Another year, another MacDevOpsYVR! This year I had the pleasure of talking about common security pitfalls for MacAdmins when it comes to MDM and Mac management as a whole. This year I brought in a new utility, Project Indago, to help demonstrate oversights in MDM enrollments.| Mykola’s blog
Seeing that this year will be OpenCore Legacy Patcher’s 5th anniversary and that there’s some bitter-sweet news to share (more at the end), I thought it’d be a good time to reflect on my time with OpenCore Legacy Patcher.| Mykola’s blog
Had the amazing opportunity to speak at Objective by the Sea v7.0 in Maui, Hawaii! The talk was a look into Apple’s Rapid Security Response system unveiled back at WWDC2022, discussing the design and challenges of the system.| Mykola’s blog
At MacDevOpsYVR 2024, I had the amazing opportunity to talk about Electron security and show off a new open source utility I’ve been working on called Lectricus.| Mykola’s blog
Another fun exploit! This time with local privilege escalation through Apple’s PackageKit.framework when running ZSH-based PKGs 🎉.| Mykola’s blog
Hm seems I might be writing more security blog posts than I expected 🤔. Well anyways, I’m here with another exploit! This time with Jamf Compliance Editor, and local privilege escalation through an unguarded XPC service 🎉| Mykola’s blog
A bit of a tangent from my usual work, but here with a fun one: CVE-2023-44077! A privilege escalation vulnerability in Studio Network Solution’s ShareBrowser application, thanks to unguarded XPC services 🎉.| Mykola’s blog
At BSides Calgary 2023, I got the amazing opportunity to speak for the first time! And for this talk, I chose to talk about macOS patchers, and more specifically how they work and some of the techniques OpenCore Legacy Patcher uses.| Mykola’s blog
With my last post, I briefly mentioned at the end that my next challenge was to figure out whether the usage of custom serial numbers or Automated Device Enrolment (ADE) through the Device Enrolment Program (DEP) was possible on Apple Silicon VMs running macOS. Well today we’ll go over the challenges of getting DEP working, and how iCloud and Custom Kernel Collections all face the same issue.| Mykola’s blog
macOS Internals Deep Dive Building a Development Kernel Collection Configuring our Mac to boot the Development Kernel Collection Putting our machine to work! When did Apple grace us with this feature? Undoing our work for OS updates Closing Thoughts| Mykola’s blog
Another day, another accidental exploit 🥳. This time abusing Parallels Desktop’s trust in macOS installers, gaining local privilege escalation!| Mykola’s blog