Speakers: Apple Education
Level: Presentation
Excerpt: Coming Soon
Description:TBD
About the speaker
Apple Education
Note: Sessions by Apple Education will not be recorded.
A presentation 2
Speakers: Apple Education
Level: Presentation
Excerpt: Coming Soon
Description:TBD
About the speaker
Apple Education
Note: Sessions by Apple Education will not be recorded.
Posted in MacAdmins 2022 Sessions
Comments Off on A presentation 2
What’s New for IT
Speakers: Apple Education
Level: Presentation
Excerpt: Coming Soon
Description: TBD
About the speaker
Apple Education
Note: Sessions by Apple Education will not be recorded.
Posted in MacAdmins 2022 Sessions
Comments Off on What’s New for IT
Abusing scripts in apps on macOS
Speakers: Thomas Reed
Level: Presentation
Excerpt: Many apps on macOS include a wide variety of script files as “helpers.” These scripts can often be abused, for purposes like persistence, root privilege escalation, and more. We will explore this in depth through the example of a piece of vulnerable software I wrote years ago, and talk about other cases as an illustration of how common this is. Important takeaways are understanding a potentially dangerous technique attackers could use and how to mitigate such issues in your own software.
Description: We will start with a look at a piece of security software I wrote when I was relatively new to security (AdwareMedic). We’ll explore a particularly questionable design decision – use of AppleScript “helpers” for certain tasks – and see how this could be used for root privilege escalation.
Next, we’ll review examples of modern apps that include a variety of different scripts, and discuss ways they could potentially be abused, and how. In some cases, the way the scripts are used would not lend itself to particularly useful exploitation, while others have the potential to be more dangerous.
To prove that this isn’t all just theoretical, we’ll take a look at real-world cases where malware or adware has actually done these things, or similar things. One example is an adware variant that was known to modify a script inside a copy of the Safari app in order to get a Safari extension installed without user action.
Finally, we’ll take a look at potential mitigations that can let you spot these kinds of activities, as well as prevent them from happening with your own software..
About the speaker
Thomas Reed
Had a Mac before it was cool to have Macs. Self-trained Apple security expert. Amateur photographer.
Posted in MacAdmins 2022 Sessions
Comments Off on Abusing scripts in apps on macOS
Top 5 ways to Improve your Apple end user experience in M365/AAAD
Speakers: Mark Morowczynski
Level: Presentation
Excerpt: Apple platforms out of the box will integrate with M365 but not at the quality end user experience many have come to expect. However, with recent additions and best practices, the user experience on the Apple platforms can be greatly improved. Additionally, this also has the benefit of improving your security posture.
In this session, we’ll do a deep dive on how to reduce authentication prompts on the Apple platforms, best practices in integrating device identity with M365/AAD, and Azure AD Conditional Access Do’s and Dont’s for your identity and access management teams.
Description: We are from the Microsoft identity product group responsible for Active Directory and Azure Active Directory. We’ve noticed many customers struggle to deliver a good end user experience to their Apple Platforms. There are various ways to do this, but many customers are simply unaware of recommended configurations and best practices. We’ve also observed in the MacAdmins slack, where members try to determine why their end users are feeling so much pain when accessing M365 resources. This will be a deeply technical session that focuses not only on what can be done to improve this experience, but how the underlying Microsoft and Apple technologies can work better together. .
About the speaker
Mark Morowczynski
Mark Morowczynski (@markmorow) is a Principal Program Manager on the customer success team in the Microsoft Identity division. He spends most of his time working with customers on their deployments of Azure Active Directory. Previously he was Premier Field Engineer supporting Active Directory, Active Directory Federation Services and Windows Client performance. He was also one of the founders of the AskPFEPlat blog. He’s spoken at various industry events such as Black Hat, Defcon Blue Team Village, Blue Team Con, GrayHat, several BSides, Microsoft Ignite, Microsoft Inspire, Microsoft MVP Summits, The Experts Conference (TEC), The Cloud Identity Summit, SANs Security Summits and TechMentor. He can be frequently found on Twitter as @markmorow arguing about baseball and making sometimes funny gifs.
Posted in MacAdmins 2022 Sessions
Comments Off on Top 5 ways to Improve your Apple end user experience in M365/AAAD