fosstodon.org is one of the many independent Mastodon servers you can use to participate in the fediverse.
Fosstodon is an invite only Mastodon instance that is open to those who are interested in technology; particularly free & open source software. If you wish to join, contact us for an invite.

Administered by:

Server stats:

8.8K
active users

#XProtect

0 posts0 participants0 posts today

We pushed an update to the MilestonePSTools #powershell module this week making it even easier to do bulk camera imports for #XProtect using CSV and Excel files.

You can import changes to existing hardware too! Check out the docs and this quick write-up milestonepstools.com/blog/2024

www.milestonepstools.comUpdates to Import-VmsHardware - MilestonePSToolsDocumentation for the MilestonePSTools PowerShell module.

I just published a new #xprotect plugin for those who need to display web content alongside cameras and other physical security or building management elements. Try it for free for 30 days, or forever if using Essentials+ or a test license github.com/joshooaj/WebContent

GitHubGitHub - joshooaj/WebContentPlugin: Add any web content to XProtect Smart ClientAdd any web content to XProtect Smart Client. Contribute to joshooaj/WebContentPlugin development by creating an account on GitHub.
Continued thread

Google and Apple provide data about the malware they catch in their app store review processes. Both of them talk about "sideloading" as a security risk. Notably, neither Apple nor Google provide data on how much malware comes from outside of their app stores. Nor do they provide data-based analysis of which is the bigger threat: malware that makes it into their app stores or from other channels. They have this data, they track installs and active apps plus there is #PlayProtect #XProtect etc 2/

"🍎 macOS Malware 2023: Navigating the New Threat Landscape 🌐"

Apple's XProtect recently updated to version 2173, introducing rules for Atomic Stealer and Adload. However, 2023 has unveiled novel methods to compromise Macs, leaving users vulnerable unless additional protective measures are taken. Key insights:

  1. Shift in Malware Behavior: Many macOS malware families in 2023 have ditched persistence. Infostealers, for instance, achieve their goals in a single execution, stealing user data and then transmitting it to a remote server. 📥🔓

  2. Sophisticated Social Engineering: Threat actors are employing advanced social engineering tactics. RustBucket malware, for example, lured victims with a business deal, urging them to download a 'proprietary' PDF viewer, which in reality was malware. 🎣📄

  3. Public Offensive Security Tools: Tools like Geacon, which wraps Cobalt Strike capabilities, are now being seen in macOS malware. Open-source red teaming tools like Mythic and Poseidon have also been spotted in recent campaigns. 🛠️🔥

  4. LOLBins Techniques: "Living off the orchard" techniques are on the rise in macOS. Built-in tools like system_profiler, sw_vers, and curl are being exploited for malicious purposes. 🌳🔧

  5. Abusing Open Source Software: JokerSpy malware, discovered in July 2023, began its infection through a trojanized QR code generator, QRLog. This malware was found in enterprise breaches, including a major cryptocurrency exchange. 🔄💼

  6. Complex Multi-Stage Malware: The Smooth Operator campaign, a sophisticated supply chain attack, compromised businesses via 3CX's call routing software client. The malware was designed for stealth, gathering limited data and then self-deleting. 📞🕵️

While Apple is enhancing its malware detection capabilities, third-party solutions are still crucial for comprehensive protection against both common and advanced threats. SentinelOne offers a robust platform for macOS threat detection and remediation. 🛡️💻

Source: SentinelOne

Tags: #macOS #Malware #CyberSecurity #XProtect #Infostealers #SocialEngineering #OffensiveSecurity #LOLBins #OpenSource #SentinelOne 🌍🔒🖥️

SentinelOne · macOS Malware 2023 | A Deep Dive into Emerging Trends and Evolving TechniquesApple’s security measures are evolving, but macOS malware is still one step ahead. Learn how to keep the Macs in your fleet safe from attackers.