Phil Stokes is a Research Engineer at SentinelOne, specializing in macOS threat intelligence, platform vulnerabilities and malware analysis. He began his journey into macOS security as a software developer, creating end user troubleshooting and security tools just at the time when macOS adware and commodity malware first began appearing on the platform. Phil has been closely following the development of macOS threats as well as researching Mac software and OS vulnerabilities since 2014.
APT41 gang indicted for 100s of hacks, new campaign against U.S. Gov exploits OSINT & unpatched vulns, and a misdirected ransomware attack ends in tragedy.
Shlayer malware continues to hit macOS (and the headlines) with multiple campaigns. The latest uses obfuscated Zsh scripts in an attempt to evade detection.
Employee foils Russian ransomware plot, QakBot's rapid evolution poses new risks, and flaw in file sharing on Google Drive could expose users to malware.
EU rolls out sanctions against hacking crews, QSnatch malware infects thousands of NAS devices and a threat actor hacks news providers to plant fake stories.
In recent weeks, there's been a sharp uptick in Lazarus-related macOS malware, with several families of trojanized apps and backdoors targeting the platform.
Researchers crack macOS ransomware encryption, USBs pose increased risk to critical infrastructure, and 15bn stolen credentials are for sale on the DarkNet.
