Phil Stokes, Author at SentinelOne | Page 5 of 18

ABOUT

VISIT SENTINELONE.COM

Phil Stokes

Phil Stokes is a Threat Researcher at SentinelOne, specializing in macOS threat intelligence, platform vulnerabilities and malware analysis. He began his journey into macOS security as a software developer, creating end user troubleshooting and security tools just at the time when macOS adware and commodity malware first began appearing on the platform. Phil has been closely following the development of macOS threats as well as researching Mac software and OS vulnerabilities since 2014.

Apple’s macOS Ventura | 7 New Security Changes to Be Aware Of

Company | 11 minute read

Use Of Obfuscated Beacons In ‘pymafka Supply Chain Attack Signals A New Trend In MacOS Attack TTPs 1

Security & Intelligence

Use of Obfuscated Beacons in ‘pymafka’ Supply Chain Attack Signals a New Trend in macOS Attack TTPs

Phil Stokes / May 25, 2022

A new typosquatting attack against the PyPI repository targets enterprise Macs with a distinctive obfuscation method.

The Art And Science Of MacOS Malware Hunting With Radare2 Leveraging Xrefs YARA Zignatures 11

Security Research

The Art and Science of macOS Malware Hunting with radare2 | Leveraging Xrefs, YARA and Zignatures

Phil Stokes / March 21, 2022

In the next part of our series on reversing macOS malware, we dig into identifying reused code across malware samples for hunting and detection.

The Good, the Bad and the Ugly in Cybersecurity – Week 6

The Good, the Bad and the Ugly | 5 minute read

10 Assumptions About macOS Security That Put Your Business At Risk

macOS | 17 minute read

Sneaky Spies and Backdoor RATs | SysJoker and DazzleSpy Malware Target macOS

macOS | 9 minute read

The Good, the Bad and the Ugly in Cybersecurity – Week 4

The Good, the Bad and the Ugly | 5 minute read

The Good, the Bad and the Ugly in Cybersecurity – Week 2

The Good, the Bad and the Ugly | 4 minute read

A Threat Hunters Guide To The Macs Most Prevalent Adware Infections 2022 12

Security & Intelligence

A Threat Hunter’s Guide to the Mac’s Most Prevalent Adware Infections 2022

Phil Stokes / January 4, 2022

Mac adware is hidden, persistent, and evasive, fingerprinting devices and delivering custom payloads. Learn how to hunt it on macOS.

The Good, the Bad and the Ugly in Cybersecurity – Week 51

The Good, the Bad and the Ugly | 4 minute read

1 … 3 4 5 6 7 … 18

Next

SentinelLabs

In the era of interconnectivity, when markets, geographies, and jurisdictions merge in the melting pot of the digital domain, the perils of the threat ecosystem become unparalleled. Crimeware families achieve an unparalleled level of technical sophistication, APT groups are competing in fully-fledged cyber warfare, while once decentralized and scattered threat actors are forming adamant alliances of operating as elite corporate espionage teams.

Recent Posts

LABScon24 Replay | Resilience and Protection in the Windows Ecosystem
March 12, 2025
LABScon24 Replay | Farmyard Gossip: The Foreign Footprint in US Agriculture
March 5, 2025
Ghostwriter | New Campaign Targets Ukrainian Government and Belarusian Opposition
February 25, 2025

Sign Up

Get notified when we post new content.

Thanks! Keep an eye out for new content!

Twitter
LinkedIn

©2025 SentinelOne, All Rights Reserved.