Phil Stokes is a Research Engineer at SentinelOne, specializing in macOS threat intelligence, platform vulnerabilities and malware analysis. He began his journey into macOS security as a software developer, creating end user troubleshooting and security tools just at the time when macOS adware and commodity malware first began appearing on the platform. Phil has been closely following the development of macOS threats as well as researching Mac software and OS vulnerabilities since 2014.
Shlayer malware continues to hit macOS (and the headlines) with multiple campaigns. The latest uses obfuscated Zsh scripts in an attempt to evade detection.
Employee foils Russian ransomware plot, QakBot's rapid evolution poses new risks, and flaw in file sharing on Google Drive could expose users to malware.
EU rolls out sanctions against hacking crews, QSnatch malware infects thousands of NAS devices and a threat actor hacks news providers to plant fake stories.
In recent weeks, there's been a sharp uptick in Lazarus-related macOS malware, with several families of trojanized apps and backdoors targeting the platform.
Researchers crack macOS ransomware encryption, USBs pose increased risk to critical infrastructure, and 15bn stolen credentials are for sale on the DarkNet.
Some big changes are coming to macOS security. We round up the most significant developments announced at WWDC 2020 that could affect enterprise security.
Election 2020 security gets a boost, researchers reveal more Intel side-channel attacks, and hackers-for-hire target U.S. nonprofit and advocacy groups.
