SentinelLabs Logo RGB WhitePurp
ABOUT
CVE DATABASE
CONTACT
VISIT SENTINELONE.COM

Phil Stokes

Phil Stokes is a Threat Researcher at SentinelOne, specializing in macOS threat intelligence, platform vulnerabilities and malware analysis. He began his journey into macOS security as a software developer, creating end user troubleshooting and security tools just at the time when macOS adware and commodity malware first began appearing on the platform. Phil has been closely following the development of macOS threats as well as researching Mac software and OS vulnerabilities since 2014.
sentinelone

From Amos to Poseidon | A SOC Team’s Guide to Detecting macOS Atomic Stealers 2024

From the Front Lines | 11 minute read
Read More >
Exploring  VT Bus Ftr
labs
Security Research

Exploring the VirusTotal Dataset | An Analyst’s Guide to Effective Threat Research

Aleksandar Milenkoski & Jose Luis Sánchez Martínez (VirusTotal) / August 29, 2024

We teamed up with VirusTotal to take a deep dive into the platform's extensive query capabilities through both the web and API interfaces.

Read More
sentinelone

macOS Cuckoo Stealer | Ensuring Detection and Defense as New Samples Rapidly Emerge

From the Front Lines, macOS | 11 minute read
Read More >
sentinelone

macOS Adload | Prolific Adware Pivots Just Days After Apple’s XProtect Clampdown 

From the Front Lines, macOS | 7 minute read
Read More >
sentinelone

Backdoor Activator Malware Running Rife Through Torrents of macOS Apps

From the Front Lines, macOS | 9 minute read
Read More >
sentinelone

The Many Faces of Undetected macOS InfoStealers | KeySteal, Atomic & CherryPie Continue to Adapt

From the Front Lines | 7 minute read
Read More >
sentinelone

macOS MetaStealer | New Family of Obfuscated Go Infostealers Spread in Targeted Attacks 

From the Front Lines, macOS | 11 minute read
Read More >
sentinelone

Protecting macOS |  7 Strategies for Enterprise Security in 2024

macOS | 12 minute read
Read More >
sentinelone

DPRK Crypto Theft | macOS RustBucket Droppers Pivot to Deliver KandyKorn Payloads

From the Front Lines | 11 minute read
Read More >
11 Ways To Tweak Radare2 For Faster And Easier MacOS Malware Analysis 3
labs
Security Research

11 Ways to Tweak radare2 for Faster and Easier macOS Malware Analysis

Phil Stokes / October 31, 2023

Simplifying radare2 for macOS malware research, these tips and tricks will help to improve workflow and supercharge productivity.

Read More
Previous
1 2 3 4 … 19
Next

SentinelLabs

In the era of interconnectivity, when markets, geographies, and jurisdictions merge in the melting pot of the digital domain, the perils of the threat ecosystem become unparalleled. Crimeware families achieve an unparalleled level of technical sophistication, APT groups are competing in fully-fledged cyber warfare, while once decentralized and scattered threat actors are forming adamant alliances of operating as elite corporate espionage teams.

Recent Posts

  • FreeDrain Unmasked | Uncovering an Industrial-Scale Crypto Theft Network
    FreeDrain Unmasked | Uncovering an Industrial-Scale Crypto Theft Network
    May 8, 2025
  • Top Tier Target | What It Takes to Defend a Cybersecurity Company from Today’s Adversaries
    Top Tier Target | What It Takes to Defend a Cybersecurity Company from Today’s Adversaries
    April 28, 2025
  • AkiraBot | AI-Powered Bot Bypasses CAPTCHAs, Spams Websites At Scale
    AkiraBot | AI-Powered Bot Bypasses CAPTCHAs, Spams Websites At Scale
    April 9, 2025

Sign Up

Get notified when we post new content.

Thanks! Keep an eye out for new content!

  • Twitter
  • LinkedIn
©2025 SentinelOne, All Rights Reserved.