Phil Stokes is a Research Engineer at SentinelOne, specializing in macOS threat intelligence, platform vulnerabilities and malware analysis. He began his journey into macOS security as a software developer, creating end user troubleshooting and security tools just at the time when macOS adware and commodity malware first began appearing on the platform. Phil has been closely following the development of macOS threats as well as researching Mac software and OS vulnerabilities since 2014.
Pwn2Own highlights the right path for talented hackers, organizations warned about critical SAP bugs, and APT34 targets job hunters with novel backdoor.
Thieves steal user data from Carding Mafia crime site, OpenSSL vulnerable to denial of service attacks, and an ethical researcher gets shopped to the cops.
Targeting software developers is one route to a successful supply chain attack. Now threat actors are going after Apple developers through the Xcode IDE.
Darknet hacker forums learn what it's like to be hacked, Chinese APT exploits MS Exchange Server, and the SolarWinds breach turns up 3 new malware families.
Threat hunting on macOS? These are the tools malware most often leverages, with ITW examples, MITRE behavioral indicators and links to further research.
SIM-swapping gang targeting US celebs gets busted in the UK, zero days haunt Chrome and Windows, and hackers waltz past weak security in public water system.
We show how to statically reverse run-only AppleScripts for the first time, and in the process reveal new IoCs of a long-running macOS Cryptominer campaign.
CISA offers tool to aid IR teams in wake of SolarWinds, a COVID-19 testing lab is taken out by ransomware, and education charity GetSchooled gets pwned.
