Clik here to view.
Session Cookies, Keychains, SSH Keys and More | 7 Kinds of Data Malware...
The scourge of ransomware attacks that has plagued Windows endpoints over the past half decade or so has, thankfully, not been replicated on Mac devices. With a few unsuccessful exceptions, the notion...
View ArticleClik here to view.
LockBit for Mac | How Real is the Risk of macOS Ransomware?
On April 16th, Twitter user @malwrhunterteam tweeted details of a sample of the LockBit ransomware compiled for Apple’s macOS arm64 architecture. LockBit claims to be “the oldest ransomware affiliate...
View ArticleClik here to view.
Atomic Stealer | Threat Actor Spawns Second Variant of macOS Malware Sold on...
Recent weeks have seen a number of macOS-specific infostealers appear for sale in crimeware forums, including Pureland, MacStealer and Amos Atomic Stealer. Of these, Atomic Stealer has offered by far...
View ArticleClik here to view.
Geacon Brings Cobalt Strike Capabilities to macOS Threat Actors
The red-teaming and attack simulation tool Cobalt Strike has a long and widely observed history of abuse by threat actors targeting Windows platforms, but it has only occasionally been seen used...
View ArticleClik here to view.
macOS 14 Sonoma | Toughening up macOS for the Enterprise?
At WWDC23 this week, Apple made some big announcements across its product lines and maintained its annual ritual of upgrading macOS, now to version 14 and tagged as macOS Sonoma. At SentinelOne, we’re...
View ArticleClik here to view.
Apple Crimeware | Massive Rust Infostealer Campaign Aiming for macOS Sonoma...
Earlier this month, security researcher iamdeadlyz reported on multiple fake blockchain games being used to infect both Windows and macOS targets with infostealers, capable of emptying crypto wallets...
View ArticleClik here to view.
Mac Admins | Why Apple’s Silent Approach to Endpoint Security Should be a...
If there’s one thing that everyone should be able to agree on about Apple, it is that the company really does think different when it comes to the design of its products, and this is nowhere more...
View ArticleClik here to view.
macOS MetaStealer | New Family of Obfuscated Go Infostealers Spread in...
This year has seen an explosion of infostealers targeting the macOS platform. Throughout 2023, we have observed a number of new infostealer families including MacStealer, Pureland, Atomic Stealer and...
View ArticleClik here to view.
Sonoma in the Spotlight | What’s New and What’s Missing in macOS 14
Apple released macOS 14 Sonoma this week. Our review of the first beta back in June covers much of what Sonoma brings to Enterprise users and is worth reading as a preface to this post. Sonoma’s...
View ArticleClik here to view.
macOS Malware 2023 | A Deep Dive into Emerging Trends and Evolving Techniques
Last week saw Apple update XProtect to version 2173 with new rules for Atomic Stealer and Adload. As we have noted previously, Apple’s defenses for the Mac have been evolving of late, with increased...
View ArticleClik here to view.
Protecting macOS | 7 Strategies for Enterprise Security in 2024
Welcome to 2024! It may be a new year for us all, but it’s very much business as usual for cybersecurity professionals. Last year saw an increase in the number and variety of new threats targeting the...
View ArticleClik here to view.
Backdoor Activator Malware Running Rife Through Torrents of macOS Apps
Malware authors have long targeted the market for free, cracked apps available through torrent services: in recent years a variety of cryptominers, adware, browser hijackers and bundled software...
View ArticleClik here to view.
The Good, the Bad and the Ugly in Cybersecurity – Week 6
The Good | Public-Private Partnership to Crackdown on Commercial Spyware The private and public sectors have done a rare thing this week: they agreed that something must be done about the proliferation...
View ArticleClik here to view.
PinnacleOne ExecBrief | Safe, Secure, and Trustworthy AI
Welcome back to the re-launched PinnacleOne Executive Brief. Intended for corporate executives and senior leadership in risk, strategy, and security roles, the P1 ExecBrief provides actionable insights...
View ArticleClik here to view.
Kryptina RaaS | From Underground Commodity to Open Source Threat
One of the key drivers behind the explosion in ransomware attacks over the last five years and more has been the development and proliferation of the ransomware-as-a-service model, a means of providing...
View ArticleClik here to view.
PinnacleOne Alert | Russian Space-Based Nuclear Anti-Satellite Weapon
Key Takeaways Russia is likely developing, but has not fully deployed, a nuclear-weapon based anti-satellite system (which would be a treaty violation). This system would threaten to destroy wide...
View ArticleClik here to view.
The Good, the Bad and the Ugly in Cybersecurity – Week 7
The Good | Back-to-Back FBI Ops Disrupt Major RAT Infrastructure & GRU Spy Network This week counted two wins for the FBI in the fight against malicious activities orchestrated by cybercriminals...
View ArticleClik here to view.
The Good, the Bad and the Ugly in Cybersecurity – Week 8
The Good | LockBit Ransomware Gang Locked Down & Chinese Cyber Espionage Ecosystem Exposed The cybersecurity community saw two valuable developments this week, the first being a hard-won shut down...
View ArticleClik here to view.
PinnacleOne ExecBrief | China’s Hacking Ecosystem
Last week, PinnacleOne collaborated with SentinelLabs to unpack the leak of internal files from a firm (I-Soon) that contracts with Chinese government security agencies to hack global targets. In this...
View ArticleClik here to view.
February 2024 Cybercrime Update | Commercial Spyware, AI-Driven APTs & Flawed...
February saw the U.S. government take significant actions against cybercrime, continuing the current administration’s policy of using all the resources of the state to tackle the problem head on....
View Article
