5. Max K: Hunting for macOS Application Logic Bugs, Logic Not Included!
Вставка
- Опубліковано 7 лис 2024
- In this talk he will cover my experience bug hunting on macOS targets over the month between December 2023 and January 2023 and why things don't seem to be changing. Some of the bugs he plan to cover are Local Privilege Escalation bugs which affect Amazon AWS, Zscaler, Logitech and Netskope products.
In this talk he will cover my experience bug hunting on macOS targets over the month between December 2023 and January 2023 and why things don't seem to be changing. He plan to cover my research journey and how it started when a client approached us to carry out an assessment of the risks introduced by making use of a third-party Zero Trust Network Access client and how he found a handful of zerodays in the product. Some of the bugs he plan to cover are Local Privilege Escalation bugs which affect Amazon AWS, Zscaler, Logitech and Netskope products. He will cover some redacted (hopefully unredacted depending on vendor timelines) walk-throughs of the bugs and the methodology he adhered to for finding them. He plan to cover the IOCs generated during exploitation of these bugs and how defenders can improve visibility into exploitation attempts of previously known and unknown vulnerabilities.
