Security Archives

mSCP jamf scripts

August 29, 2022Apple, macOS Security Compliance Project (mSCP)automation, Jamf Pro, MDM, NIST, Security, STIG

Bob Gendler one of the macOS Security Compliance Project (mSCP) Authors has posted some (FANTASTIC) scripts that will help integrate your mSCP project into a jamf instance. This will help…

Verify Download Checksum value

August 15, 2022SoftwareData Protection, Firefox, Patching, Security, Terminal

Step 1: create SHA-256 hash value from the downloaded file: General Guidance shasum -a 256 /path/to/downloaded.pkg Specific Guidance check Firefox Browser 102.1.0esr Example: shasum -a 256 /Users/USERNAME_HERE/Downloads/Firefox\ 102.1.0esr.pkg Link to…

Enforce Multifactor Authentication for Login

June 24, 2022Apple, macOSFederal Compliance, Gotcha!, Jamf Extension Attribute, NIST, pam.d, Security, Smart Cards, Smartcard, STIG

6.1. Enforce Multifactor Authentication for Login The system MUST be configured to enforce multifactor authentication. All users MUST go through multifactor authentication to prevent unauthenticated access and potential compromise to…

Article: Safari’s WebKit resurrected ‘zombie’ security bug

June 21, 2022NewsSafari, Security

theregister.com Article: How refactoring code in Safari's WebKit resurrected 'zombie' security bug A security flaw in Apple's Safari web browser that was patched nine years ago was exploited in the…

tcpdump – dump traffic on a network

June 9, 2022Apple, macOScurl, networking, Security, Terminal, Troubleshooting

NAME tcpdump - dump traffic on a network DESCRIPTION Tcpdump prints out a description of the contents of packets on a network interface that match the boolean expression; the description…

log show

May 26, 2022Apple, macOSlog show, logs, scp, Security, Terminal, Troubleshooting

NAME log -- Access system wide log messages created by os_log, os_trace and other logging systems. DESCRIPTION log is used to access system wide log messages created by os_log, os_trace…

Apple Silicon chip vulnerability ‘Augury’ news links

May 21, 2022NewsSecurity

Links May 2nd: Apple Silicon chip vulnerability ‘Augury’ surfaces, but researchers aren’t worried yet https://9to5mac.com/2022/05/02/augury-apple-silicon-vulnerability/ 05.02.2022: Apple Silicon Chips on iPhones, Macs Carry a New Vulnerability — Here's What Researchers…

Command Line Firewall Management In OS X 10.10

May 17, 2022Apple, macOSData Protection, Firewall, logs, Security, Terminal

check whether Firewall is started /usr/libexec/ApplicationFirewall/socketfilterfw --getglobalstate https://krypted.com/mac-security/command-line-firewall-management-in-os-x-10-10/

Common Platform Enumeration (CPE)

May 15, 2022SecurityAudit, Configuration Management, CPE, NIST, Security

Common Platform Enumeration (CPE) is a structured naming scheme for information technology (IT) systems, software, and packages. Based upon the generic syntax for Uniform Resource Identifiers (URI), CPE includes a…

Common Vulnerabilities and Exposures (CVE)

May 15, 2022Securitycurl, CVE, Security, Terminal

json feed of all apple related things. https://services.nvd.nist.gov/rest/json/cves/1.0?cpeMatchString=cpe:2.3:*:apple curl -s "https://services.nvd.nist.gov/rest/json/cves/1.0?cpeMatchString=cpe:2.3:*:apple" curl -s "https://services.nvd.nist.gov/rest/json/cves/1.0?cpeMatchString=cpe:2.3:*:apple:macOS:catalina" https://csrc.nist.gov/CSRC/media/Projects/National-Vulnerability-Database/documents/web%20service%20documentation/Automation%20Support%20for%20CVE%20Retrieval.pdf this is the documentation. of how to use their CVE feed hope this link works…