Hear directly from the Microsoft Threat Intelligence community as they navigate the evolving threat landscape, uncovering untold stories of APTs, malware, and other weird and cool tools and tactics in the world of cyber threats.| N2K CyberWire
Introduction In 2020 I observed a strange behavior a sandboxed macOS app may launch any application that won’t inherit the main app’s sandbox profile. It was even funnier as the sandboxed app can spawn those new apps with environment variables. I of course reported it to Apple, but I was told that it’s expected behavior. From that time there were at least 2 publicly-disclosed vulnerabilities that exploited the above-mentioned behavior:| wojciechregula.blog