Yesterday LegbaCore published a video of a bricking demo of a a Mac Mini firmware vulnerability.

https://www.youtube.com/watch?v=LEEEazuc8Dg&feature=youtu.be

“Apple does not follow Intel’s recommended best practices for protecting their firmware. Consequently Macs are vulnerable to being disabled in such a way that they can never be made bootable again either by attempting to boot off external media (like a DVD/USB) and reinstalling the OS, or by changing the entire HD/SSD with a known working one. The only way to recover from such attacks is to reflash the SPI flash chip with a known-clean copy of the firmware. This attack does not require physical presence. It can be launched via a remote connection to the system (e.g. SSH/VNC).”

https://twitter.com/legbacore/status/624062348324528128

LegbaCore has some upcoming training at HackInTheBox Singapore in October, and it appears this 3-day training will cover some of this new Apple EFI research:

https://twitter.com/coreykal/status/624210503766663168

http://www.legbacore.com/Training.html
http://gsec.hitb.org/sg2015/sessions/tech-training-6-introductory-bios-smm-attack-defense/
https://firmwaresecurity.com/2015/06/08/legbacore-summer-tour-announced/