YoVDO

Incident Response on macOS - Thomas Reed

Offered By: YouTube

Tags

DerbyCon Courses Data Analysis Courses Malware Analysis Courses Incident Response Courses Data Collection Courses macOS Security Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore incident response techniques for macOS in this 51-minute conference talk from Derbycon 2019. Delve into data collection methods, including PICT data collection and basic_info.txt. Learn about analyzing persistence mechanisms, browser histories, install history, and process information. Examine suspicious behavior through detailed walkthroughs and timelines of real-world malware examples such as Wirenet, Mokes, BirdMiner, and FruitFly. Gain valuable insights into detecting and responding to security incidents on Apple's operating system.

Syllabus

Intro
What are we talking about?
How do we collect IR data?
PICT data collection
basic_info.txt
Persistence
Browser histories
Install history
Process info
Suspicious behavior
Wirenet walkthrough
Wirenet timeline
Mokes walkthrough
Mokes timeline
BirdMiner walkthrough
BirdMiner timeline
FruitFly walkthrough
FruitFly timeline


Related Courses

Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Palo Alto Networks Cybersecurity Essentials II
Palo Alto Networks via Coursera Introducción al Análisis del Malware en Windows
National Technological University – Buenos Aires Regional Faculty via Miríadax Android Malware Analysis - From Zero to Hero
Udemy How to Create and Embed Malware (2-in-1 Course)
Udemy