{"id":17928,"date":"2020-03-17T20:35:02","date_gmt":"2020-03-18T04:35:02","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2020\/03\/17\/news-11661\/"},"modified":"2020-03-17T20:35:02","modified_gmt":"2020-03-18T04:35:02","slug":"news-11661","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2020\/03\/17\/news-11661\/","title":{"rendered":"VB2019 paper: Play fuzzing machine &#8211; hunting iOS and macOS kernel vulnerabilities automatically and smartly"},"content":{"rendered":"<p><em>Apple<\/em>\u2019s <em>MacOS<\/em> and <em>iOS<\/em> operating systems are often praised for their security. Yet vulnerabilities in both operating systems are regularly being found and exploited, especially by more advanced attackers.<\/p>\n<p>In a paper presented at VB2019 in London, <em>Trend Micro<\/em> researchers Lilang Wu and Moony Li explained how researchers like them hunt for such vulnerabilities and how this hunting can be made both smarter and more automatic.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" style=\"display: block; margin-left: auto; margin-right: auto;\" src=\"https:\/\/www.virusbulletin.com\/files\/2115\/7322\/0503\/figure2.png\" alt=\"figure2.png\" width=\"706\" height=\"388\" \/><span class=\"centered-caption\">The reverse engineering solution for kernel and kextentions.<\/span><\/p>\n<p>Today we publish the researchers&#8217; paper in both <a title=\"VB2019 paper: Play fuzzing machine \u2013 hunting iOS\/macOS kernel vulnerabilities automatically and smartly\" href=\"https:\/\/www.virusbulletin.com\/virusbulletin\/2020\/03\/vb2019-paper-play-fuzzing-machine-hunting-iosmacos-kernel-vulnerabilities-automatically-and-smartly\/\">HTML<\/a> and <a href=\"https:\/\/www.virusbulletin.com\/uploads\/pdf\/magazine\/2019\/VB2019-Wu-Li.pdf\" target=\"_blank\">PDF <\/a>format as well as the recording of their VB2019 presentation.<\/p>\n<p>\u00a0<\/p>\n<p>\u00a0<\/p>\n<p style=\"text-align: center;\" width=\"100%\" height=\"420\"><iframe loading=\"lazy\" src=\"https:\/\/www.youtube.com\/embed\/FpvueiTHzD0\" frameborder=\"0\" width=\"100%\" height=\"420\" style=\"\"> <\/iframe><\/p>\n<p>\u00a0<\/p>\n<p><em><em>Have you carried out research that furthers our understanding of the threat landscape? Have you discovered a technique that helps in the analysis of malware? <\/em>The <a title=\"VB2020 call for papers - now open!\" href=\"https:\/\/www.virusbulletin.com\/blog\/2019\/12\/vb2020-call-papers-now-open\/\">Call for Papers<\/a> for VB2020 in Dublin is open! Submit your abstract before <strong>15 March<\/strong> for a chance to make it onto the programme of one of the most international threat intelligence conferences.<\/em><\/p>\n<p>outertext<br \/><a href=\"https:\/\/www.virusbulletin.com\/blog\/2020\/03\/vb2019-paper-play-fuzzing-machine-hunting-ios-and-macos-kernel-vulnerabilities-automatically-and-smartly\/\" target=\"bwo\" >https:\/\/www.virusbulletin.com\/rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/www.virusbulletin.com\/files\/2115\/7322\/0503\/figure2.png\"\/><br \/>                                 In a paper presented at VB2019 in London, Trend Micro researchers Lilang Wu and Moony Li explained how the hunt for vulnerabilities in MacOS and iOS operating systems can be made both smarter and more automatic. Today we publish both their paper and the recording of their presentation.                <\/p>\n<p>                 <a href=\"https:\/\/www.virusbulletin.com\/blog\/2020\/03\/vb2019-paper-play-fuzzing-machine-hunting-ios-and-macos-kernel-vulnerabilities-automatically-and-smartly\/\">Read more<\/a>                                <\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[23177,10378,23176],"tags":[],"class_list":["post-17928","post","type-post","status-publish","format-standard","hentry","category-magazine","category-security","category-virusbulletin"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/17928","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=17928"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/17928\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=17928"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=17928"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=17928"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}