Phil Stokes, Author at SentinelOne

MacOS Incident Response Part 2 User Data Activity And Behavior 2

Phil Stokes / August 28, 2019

What can we learn about user activity and behavior on a compromised Mac? Learn about the hidden and obfuscated data stores Apple use on the macOS platform.

MacOS Incident Response Part 1 Collecting Device File System Data 1

labs

Security Research

macOS Incident Response | Part 1: Collecting Device, File & System Data

Phil Stokes / August 21, 2019

How should you investigate an infected Mac? Has there been lateral movement, data exfiltration, system manipulation? Learn macOS incident response here.

labs

The Good, the Bad and the Ugly in Cybersecurity – Week 33

Phil Stokes / August 16, 2019

U.S. Cyber Command continues to fight the good fight, Tavis Ormandy reveals a critical Windows vuln and Kaspersky Labs have been exposing users to online tracking

labs

Malware Hunting on macOS | A Practical Guide

Phil Stokes / July 10, 2019

Do you want to know if your Mac is infected by malware? What should you look for and where should you look for it? Find out in this practical guide.

Rishi Deep QtnUbHeiOE0 Unsplash 1 1600x900

labs

10 macOS Malware Outbreaks from 2019

Phil Stokes / July 1, 2019

The first half of 2019 has seen at least 10 new macOS malware outbreaks. Be sure you're up to date with the latest Apple threats with our biannual review.

Everything You Wanted To Know About The Recent FireFox 0 Days 2

labs

How Two Firefox Zero Days Led to Two macOS Backdoors

Phil Stokes / June 26, 2019

An attack on Coinbase used two Firefox 0-days and two macOS backdoors. How did they do it, and how can you be sure you're protected from it? Find out here.

labs

How Malware Persists on macOS

Phil Stokes / June 17, 2019

Malware, exploit kits and threat actors have many ways to persist on Apple's macOS. Find out whether your security solution has all the bases covered.

Lazarus APT Targets Mac Users With Poisoned Word Document 4 Scaled 1600x900

labs

Security & Intelligence

Lazarus APT Targets Mac Users with Poisoned Word Document

Phil Stokes / April 25, 2019

Threat actors have the know-how to develop campaigns that target your weakest link. Learn how Lazarus APT took their malware to Apple’s macOS platform.

labs

How to Reverse Malware on macOS Without Getting Infected | Part 3

Phil Stokes / April 17, 2019

Join us in the final part of our introduction to macOS malware reverse engineering as we explore LLDB, dynamic binary analysis, reading registers and more.

labs

How to Reverse Malware on macOS Without Getting Infected | Part 2

Phil Stokes / April 9, 2019

Continue learning how to reverse malware on Apple macOS with Part 2 in our series. Learn about Apple's Mach-O native binary format and how to decode it