What can we learn about user activity and behavior on a compromised Mac? Learn about the hidden and obfuscated data stores Apple use on the macOS platform.
macOS Incident Response | Part 1: Collecting Device, File & System Data
How should you investigate an infected Mac? Has there been lateral movement, data exfiltration, system manipulation? Learn macOS incident response here.
Gootkit Banking Trojan | Deep Dive into Anti-Analysis Features
Gootkit packs plenty of Anti-Analysis features to evade sandboxes, prevent execution in a Virtual Machine, and slow down analysis. Let’s take a dive inside!
Cybercrime: Groups Behind “Banload” Banking Malware Implement New Techniques
Cybercriminals aren’t deterred by legacy AV. Learn how the gang behind “Banload” malware used a new kernel driver to remove popular anti-malware solutions.