Detecting and Mitigating the GateKeeper User Override on macOS in an Enterprise Environment

For red teamers, social engineering a macOS user into executing an application is a common way to gain code execution on a remote macOS client machine. Apple's development of their macOS built-in security mechanism, GateKeeper, has made this a more difficult task, but not impossible. It is...
Antonio Piazza
November 3, 2022

All papers are copyrighted. No re-posting of papers is permitted