Phil Stokes, Author at SentinelOne

Aleksandar Milenkoski & Jose Luis Sánchez Martínez (VirusTotal) / August 29, 2024

We teamed up with VirusTotal to take a deep dive into the platform's extensive query capabilities through both the web and API interfaces.

labs

macOS Cuckoo Stealer | Ensuring Detection and Defense as New Samples Rapidly Emerge

Phil Stokes / May 9, 2024

Learn about the mechanics of macOS Cuckoo Stealer, discover extended indicators and ensure your organization remains protected.

labs

macOS Adload | Prolific Adware Pivots Just Days After Apple’s XProtect Clampdown

Phil Stokes / May 1, 2024

Learn about the latest Adload adware variants, written in Go and intended to bypass Apple's recent XProtect updates.

Backdoor Activator Malware Running Rife 18

labs

Backdoor Activator Malware Running Rife Through Torrents of macOS Apps

Phil Stokes / February 1, 2024

A new campaign is spreading macOS malware through infected copies of popular applications and productivity tools.

labs

The Many Faces of Undetected macOS InfoStealers | KeySteal, Atomic & CherryPie Continue to Adapt

Phil Stokes / January 15, 2024

Learn about the latest threats to macOS as Infostealers continue to rapidly adapt to evade static signatures.

labs

macOS MetaStealer | New Family of Obfuscated Go Infostealers Spread in Targeted Attacks

Phil Stokes / January 11, 2024

The rise of macOS infostealers continues with the latest entrant aiming to compromise business environments with targeted social engineering lures.

labs

Protecting macOS | 7 Strategies for Enterprise Security in 2024

Phil Stokes / January 2, 2024

What can defenders learn from last year's bumper crop of macOS malware? Bolster your defenses with these insights into the latest attacker trends.

labs

DPRK Crypto Theft | macOS RustBucket Droppers Pivot to Deliver KandyKorn Payloads

Phil Stokes / November 27, 2023

Two apparently separate North Korean crypto theft campaigns targeting macOS users appear to be linked as threat actors mix and match droppers and payloads.

11 Ways To Tweak Radare2 For Faster And Easier MacOS Malware Analysis 3

labs

Security Research

11 Ways to Tweak radare2 for Faster and Easier macOS Malware Analysis

Phil Stokes / October 31, 2023

Simplifying radare2 for macOS malware research, these tips and tricks will help to improve workflow and supercharge productivity.

labs

macOS Malware 2023 | A Deep Dive into Emerging Trends and Evolving Techniques

Phil Stokes / October 16, 2023

Apple’s security measures are evolving, but macOS malware is still one step ahead. Learn how to keep the Macs in your fleet safe from attackers.

Phil Stokes

Exploring the VirusTotal Dataset | An Analyst’s Guide to Effective Threat Research

macOS Cuckoo Stealer | Ensuring Detection and Defense as New Samples Rapidly Emerge

macOS Adload | Prolific Adware Pivots Just Days After Apple’s XProtect Clampdown

Backdoor Activator Malware Running Rife Through Torrents of macOS Apps

The Many Faces of Undetected macOS InfoStealers | KeySteal, Atomic & CherryPie Continue to Adapt

macOS MetaStealer | New Family of Obfuscated Go Infostealers Spread in Targeted Attacks

Protecting macOS | 7 Strategies for Enterprise Security in 2024

DPRK Crypto Theft | macOS RustBucket Droppers Pivot to Deliver KandyKorn Payloads

11 Ways to Tweak radare2 for Faster and Easier macOS Malware Analysis

macOS Malware 2023 | A Deep Dive into Emerging Trends and Evolving Techniques