecast.com/jar/essential-apple-show This podcast is powered by Pinecast.

Daniël Verlaan en Huib Modderkolk zijn journalisten voor respectievelijk RTL Nieuws en de Volkskrant. Door hun interesse in technologie duiken zij diep in wraakprononetwerken, kindermisbruikforums en het werk van geheime diensten. Dat hun werk heel belangrijk is bewijzen de prijzen die zij de afgelopen jaren wonnen. De tegels vlogen Daniël en Huib om de oren.In deze aflevering staan wij stil bij het belang van (tech)journalistiek en wat een goede journalist voor de maatschappij kan betekenen. Randal krijgt de schrik van zijn leven als zoonlief plots naast hem blijkt te staan en is inmiddels ver gevorderd in de luisterboekversie van ‘Het is oorlog maar niemand die het ziet‘.Tijdschema0:00:00 Bloemschikken0:02:34 Voorstelrondje0:04:35 Luisterboeken0:10:16 Goede journalistiek lijkt heel makkelijk0:15:39 Dat zinnetje dat veel werk kost0:19:16 De schrik van je leven0:20:36 Infectieradar en apps van de overheid0:30:14 Tech-journalistiek in deze tijden0:42:41 Wat is nou journalistiek?1:00:32 Tunnelvisie tijdens onderzoek1:16:12 Vragen van de luisteraars1:46:29 Tips1:56:10 AfkondigingTIPSDaniël VerlaanSecurity software van Objective See van Patrick WardleTerrace House op NetflixNEXSTAND K2 voor computers op ooghoogteHuib ModderkolkKoud douchen (en dan niet laf)MaartenDeep Sea Adventure

The Register: “La seguridad de iOS está jodida", dice Zerodium, el broker de exploits y desploma los precios para los exploits de Apple. ¿Quien es Zerodium? Según su página web: ZERODIUM es la plataforma de adquisición de exploits líder en el mundo para premium 0 Days y capacidades avanzadas de ciberseguridad. Pagamos GRANDES recompensas a los investigadores de seguridad para adquirir sus 0 days sin reportar. Mientras que la mayoría de los programas de recompensas existentes aceptan casi cualquier tipo de vulnerabilidades y PoC, pagan recompensas muy bajas, en ZERODIUM nos enfocamos en vulnerabilidades de alto riesgo con exploits completamente funcionales y pagamos las recompensas más altas (hasta $ 2,500,000 por cada uno “movil”). Hace 5 años, Zerodium ofrecia 1M de dólares por ciertos exploits para dispositivos Apple, pero ahora la compañía ha anunciado que no pagará por exploits nuevos debido a la enorme cantidad que está recibiendo. Via Twitter la compañía dijo que no aceptará nuevos exploits tipo Escalamiento de Privilegios Local, Ejecución de Código Remota en Safari, sandbox escapes durante los próximos 3 meses. También dijo “Los precios para los exploits en cadena con un click vía Safari sin persistencia, por ejemplo, probablemente también bajen de precio”. https://zerodium.com/program.html#changelog. iOS 13 ha sido muy defectuoso, tanto que Craig Federighi, vicepresidente senior de ingeniería de software de Apple, tuvo que revisar el proceso de pruebas de software. Por otro lado Patrick Wardle, fundador de Objective-See, dijo que la supuesta sobreoferta de vulnerabilidades también puede ser una consecuencia de la actual crisis de salud global. "Es probable que haya muchos hackers atrapados en casa con tiempo extra en sus manos, o tal vez que han perdido sus trabajos o están en una situación financiera difícil, como lo es una gran parte de la población" “Agrega tiempo y motivación financiera, y obtendrás más bugs.” Pero cómo utilizan esos exploits para comprometer un teléfono iOS. Este es un ejemplo de LightSpy, un “full remote iOS exploit chain (Exploit remoto en cadena, es decir, si el primero es exitoso, el segundo puede ejecutarse y así...)“ que ataca a usuarios en Hong Kong y le permite a los atacantes una vigilancia profunda y un control total sobre los dispositivos iOS infectados. Esta actividad se detectó durante el pasado Enero. Actividad: Los atacantes escriben un post muy atractivo en un foro que atrae la atención de las víctimas “Watering hole attack”. Al darle clic al link dentro del post son redirigidos a un sitio infectado y bajo control de los atacantes. Cuando la página carga en el navegador del usuario, la página carga un iFrame que carga otra página en el background, la cual ejecuta código malicioso que explota una vulnerabilidad de “Ejecución de Código Remoto” en el navegador, La “Ejecución de Código Remoto” permite ejecutar códigos dentro del dispositivo que permite la ejecución del exploit para tomar el control total del dispositivo. Dentro del proceso del “exploit” se ejecuta una otro código que permite elevar los privilegios “Local Privilege Escalation”, en resumen te permite saltar de un nivel usuario a un nivel administrador. Ya con premisos de administrador en el dispositivo, se descarga un malware (en este caso un troyano), lo instala y lo ejecuta. Ya que este troyano ya está siendo ejecutado con privilegios de administrador, puede tomar el control total o parcial del dispositivo.

Michael Barber of Brigham Young Univ on pandemic politics. Levi Hanssen of Visit Faroe Islands on virtual tourism. Dan Thompson of Stanford Univ on vote by mail. Patrick Wardle of Jamf and Objective-See on Zoom. Michele Hlavsa of the US Centers for Disease Control and Prevention on pool pathogens.Kip Ioane of Willamette Univ’s Men’s basketball team on healthy masculinity.

Check out Objective-See: https://objective-see.com/Objective-See Twitter: https://twitter.com/objective_seeObjective-See Patreon: https://www.patreon.com/objective_seeWhile In Russia: Patrick's RSA talk on hacking journalists - Patrick's Twitter: https://twitter.com/patrickwardle This podcast is brought to you by Varonis, if you'd like to learn more check out the Cyber Attack Lab at https://www.varonis.com/cyber-workshop/

Recorded 19th November 2019 I's a dunce and did a show with Guy and Nick, but forgot to check it was recording. Sorry about that - instead you just get me mulling over what we discussed. Apple effectively soft launched the recently rumoured 16“ MacBook Pro, with a ”new“ scissor switch keyboard, and some pretty impressive specs. A strange story emerged alleging to reveal Apple's AR/VR Headset and Smart Glasses roadmap. FIDO2 support is coming to iOS 13.3. Apple Pay is growing fast, but Apple News+ isn't, Apple are fixing an Apple Mail problem that means your mail wasn't quite as encrypted as we thought, and a few other musings. GIVEAWAYS & OFFERS Listeners of this show can claim $10 off purchases of Luminar and/or Aurora HD 2019 use the coupon code EssentialApple at checkout for your extra discount! Get Donny Yankellow's 2FunDads iMessage stickers for FREE Why not come and join the Slack community? You can now just click on this Slackroom Link to sign up and join in the chatter! Slacker @MacJim has a family friendly Flickr group for listeners to share photos because the Darkroom channel in the Slack has become so popular - if you're interested head over to to the Essential Apple Flickr and request an invitation. On this week's show: APPLE Apple's MacBook Pro Gets an All-New Keyboard – Wired Apple News+ failing to attract new subscribers after March launch, report says – 9to5 Mac Safari Supports NFC, USB, and Lightning FIDO2-Compliant Security Keys in iOS 13.3 – Mac Rumors Apple Eyes 2022 Release for AR Headset, 2023 for Glasses – The Information Apple is fixing encrypted email on macOS because it's not quite as encrypted as we thought – The Verge TECHNOLOGY Google Is Finally Rolling Out its Own RCS in the US – Wired Microsoft is killing off its Cortana app for iOS and Android in January – The Verge WORTH A CHIRP / ESSENTIAL TIPS I'm still using my one of these Braided Leather Lightning Charge Bracelet LuLu from Objective-See is still on my Mac and does what I want – LuLu LastPass is a great password manager and a good supplement to KeyChain – Last Pass JUST A SNIPPET For things that are not worth more than a flypast How airships could return to our crowded skies – BBC Future NEMO'S HARDWARE STORE (17:44) Interview Kristian Rauhala of H2O Audio Essential Apple Recommended Services: Ghostery – protect yourself from trackers, scripts and ads while browsing. 33mail.com – Never give out your real email address online again. Sudo – Get up to 9 “avatars” with email addresses, phone numbers and more to mask your online identity. Free for the first year and priced from $0.99 US / £2.50 UK per month thereafter... ProtonMail – End to end encrypted, open source, based in Switzerland. Prices start from FREE... what more can you ask? ProtonVPN – a VPN to go with it perhaps? Prices also starting from nothing! Fake Name Generator – So much more than names! Create whole identities (for free) with all the information you could ever need. Wire – Free for personal use, open source and end to end encryted messenger and VoIP. Pinecast – a fabulous podcast hosting service with costs that start from nothing. Essential Apple is not affiliated with or paid to promote any of these services... We recommend services that we use ourselves and feel are either unique or outstanding in their field, or in some cases are just the best value for money in our opinion. Social Media and Slack You can follow us on: Twitter / Slack / EssentialApple.com / Spotify / Soundcloud / YouTube / Facebook / Pinecast Also a big SHOUT OUT to the members of the Slack room without whom we wouldn't have half the stories we actually do – we thank you all for your contributions and engagement. You can always help us out with a few pennies by using our Amazon Affiliate Link so we get a tiny kickback on anything you buy after using it. If you really like the show that much and would like to make a regular donation then please consider joining our Patreon or using the Pinecast Tips Jar (which accepts one off or regular donations) And a HUGE thank you to the patrons who already do. Support The Essential Apple Podcast by contributing to their Tip Jar: https://tips.pinecast.com/jar/essential-apple-show This podcast is powered by Pinecast.

W3C & WHATWG se dogovorili da spasu web. :p Interesantan novi startup Vladimira Prelovca: kagi.ai Apple zakrpio bug iz 1999 :p Alek pomenuo Objective-See konferenciju. VPN Unlimited nudi VPN servere i u Srbiji. Kao i ExpressVPN Izašao Soulver 3 for Mac. WWDC 2019 WWDC bio i prošao, jedan od najinteresantnijih u poslednje vreme. Tidbits ima detaljan pregled svih novosti. MacRumors tradicionalno pravi supercut svih novina u nekoliko minuta. MacStories ima gomilu postova i pregleda: iPadOS, iOS 13, watchOS 6. tvOS 13 ima multi-user podršku, yay! Apple vrhuška je bila vredna i gostovala po podcastima levo i desno. Voice Control je čudesan. Sitnice Miloš Mileusnić o decimalnim zarezima i tačkama. :) Konačno je moguće promeniti wi-fi mrežu iz Control Centra. Optimizovano punjenje baterije u iOS 13. Podrška za miša je dodata, ali u Accessibility delu. Zabavno će to biti. macOS Catalina menja default shell u zsh. Takođe ima i zaseban zoom za svaki monitor. Siri Shortcuts značajno napredao po pitanju programiranja. Safari će sada moći da napravi PDF kompletne strane. watchOS 6 ima kalendar app i James Thompson to nalazi primereno zabavnim. Security & Privacy U aplikacijama namenjenim deci, Apple App Review sada zabranjuje upotrebu 3rd-party monitoringa. Parental control apps sa MDM pristupom će opet pustiti na App Store. App Review guidelines su ažurirane izmenama koje to dozvoljavaju. Pazi samo ko će prvi da se uhvati u mrežu :p Novi Find my servis je vrlo ambiciozno zamišljen. Matthew Green analizira tu priču. Anastasiia Voitova breaks down the major security and privacy announcements from WWDC. Mac Pro Zveeeerrr. Panzarino iz demo sobe. Jabučnjak o novom Mac Pro & Dispay XDR Samo procesori u novom Mac Pro-u koštaju 4-5k dolara. Konkurencija izuva sa cenama. Ekvivalentni PC računari. Lik na redditu napisao čudo nekih tehničkih detalja o Pro Display XDR. Za programere SwiftUI, Combine su potpuno nove i ne baš očekivane stvar za ovaj WWDC. Razvoj nekih od njih je počeo i pre pojave samog Swifta. Catalyst framework. Apps kreirane sa njim neće biti forsirane kroz Mac App Store. Apple ljudi svakako preporučuju SwiftUI za buduće Mac apps, ne Catalyst. Zahvalnice Snimljeno 11.06.2019. Uvodna muzika by Vladimir Tošić, stari sajt je ovde. Logotip by Aleksandra Ilić Artwork epizode Eholokacija / Echolocation 68 x 47 cm ulje / oil on canvas 2014. by Saša Montiljo, njegov kutak na Devianartu.

Dennis Fisher sits down with Mac security researcher Patrick Wardle to talk about his entry into entry, his development of the Objective See suite of Mac security tools, the state of Mac malware and his Objective By the Sea conference.

Should you cover your webcam? Is anti-virus software worth the money? How do you know if you’ve been hacked? How do you know what software you can trust? We’ll cover all of these topics and more with Patrick Wardle, a computer security expert and ex-NSA hacker. While Patrick’s focus is Mac security, we also discuss PCs and mobile devices, and much more! Patrick Wardle is the Chief Research Officer at Digita Security and founder of Objective-See. Having worked at NASA and the NSA, and as well as presented at countless security conferences, he is intimately familiar with aliens, spies, and talking nerdy. Patrick is passionate about all things related to macOS security and thus spends his days finding Apple 0days, analyzing macOS malware and writing free open-source security tools to protect Mac users. For Further Insight: Website: https://objective-see.com/ Twitter URL: https://twitter.com/patrickwardle Optional guest headshot: https://2016.zeronights.org/wp-content/uploads/2016/09/Patrick_Wardle.jpeg Support Patrick! https://www.patreon.com/objective_see Help me to help you! Visit: https://patreon.com/FirewallsDontStopDragons

SYNOPSIS: David Acland of MacADUK gives us the brief preview of MacADUK for 2018, followed by Patrick Wardle of Objective-See and Digita joining the pod to talk about Mac and iOS security, the state of admin tools for security, and the very best TI-83 Calculator games. YOUR HOSTS: Tom Bridge, Partner at Technolutionary LLC [@tbridge] Pepijn Bruienne, R&D Engineer at Duo Security [@bruienne], Proprietor of EnterpriseMac.Bruienne.com Charles Edge, Director of Marketplace at Jamf, [@cedge318] Dr. Emily Kausalik, IT Systems Engineer at The Home Depot [@emilyooo] GUESTS: Patrick Wardle, Chief Research Officer at Digita, Creator at Objective-See David Acland, MacADUK Conference LISTEN! LINKS & NOTES Digita Security Block Block by Objective-See KnockKnock by Objective-See RansomWhere? by Objective-See Objective-See Security Tools Patrick Wardle’s Patreon Digita Security Products TI-83 Calculator Games Mac Admins & Developers Conference, UK MacADUK Speakers Moof-IT Dogcow Technote 31 COMMUNITY CALENDAR, SPONSORED BY WATCHMAN MONITORING Conference Sites ​ Mac AD UK in Leicester Square, February 20-21, 2018 Brainstorm Wisconsin March 4-6, 2018 Brainstorm Sandusky May 6-8, 2018 MacDevOps YVR in Vancouver, June 7-8, 2018 X World in Sydney Australia, June 27-29, 2018 Penn State University Mac Admins in State College, PA July 10th-13th Meetups Mac Admin Monthly will meet at Google in New York City at 4:30pm on Tuesday February 13th. Philadelphia Mac Admins will meet on February 15th at the Walnut Street Apple Store at 6:30pm Seattle Apple Admins will meet on February 15th at Splunk’s Seattle Offices at 6pm. Atlanta Apple Admins will meet on February 15 at Brass Tap in Atlanta Utah Mac Admins will meet on February 21st at Marriott Library on the campus of the University of Utah at 11am. MacAdminsPDX will meet at Lithium Portland on SW 6th Avenue on Thursday Feb 22nd, 2018 at 6pm. MacDMV will meet at TEKsystems in Bethesda, Maryland on February 28th at 6:30pm. MacDeployment Meetup will meet at 1025 10 St SE, in Calgary, Alberta on February 28 2018 at 6:30pm East Midlands Mac Admins will meet in Nottingham at Jigsaw24 at 1900 on March 14th. RATE US ON ITUNES! Give Us Five Stars! SPONSOR MAC ADMINS PODCAST! If you’re interested in sponsoring the Mac Admins Podcast, please email podcast@macadmins.org for more information. SOCIAL MEDIA Get the latest about the Mac Admins Podcast, follow us on Twitter! We’re @MacAdmPodcast!

Materials Available here: https://media.defcon.org/DEF%20CON%2023/DEF%20CON%2023%20presentations/DEFCON-23-Patrick-Wardle-DLL-Hijacking-on-OSX-UPDATED.pdf 'DLL Hijacking' on OS X? #@%& Yeah! Patrick Wardle, Director of R&D, Synack Remember DLL hijacking on Windows? Well, turns out that OS X is fundamentally vulnerable to a similar attack (independent of the user's environment). By abusing various 'features' and undocumented aspects of OS X's dynamic loader, this talk will reveal how attackers need only to plant specially-crafted dynamic libraries to have their malicious code automatically loaded into vulnerable applications. Through this attack, adversaries can perform a wide range of malicious actions, including stealthy persistence, process injection, security software circumvention, and even 'remote' infection. So come watch as applications fall, Gatekeeper crumbles (allowing downloaded unsigned code to execute), and 'hijacker malware' arises - capable of bypassing all top security and anti-virus products! And since "sharing is caring" leave with code and tools that can automatically uncover vulnerable binaries, generate compatible hijacker libraries, or detect if you've been hijacked. Patrick Wardle is the Director of Research at Synack, where he leads cyber R&D efforts. Having worked at NASA, the NSA, and Vulnerability Research Labs (VRL), he is intimately familiar with aliens, spies, and talking nerdy. Currently, Patrick’s focus is on automated vulnerability discovery, and the emerging threats of OS X and mobile malware. In his personal time, Patrick collects OS X malware and writes OS X security tools. Both can be found on his website Objective-See.com

Materials Available here:https://media.defcon.org/DEF%20CON%2023/DEF%20CON%2023%20presentations/DEFCON-23-Patrick-Wardle-Stick-that-in-your-(Root)Pipe-and-Smoke-it-UPDATED.pdf Stick That In Your (root)Pipe & Smoke It Patrick Wardle Director of R&D, Synack You may ask; "why would Apple add an XPC service that can create setuid files anywhere on the system - and then blindly allow any local user to leverage this service?" Honestly, I have no idea! The undocumented 'writeconfig' XPC service was recently uncovered by Emil Kvarnhammar, who determined its lax controls could be abused to escalate one's privileges to root. Dubbed ‘rootpipe,' this bug was patched in OS X 10.10.3. End of story, right? Nope, instead things then got quite interesting. First, Apple decided to leave older versions of OS X un-patched. Then, an astute researcher discovered that the OSX/XSLCmd malware which pre-dated the disclosure, exploited this same vulnerability as a 0day! Finally, yours truly, found a simple way to side-step Apple's patch to re-exploit the core vulnerability on a fully-patched system. So come attend (but maybe leave your MacBooks at home), as we dive into the technical details XPC and the rootpipe vulnerability, explore how malware exploited this flaw, and then fully detail the process of completely bypassing Apple's patch. The talk will conclude by examining Apple’s response, a second patch, that appears to squash ‘rootpipe’…for now. Patrick Wardle is the Director of Research at Synack, where he leads cyber R&D efforts. Having worked at NASA, the NSA, and Vulnerability Research Labs (VRL), he is intimately familiar with aliens, spies, and talking nerdy. Currently, Patrick’s focus is on automated vulnerability discovery, and the emerging threats of OS X and mobile malware. In his personal time, Patrick collects OS X malware and writes OS X security tools. Both can be found on his website Objective-See.com