One of our favorite things about interviewing security researchers is that those who can talk about what they do at places like DEF CON and Black Hat are the good guys. They exploit vulnerabilities and report their findings to vendors so that humanity can stay safer on our devices. If it weren’t for them, the vulnerabilities would likely be uncovered and sold on the black market or used by nation states. So a huge thanks to our guest Thijs Alkemade for his hard work and talk at DEF CON and Black Hat on process injection for Mac apps!

Hosts:

• Tom Bridge - @tbridge777
• Charles Edge - @cedge318

Guests:

• Thijs Alkemade - @xnyhps

Transcript:

Transcription of this episode brought to you by Meter.com

Click here to read the transcript

Links:

• Process injection
• CVE-2021-30873
• How Signing and Privacy Xcode Options For Developers Translate to MacAdmins - krypted
• Process injection: breaking all macOS security layers with a single vulnerability · Sector 7
• Thijs Alkemade (@xnyhps) / Twitter

Sponsors:

• Kandji
• Black Glove
• Mosyle
• Watchman Monitoring

If you're interested in sponsoring the Mac Admins Podcast, please email podcast@macadmins.org for more information.

Get the latest about the Mac Admins Podcast, follow us on Twitter! We're @MacAdmPodcast!

The Mac Admins Podcast has launched a Patreon Campaign! Our named patrons this month include Weldon Dodd, Damien Barrett, Justin Holt, Chad Swarthout, William Smith, Stephen Weinstein, Seb Nash, Dan McLaughlin, Joe Sfarra, Nate Cinal, Jon Brown, Dan Barker, Tim Perfitt, Ashley MacKinlay, Tobias Linder Philippe Daoust, AJ Potrebka, Adam Burg, & Hamlin Krewson