Bringing process injection into view(s): exploiting all macOS apps using nib files
Tags
cmtmf-attack-pattern: Native Code Process Injection
attack-pattern: Data Model Applescript - T1059.002 Electron Applications - T1218.015 Exploits - T1587.004 Exploits - T1588.005 Javascript - T1059.007 Process Injection - T1631 Python - T1059.006 Software - T1592.002 Applescript - T1155 Process Injection - T1055 Scripting - T1064 Scripting
Show in Graph
Common Information
Type Value
UUID b60c600a-37e8-4c6a-8738-bbafeac165d3
Fingerprint ac281b302eb59c89
Analysis status DONE
Considered CTI value 1
Text language
Published April 5, 2024, midnight
Added to db Aug. 31, 2024, 8:09 a.m.
Last updated Nov. 17, 2024, 5:54 p.m.
Headline Bringing process injection into view(s): exploiting all macOS apps using nib files
Title Bringing process injection into view(s): exploiting all macOS apps using nib files
Detected Hints/Tags/Attributes 60/2/9
Source URLs
Redirection Url
Details Source https://sector7.computest.nl/post/2024-04-bringing-process-injection-into-view-exploiting-all-macos-apps-using-nib-files/
URL Provider
Details Provider Source level domain
Details computest.nl sector7.computest.nl
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 222 Sector 7 https://sector7.computest.nl/index.xml 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 3 
cve-2021-30873
Details CVE 3 
cve-2023-40450
Details Domain 15 
mail.app
Details Domain 4 
system.install.apple
Details Domain 359 
com.apple
Details Domain 7 
assistant.app
Details Domain 77 
apple.com
Details Email 4 
product-security@apple.com
Details File 130 
info.pl