Gatekeeping in macOS: Keeping adversaries off our Apples
Tags
Common Information
| Type | Value |
|---|---|
| UUID | e64f31c9-2c57-4106-8709-e0b4d40fefb7 |
| Fingerprint | 9508039eed77be0d |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | April 6, 2023, midnight |
| Added to db | April 7, 2023, 9:29 a.m. |
| Last updated | Nov. 17, 2024, 5:57 p.m. |
| Headline | Gatekeeping in macOS: Keeping adversaries off our Apples |
| Title | Gatekeeping in macOS: Keeping adversaries off our Apples |
| Detected Hints/Tags/Attributes | 64/2/32 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://redcanary.com/blog/gatekeeper/ |
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 360 | ✔ | Red Canary | https://www.redcanary.co/feed/ | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 359 | com.apple |
|
| Details | Domain | 2 | settings.app |
|
| Details | Domain | 1 | timestamp.apple.com |
|
| Details | Domain | 33 | com.apple.security |
|
| Details | Domain | 19 | terminal.app |
|
| Details | Domain | 13 | console.app |
|
| Details | Domain | 1 | com.apple.security.syspolicy.kext.mt |
|
| Details | Domain | 1 | com.apple.security.syspolicy.report |
|
| Details | Domain | 111 | www.apple.com |
|
| Details | Domain | 4 | com.apple.private.security |
|
| Details | Domain | 2 | com.apple.private.security.storage |
|
| Details | Domain | 1 | com.apple.private.tcc.manager.access.read |
|
| Details | Domain | 4 | com.apple.rootless.storage |
|
| Details | File | 130 | info.pl |
|
| Details | File | 2 | exceptions.pl |
|
| Details | File | 1 | tamperexceptions.pl |
|
| Details | File | 15 | security.cs |
|
| Details | File | 3 | security.sys |
|
| Details | File | 4 | policy.exe |
|
| Details | File | 28 | apple.sys |
|
| Details | File | 3 | policy.pl |
|
| Details | File | 24 | tcc.db |
|
| Details | File | 1 | apple.key |
|
| Details | File | 1 | iokit.sys |
|
| Details | File | 1 | managedclient.config |
|
| Details | File | 3 | security.reg |
|
| Details | File | 1 | storage.sys |
|
| Details | File | 2 | private.sys |
|
| Details | sha1 | 1 | 5a4e4dc97878a7ef283db76cdf584aa4e2de13c8 |
|
| Details | sha1 | 1 | b4f580ee04aeaaaf48e2647666f4dbed0ce4c502 |
|
| Details | MITRE ATT&CK Techniques | 10 | T1553.001 |
|
| Details | Url | 73 | http://www.apple.com/dtds/propertylist-1.0.dtd |