SentinelLabs Logo RGB WhitePurp
ABOUT
CVE DATABASE
CONTACT
VISIT SENTINELONE.COM

Phil Stokes

Phil Stokes is a Threat Researcher at SentinelOne, specializing in macOS threat intelligence, platform vulnerabilities and malware analysis. He began his journey into macOS security as a software developer, creating end user troubleshooting and security tools just at the time when macOS adware and commodity malware first began appearing on the platform. Phil has been closely following the development of macOS threats as well as researching Mac software and OS vulnerabilities since 2014.
sentinelone

macOS Malware 2023 | A Deep Dive into Emerging Trends and Evolving Techniques

macOS | 9 minute read
Read More >
sentinelone

Sonoma in the Spotlight | What’s New and What’s Missing in macOS 14

macOS | 8 minute read
Read More >
Bloated Binaries How To Detect And Analyze Multi Megabyte MacOS Malware 8
labs
Security Research

Bloated Binaries | How to Detect and Analyze Large macOS Malware Files

Phil Stokes / August 29, 2023

Massive malware binaries are becoming more common on macOS and can cause problems for detection and analysis. Here's how we can successfully deal with them.

Read More
sentinelone

XLoader’s Latest Trick | New macOS Variant Disguised as Signed OfficeNote App

From the Front Lines | 5 minute read
Read More >
sentinelone

Mac Admins | Why Apple’s Silent Approach to Endpoint Security Should be a Wake-Up Call

macOS | 8 minute read
Read More >
sentinelone

Apple Crimeware | Massive Rust Infostealer Campaign Aiming for macOS Sonoma Ahead of Public Release

From the Front Lines, macOS | 12 minute read
Read More >
sentinelone

BlueNoroff | How DPRK’s macOS RustBucket Seeks to Evade Analysis and Detection

From the Front Lines | 12 minute read
Read More >
sentinelone

JokerSpy | Unknown Adversary Targeting Organizations with Multi-Stage macOS Malware

From the Front Lines | 8 minute read
Read More >
Automating String Decryption And Other Reverse Engineering Tasks In Radare2 With R2pipe By Phil Stokes 1
labs
Security Research

Automating String Decryption and Other Reverse Engineering Tasks in radare2 With r2pipe

Phil Stokes / June 21, 2023

Learn how to drive radare2 with r2pipe for automated binary analysis, string decryption and other common reversing tasks.

Read More
sentinelone

macOS 14 Sonoma | Toughening up macOS for the Enterprise?

macOS | 8 minute read
Read More >
Previous
1 2 3 4 5 … 19
Next

SentinelLabs

In the era of interconnectivity, when markets, geographies, and jurisdictions merge in the melting pot of the digital domain, the perils of the threat ecosystem become unparalleled. Crimeware families achieve an unparalleled level of technical sophistication, APT groups are competing in fully-fledged cyber warfare, while once decentralized and scattered threat actors are forming adamant alliances of operating as elite corporate espionage teams.

Recent Posts

  • FreeDrain Unmasked | Uncovering an Industrial-Scale Crypto Theft Network
    FreeDrain Unmasked | Uncovering an Industrial-Scale Crypto Theft Network
    May 8, 2025
  • Top Tier Target | What It Takes to Defend a Cybersecurity Company from Today’s Adversaries
    Top Tier Target | What It Takes to Defend a Cybersecurity Company from Today’s Adversaries
    April 28, 2025
  • AkiraBot | AI-Powered Bot Bypasses CAPTCHAs, Spams Websites At Scale
    AkiraBot | AI-Powered Bot Bypasses CAPTCHAs, Spams Websites At Scale
    April 9, 2025

Sign Up

Get notified when we post new content.

Thanks! Keep an eye out for new content!

  • Twitter
  • LinkedIn
©2025 SentinelOne, All Rights Reserved.