Phil Stokes, Author at SentinelOne

FADE DEAD | Adventures in Reversing Malicious Run-Only AppleScripts

Phil Stokes / January 11, 2021

We show how to statically reverse run-only AppleScripts for the first time, and in the process reveal new IoCs of a long-running macOS Cryptominer campaign.

APT32 Multi Stage MacOS Trojan Innovates On Crimeware Scripting Technique 7

labs

Phil Stokes

The Good, the Bad and the Ugly in Cybersecurity – Week 7

The Good, the Bad and the Ugly in Cybersecurity – Week 4

The Good, the Bad and the Ugly in Cybersecurity – Week 1

The Good, the Bad and the Ugly in Cybersecurity – Week 50

The Good, the Bad and the Ugly in Cybersecurity – Week 47

What Happened to My Mac? Apple’s OCSP Apocalypse

macOS Big Sur Has Landed | 10 Essential Security Tips You Should Know

The Good, the Bad and the Ugly in Cybersecurity – Week 45

Phil Stokes

FADE DEAD | Adventures in Reversing Malicious Run-Only AppleScripts

APT32 Multi-stage macOS Trojan Innovates on Crimeware Scripting Technique