Incident Response on macOS - Thomas Reed
Offered By: YouTube
Course Description
Overview
Explore incident response techniques for macOS in this 51-minute conference talk from Derbycon 2019. Delve into data collection methods, including PICT data collection and basic_info.txt. Learn about analyzing persistence mechanisms, browser histories, install history, and process information. Examine suspicious behavior through detailed walkthroughs and timelines of real-world malware examples such as Wirenet, Mokes, BirdMiner, and FruitFly. Gain valuable insights into detecting and responding to security incidents on Apple's operating system.
Syllabus
Intro
What are we talking about?
How do we collect IR data?
PICT data collection
basic_info.txt
Persistence
Browser histories
Install history
Process info
Suspicious behavior
Wirenet walkthrough
Wirenet timeline
Mokes walkthrough
Mokes timeline
BirdMiner walkthrough
BirdMiner timeline
FruitFly walkthrough
FruitFly timeline
Related Courses
Malicious Software and its Underground Economy: Two Sides to Every StoryUniversity of London International Programmes via Coursera Palo Alto Networks Cybersecurity Essentials II
Palo Alto Networks via Coursera Introducción al Análisis del Malware en Windows
National Technological University – Buenos Aires Regional Faculty via Miríadax Android Malware Analysis - From Zero to Hero
Udemy How to Create and Embed Malware (2-in-1 Course)
Udemy