← Back to Explore
T1548.006
TCC Manipulation
Adversaries can manipulate or abuse the Transparency, Consent, & Control (TCC) service or database to grant malicious executables elevated permissions. TCC is a Privacy & Security macOS control mechanism used to determine if the running process has permission to access the data or services protected by TCC, such as screen sharing, camera, microphone, or Full Disk Access (FDA). When an application requests to access data or a service protected by TCC, the TCC daemon (`tccd`) checks the TCC datab...
macOS
3
Detections
1
Sources
0
Threat Actors
BY SOURCE
3elastic
PROCEDURES (2)
Script Execution Monitoring2 detections
Auto-extracted: 2 detections for script execution monitoring
Process Creation Monitoring1 detections
Auto-extracted: 1 detections for process creation monitoring