MacOS Security threats.
2019-05-16, 16:00–16:40, Main Hall

Small talk about latest MacOS malware. Security patches and they issues. Examples both with well known malware samples, and with samples from own experience. This speech is like a brunch about how your Mac becomes exploited, with real cases of malware, known vulnerabilities and self-made PoC.

Mojave security updates.
Updates released by Apple with MacOS Mojave (10.14).
Bypassing of Safari trusted source installation.
Code-signing flaws
Bypassing gatekeeper protection.
App Store
Malware Cases
Safari Extensions
Common malicious extension techniques.
Issues in source code of MacOS (Available on apple website)
Historical CVE's for MacOS