Unless one has been living under an infosec rock, it's common knowledge that macOS is rather insecure. But is it so insecure that critical security bugs inadvertently appear during OS spelunking sessions? Unfortunately yes! In this talk, we'll cumulatively discuss a handful local security vulnerabilities (user & kernel mode) I 'unintentionally' discovered during the last year or so of macOS use. And while some of these bugs are patched and CVE'd, others have yet to be publicly discussed! Specifically, the talk will cover:▪ System Integrity Protection (SIP) bypass (CVE-2017-6974) ▪ Local EoP via authentication 'token' stealing (unpatched/CVE-unassigned)▪ Theft of FileVault unlock key via malicious app (CVE-2017-13837)▪ Extraction of keychain passwords and Secure Kernel Extension Loading (SKEL) bypass (CVE-2017-7150)▪ Kernel bugs ▪ off-by-one panic (silently patched) ▪ heap overflow (silently patched) ▪ info leak (CVE-2017-6987) For each bug, we'll discuss the subsystem, OS component, or security mechanism that was vulnerable as well as how the bug was (inadvertently) found. Of course we'll cover the full technical details of each bug, along with discussions on exploitation and weaponization.Back to Open CFP
We are pleased to announce the Call For Papers for INFILTRATE 2018 is now open. If you would like to present and have an offense-focused-fresh-content presentation, please submit an abstract, Bio and headshot to email@example.com. This information will be included on our Open CFP site, here, where the public can vote on which presentations they are most interested in seeing at INFILTRATE. Call for papers will close on December 14th, 2017. Shortly after this date, the winning speakers will be notified.
Some of the benefits of speaking at INFILTRATE are: