Risky Business Risky Business #806 -- Apple's Memory Integrity Enforcement is a big deal
22 snips
Sep 10, 2025 Toni de la Fuente, Founder of Prowler, dives into cloud security innovations and the new support for Microsoft 365 in Prowler. He discusses how the tool enhances security for services like OneDrive and SharePoint. The conversation highlights Apple's recent memory integrity enforcement, which complicates exploit attempts and fortifies device security. Toni also explores the rise of ransomware attacks and the importance of accountability in cybersecurity. With humorous insights into the complexities of NPM supply chain attacks, this episode is both informative and engaging.
AI Snips
Chapters
Transcript
Episode notes
Apple’s Cross-Stack Memory Safety
- Apple built memory integrity enforcement across hardware, compilers, allocators, kernel and tooling to raise exploit costs significantly.
- Breaking a single step in an exploit chain can render the whole chain unusable, forcing exploit developers to pay much higher costs.
Big Reach, Small Impact—So Far
- The recent NPM backdoors affected packages with billions of weekly downloads but produced minimal direct theft.
- Rapid detection and takedown limited impact, though cached artifacts may still cause delayed downstream effects.
Audit Dependencies And Caches
- Search dependency inventories for the affected package versions and remove any cached or vendored compromised artifacts.
- Treat registry takedown as partial remediation because builds and artifact caches may continue to distribute the backdoor.