Presentation Material

Abstract

Ever since its inception, the Apple ecosystem has witnessed a remarkable three-decade journey proving its pedigree. During this period, the security industry has also witnessed a growing plethora of malware targeting different versions of macOS operating systems.

This session will take a shift-left approach to identifying a needle in the haystack: How to think like a threat actor attacking macOS endpoints. Using the data ingested in our threat intelligence systems and two years of extensive research, we shed light on the built-in macOS utilities that are used or have the potential of being used by threat actors in their attack kill chain. With the increase in work-from-home policies, the attendees will learn how to identify suspicious activity on the increasingly popular macOS platform.