While performing red team engagements against a hybrid OSX/Windows environment we were challenged with creating successful maldocs targeting OSX systems with the up to date Microsoft Office Suite, which is protected by the OSX sandbox. After jumping through many hurdles both with VBA version conflicts and sandbox restrictions we successfully created our payload along with a post exploitation process to gather and exfil data from within the sandbox. Adam will share his experience with working with Apple security experts to block these attacks and put protections with a corporate environment. This is a perfect love story of Purple teaming which resulted in creating a more secure environment. Also, the mitigation we will be sharing for these attacks has not been publicly released by anyone including Apple at this point in time.
With over 10 years’ experience in the information technology and cyber security fields, Adam has been recognized as an expert in these areas, strengthening the overall security posture for many organizations including NATO, Hewlett-Packard, Department of the Navy, and more recently, Walmart's Security Operations Center. Over the course of his career, Adam has specialized in development, innovation, and various defensive capabilities.
Daniel Chrastil has over 10 years experience in security ranging from red teaming for the world's largest commercial organization, hacking web and mobile applications, developing and hosting CTFs, and building secure web application environments. Daniel uses his skills from his past life as a web developer and system administrator to develop open source security tools for the security community and is developer for the Empire Framework project.