Blog

By category:
Karol Mazurek

TCC on macOS isn’t just an annoying prompt—it’s the last line of defense between malware and your private data. This article breaks down how TCC works, why third-party developers must take bypass vulnerabilities seriously, and how seemingly minor flaws can open the door to real-world attacks. Written from the perspective of both attacker and defender, it’s a must-read for app developers and security researchers alike.

Karol Mazurek

How broken access and Null Pointer Dereference was found in macOS IOMobileFramebuffer (AppleCLCD2) service.

Karol Mazurek

Technical analysis of NULL Pointer Dereference bugs, mitigations, and exploit development challenges on Apple Silicon macOS.

Karol Mazurek

The article explores Task Injection on macOS, detailing how attackers can acquire task ports, allocate memory, and execute arbitrary code within target processes. It demonstrates shellcode creation, memory management, and execution techniques, while examining macOS security mechanisms like taskgated, Hardened Runtime, and platform binary protections. Debugging and injection scenarios are tested, highlighting potential vulnerabilities and secure practices.

Is your company secure online?

Join our list of satisfied customers and safeguard your company’s data!

Trust us and leave your contact details. Our team will contact you to discuss the details and prepare a tailor-made offer for you. Full discretion and confidentiality of your data are guaranteed.

Willing to ask a question immediately? Visit our Contact page.