BEGIN:VCALENDAR
VERSION:2.0
PRODID:Data::ICal 0.24
BEGIN:VEVENT
DESCRIPTION:   'Title: ELECTRONizing macOS privacy - a new weapon in your r
 ed teaming\n   armory\n   When: Saturday\, Aug 12\, 09:00 - 09:20 PDT\n   
 Where: Caesars Forum - Forum - 130-134 - Track 3 - [1]Map\n\n   SpeakerBio
 :Wojciech Reguła \, Principal Security Consultant at\n   SecuRing\n   Woj
 ciech is a Principal Security Specialist working at SecuRing. He\n   speci
 alizes in application security on Apple devices. Wojciech created\n   the 
 iOS Security Suite - an opensource anti-tampering framework.\n   Bugcrowd 
 MVP\, found vulnerabilities in Apple\, Facebook\, Malwarebytes\,\n   Slack
 \, Atlassian\, and others. In free time he runs an infosec blog -\n   [2]h
 ttps://wojciechregula.blog. Shared research on among others Black\n   Hat 
 (Las Vegas\, USA)\, Objective by the Sea (Hawaii\, USA)\, AppSec\n   Globa
 l (Tel Aviv\, Israel)\, AppSec EU (London\, United Kingdom)\,\n   CONFiden
 ce (Cracow\, Poland)\, BSides (Warsaw\, Poland).\n   Twitter: [3]@_r3ggi\n
 \n   Description:\n   MacOS is known for an additional layer of privacy co
 ntrols called TCC\n   - Transparency\, Consent\, and Control (TCC) that re
 stricts access to\n   sensitive personal resources: documents\, camera\, m
 icrophone\, emails\,\n   and more. Granting such access requires authoriza
 tion\, and the\n   mechanism's main design concern was clear user consent.
 \n\n   Despite many vulnerabilities in that mechanism found in the past\,\
 n   using 0-days during red teaming engagements is impractical. Apple\n   
 fixes TCC vulnerabilities but red teams still have to get access to\n   fi
 les saved on the victim’s desktop or be able take a screenshot.\n\n   Wh
 at if I tell you that there are many open doors to resolve all the\n   TCC
  problems that are already installed on your target machines?!\n   Electro
 n apps are everywhere. And you probably heard the joke that:\n   ‘S’ i
 n Electron stands for security.\n\n   In this talk I will share a new tool
  that\, by abusing Electron default\n   configuration\, allows executing c
 ode in the context of those Electron\n   apps and thus inherit their TCC p
 ermissions.\n\n   The audience will leave with a solid understanding of th
 e macOS\n   privacy restrictions framework (TCC) and its weaknesses. The p
 art of\n   the audience interested in macOS red teaming will also get to k
 now my\n   new\, free and open source tool. Blue teams on the stage will a
 lso see\n   some ideas regarding detections.\n\n   '\n\n   1. #CaesarsForu
 mBR\n   2. https://wojciechregula.blog.\n   3. https://twitter.com/_r3ggi\
 n\n\n
DTEND:20230812T162000Z
DTSTART:20230812T160000Z
LOCATION:DC - Caesars Forum - Forum - 130-134 - Track 3
SUMMARY:ELECTRONizing macOS privacy - a new weapon in your red teaming armo
 ry
END:VEVENT
END:VCALENDAR