Phil Stokes is a Research Engineer at SentinelOne, specializing in macOS threat intelligence, platform vulnerabilities and malware analysis. He began his journey into macOS security as a software developer, creating end user troubleshooting and security tools just at the time when macOS adware and commodity malware first began appearing on the platform. Phil has been closely following the development of macOS threats as well as researching Mac software and OS vulnerabilities since 2014.
French police take down a massive botnet, Google reveal multiple vulnerabilities in Apple's iOS and the US Gov't discloses details of an Iranian cyberattack.
What can we learn about user activity and behavior on a compromised Mac? Learn about the hidden and obfuscated data stores Apple use on the macOS platform.
How should you investigate an infected Mac? Has there been lateral movement, data exfiltration, system manipulation? Learn macOS incident response here.
U.S. Cyber Command continues to fight the good fight, Tavis Ormandy reveals a critical Windows vuln and Kaspersky Labs have been exposing users to online tracking
The first half of 2019 has seen at least 10 new macOS malware outbreaks. Be sure you're up to date with the latest Apple threats with our biannual review.
An attack on Coinbase used two Firefox 0-days and two macOS backdoors. How did they do it, and how can you be sure you're protected from it? Find out here.
Threat actors have the know-how to develop campaigns that target your weakest link. Learn how Lazarus APT took their malware to Apple’s macOS platform.
Join us in the final part of our introduction to macOS malware reverse engineering as we explore LLDB, dynamic binary analysis, reading registers and more.
