Persistence on macOS: BSides Orlando 2023

Talks
Year 2023
Platform macOS
Focus System Security, Malware Analysis
Categories Talks

About the Talk

Presented for BSides Oralndo 2023, this in-depth talk offers a deep dive into code persistence techniques on macOS. It includes a crash course on macOS for beginners, the advantages of persistence, and detailed exploration of various persistence methods. The presentation culminates with a demo where a piece of malware from 2018 is revived, demonstrating persistence in action on modern Macs.

Attendees were challenged to reverse-engineer the malware and extract the root flag for a prize. As part of this challenge, I was the CTF Lead for the event hosting SunShineCTF from the Lockheed Martin Cyber Lab.

image
image
image

Key Takeaways

A comprehensive understanding of macOS persistence techniques, including:

  • Comparative analysis of macOS to other operating systems.
  • Practical persistence techniques and their application.
  • In-depth discussion on macOS security measures and how to navigate them.
  • Live demo of reviving and mitigating malware.
  • Get Demo Materials
Next Project Kickstart Security: macOS Mojave
© 2023 Andrew Vanderbilt. All rights reserved
Developed by Andrew with ❤️