Exploiting GOG Galaxy XPC service for privilege escalation in macOS

Extending and automating NightHawk with DayBird 13 min read – NightHawk, MDSec’s commercial C2 product, has focused on operational security and detection avoidance since its initial release in December 2021. While the core functionality of the framework has been effective within the scope of these objectives, our team noticed certain features were missing as we started incorporating NightHawk into our engagements alongside our other C2 options.

Source: Security Intelligence

 


Date:

Categorie(s):