From 57ece56efa0baf495193ad27cd2252804c4dd239 Mon Sep 17 00:00:00 2001 From: filippo-ferrari Date: Sat, 31 Aug 2024 12:25:25 +0200 Subject: [PATCH] docs: talks.json --- data/talks.json | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/data/talks.json b/data/talks.json index 83cfd1c..30d6edf 100644 --- a/data/talks.json +++ b/data/talks.json @@ -782,6 +782,18 @@ "liked": true, "attended": false }, + { + "title": "Demystifying (& Bypassing) macOS's Background Task Management", + "speakers": ["Patrick Wardle"], + "date": "2023-06-12T10:00:00", + "location": "DEFCON31", + "tags": ["apple", "macOS"], + "url": "https://www.youtube.com/watch?v=GOoqEVhvNw8", + "duration": "PT45M", + "description": "To retain a foothold on an infected system, most Mac malware will persist; installing itself in a manner that ensures it will be automatically (re)launched each time the infected system is rebooted. In macOS Ventura, Apple's rearchitected core persistence mechanisms and added a new security mechanism that alerts the user any time an item is persisted. As the former is both undocumented and implemented in a proprietary manner this poses a problem for existing security and forensics tools (that aim to heuristically detect malware via unauthorized persistence events). On the other hand, the latter is problematic to malware authors, who obviously want their malicious creations to persist without an alert being shown to the user.", + "liked": true, + "attended": false + }, { "title": "The D Programming Language for Modern Open Source Development", "speakers": ["Mike Shah"],