“You’re are not going to buy a car and expect it to fly?” Patrick Wardle, Chief Research Officer at Digita Security and founder of Objective-See, describing why he presented some of his research on MacOS firewall bypasses.
That sort of makes sense. Nobody buys a Mac and expects it to resist attack?
In any case, we all have members of our workforce using Macs for non-trivial business operations. We need to clearly understand the attack surface and Mac’s resistance to attack. P.Wardle provides a little help on that exercise in his BlackHat presentation: “Fire & Ice: Making and Breaking macOS Firewalls.”
Tom Spring has a useful summary of the presentation on ThreatPost: “Black Hat 2018: Patrick Wardle on Breaking and Bypassing MacOS Firewalls.” It is worth a read. There is no reason for me to echo its content here.
“Fire & Ice: Making and Breaking macOS Firewalls”
“Black Hat 2018: Patrick Wardle on Breaking and Bypassing MacOS Firewalls” By Tom Spring