Happy New Year 2023!
Back after the winter holiday break and things are already going strong!
(Sponsor: SentinelOne)
7 Ways Threat Actors Deliver macOS Malware in the Enterprise
Learn how to build more resilient defenses by understanding the vectors threat actors use for initial compromise on macOS endpoints.
Many of you seem to have taken the time to post a lot of interesting articles and tools. Many interesting posts and releases. Thanks to everyone!
MacDevOpsYVR 2023 is announced for June 21-22, 2023 in Vancouver, Canada! (Speaker Application form at bottom of that page)
If you would rather get the weekly newsletter by email, you can subscribe to the Scripting OS X Weekly Newsletter here!! (Same content, delivered to your Inbox once a week.)
Highlights
- The Year 2022 for MacAdmins – Scripting OS X
- The Mac Malware of 2022 – Patrick Wardle, Objective-See’s Blog
News and Opinion
- MacStories Is on Mastodon with Its Own Server – John Voorhees, MacStories
- Platform Engineering is Not New and DevOps is Not Dead – Nigel Kersten, SD Times
- Apple Arcade Has Carved Out a Unique Niche in the Videogame Market, but Is It Sustainable? – John Voorhees, MacStories
- Apple Device Management: A Unified Theory of Managing Macs, iPads, iPhones, and Apple TVs 2nd ed. Edition available for pre-order at Amazon (affiliate link)
macOS Ventura and iOS 16
- When does the upgrade to macOS Ventura need admin rights? – Rich Trouton
- @ericjboyd on Twitter: “New Apple training course updates—that cover iOS 16, iPadOS 16, and macOS Ventura—are now live, and new exams are open for registration. Visit training.apple.com for more info.”
- How much free space does Ventura need to update? – Howard Oakley
- Updating your app package installer to use the new Service Management API – Apple Developer Documentation
- Mr. Macintosh on Twitter: “If you are still blocking macOS Ventura via 90 Day MDM deferral profile, some important dates are coming up. Jan 22, 2023 = 13.0 full installer upgrade will start showing. March 13, 2023 = 13.1 delta upgrade will start showing. (allowing non admin upgrades)”
- macOS Rapid Security Response Update Version Database – Mr. Macintosh
macOS and iOS Updates
Social Media
- Andrew MacKenzie on Twitter: “Installomator is my new benchmarking tool.
for everything in $(Installomator.sh) ; do Installomator.sh $everything ; done
Also my new speedtest.” - Adam Tomczynski on LinkedIn: “To help you learn and prepare for the Apple Device Support exam, I created flashcards with the documentation provided by Apple.”
Security and Privacy
- Get root on macOS 13.0.1 with CVE-2022-46689, the macOS Dirty Cow bug – Worth Doing Badly
- Gatekeeper’s Achilles heel: Unearthing a macOS vulnerability – Microsoft Security Blog
- Password requirements: myths and madness – Alan Franzoni
- Can you rely on macOS Ventura for malware protection? – Howard Oakley
- 7 Ways Threat Actors Deliver macOS Malware in the Enterprise – Phil Stokes, SentinelOne
- DER Entitlements: The (Brief) Return of the Psychic Paper – Ivan Fratric, Project Zero
Support and HowTos
- All you need to know about Safe mode – Howard Oakley
- I Found a Bug – Robin Laurén
- Provisioning and Deployment: What They Are, How They Differ – Patrick Gallagher, Kandji Blog
- Gaining control over your Mac’s log – Howard Oakley
- How does macOS tell the type of a file? – Howard Oakley
- Troubleshooting with Postman: Testing the Jamf ADCS Connector Client Certificate – Frederick Abeloos
- Recovery mode problems and how to solve them – Howard Oakley
- How-To: Add existing MacOS Devices to Apple Business Manager without factory reset – TheAlmightyZach on r/macsysadmin
- Display Message via swiftDialog (0.0.6) – Dan K. Snelson
- Identifying Mac laptops and desktops from the command line by checking for a built-in battery – Rich Trouton
Scripting and Automation
- How to Use Swift with the Jamf API, Part 4: Implementing a New Object – Armin Briegel, Jamf Blog
- Script to List Extensions Running on a Mac – Charles Edge
- macOS Script To List System Extensions And Their State – Charles Edge
- Use PowerShell to make QR Codes – John C. Welch
- JamfPatchUploader: Manually manage Patch Policies – eisenschmiede.com
- Convert profiles command output to json and parse for duplicates – Bob Gendler
- A Bit On Self-Destructing Shell Scripts – Charles Edge
- Feeding Outset with Packages using AutoPkg – Anthony Reimer
- Deploying Docker Desktop 4.15+ with Munki – Kevin M. Cox
- ntfy.sh: Send push notifications to your phone via PUT/POST
- mvught/JAMF-and-bputil: Set your security level High easy way
- Nudge Post-install (0.0.17) includes updates for Nudge (1.1.10) – Dan K. Snelson
- Avoiding ‘eval’ with SwiftDialog – Trevor Sysock
- Feeding Outset 2: Override Boogaloo – Anthony Reimer
- Setup Your Mac (1.6.0): “Live” Jamf Pro Policy Validation – Dan K. Snelson
- Workon Stuff: A Simple Script – Trevor Sysock
Apple Support
- Use Apple products on enterprise networks (Updated, some notes from @ericjboyd on Twitter)
- How Dark Sky users can use the Apple Weather app
Updates and Releases
- What’s new in Shortcuts in iOS and iPadOS 16.2, macOS 13.1, and watchOS 9.2
- Introducing Renew for macOS – Trevor Sysock (Release page)
- super v3.0-b6
- Option-Command-. – gifboard
- Installomator v10.2
- swiftDialog 2.1.0 RC 1
- Extensions Manager Swift Project for macOS – Charles Edge
- scriptingosx/quickpkg 1.0
- bartreardon/outset v4.0 Beta 2 (Swift re-write)
- Munki 6.1.0 beta 2
- grahampugh/nice-updater 2.3
To Listen
- 2023 Apple enterprise predictions – Apple@Work Podcast, 9to5Mac
- Wartime Conferences in Ukraine – Mac Admins Podcast
Support
If you are enjoying what you are reading here, please spread the word and recommend it to another Mac Admin!
If you want to support me and this website even further, then consider buying one (or all) of my books. It’s like a subscription fee, but you also get a useful book or two extra!