“You’re are not going to buy a car and expect it to fly?” Patrick Wardle, Chief Research Officer at Digita Security and founder of Objective-See, describing why he presented some of his research on MacOS firewall bypasses.
That sort of makes sense. Nobody buys a Mac and expects it to resist attack?
In any case, we all have members of our workforce using Macs for non-trivial business operations. We need to clearly understand the attack surface and Mac’s resistance to attack. P.Wardle provides a little help on that exercise in his BlackHat presentation: “Fire & Ice: Making and Breaking macOS Firewalls.”
Tom Spring has a useful summary of the presentation on ThreatPost: “Black Hat 2018: Patrick Wardle on Breaking and Bypassing MacOS Firewalls.” It is worth a read. There is no reason for me to echo its content here.
REFERENCES:
“Fire & Ice: Making and Breaking macOS Firewalls”
https://www.blackhat.com/us-18/briefings.html#fire-and-ice-making-and-breaking-macos-firewalls
“Black Hat 2018: Patrick Wardle on Breaking and Bypassing MacOS Firewalls” By Tom Spring
Black Hat 2018: Patrick Wardle on Breaking and Bypassing MacOS Firewalls