Phil Stokes, Author at SentinelOne

Detecting XLoader | A macOS ‘Malware-as-a-Service’ Info Stealer and Keylogger

Phil Stokes / July 26, 2021

We analyze the XLoader malware for macOS, describing its behavior, listing Indicators of Compromise and showing how it can be detected on a Mac.

labs

The Good, the Bad and the Ugly in Cybersecurity – Week 30

Phil Stokes / July 23, 2021

Twitter, TikTok and Snapchat scammer caught in Spain on US charges, FBI warns of attacks on Tokyo Olympics, and Pegasus spyware sparks furious debate.

labs

The Good, the Bad and the Ugly in Cybersecurity – Week 27

Phil Stokes / July 2, 2021

Cops catch up with Gozi guy in Bogota, GRU targets Office 365 cloud services with Kubernetes cluster, and researchers accidentally unleash zero day exploit.

Bypassing MacOS TCC User Privacy Protections By Accident And Design 8

labs

Security Research

Bypassing macOS TCC User Privacy Protections By Accident and Design

Phil Stokes / July 1, 2021

TCC is meant to protect user data from unauthorized access, but design flaws mean users and malware can bypass TCC, even by accident.

FI Twelve Things To Know About MacOS Monterey And Security

labs

macOS Monterey and Security: Things To Know About

Phil Stokes / June 10, 2021

macOS Monterey has landed! While all the focus is on the new features, who's asking how these affect your security? We take a deep dive into it all here.

labs

The Good, the Bad and the Ugly in Cybersecurity – Week 23

Phil Stokes / June 4, 2021

Major browsers beef up security protections, REvil ransomware disrupts meat production, and cybercriminals lap up chance to win big pot of prize money.

labs

When Apple Admits macOS Malware Is A Problem – It’s Time To Take Notice

Phil Stokes / May 26, 2021

Apple now say their layers of security have not prevented malware from becoming a problem on the platform. What does this mean and how can you address it?

labs

The Good, the Bad and the Ugly in Cybersecurity – Week 20

Phil Stokes / May 14, 2021

U.S. gov finally says enough is enough after DarkSide attack, multiple flaws affect nearly all Wi-Fi devices, and Babuk gang reject cops' offer of payment.

labs

The Good, the Bad and the Ugly in Cybersecurity – Week 17

Phil Stokes / April 23, 2021

FIN7 admin locked up for 10 years, REvil ransomware demand ransom from Apple, and second APT actor found using SUPERNOVA in long-term hack of US enterprise.

Apple Silicon Rosetta 2 And The Challenges For Endpoint Security 8

labs

Why Your macOS EDR Solution Shouldn’t Be Running Under Rosetta 2

Phil Stokes / April 12, 2021

Your legacy Intel software may appear to run just fine on Apple silicon thanks to Rosetta 2, but what are the performance and security consequences?