macOS
2024
The Secrets of XProtectRemediator
Binary Ninja
Malware
RE
CTI
YARA
macOS
A primer on macOS security internals and reverse engineering macOS’ XProtectRemediators to extract ‘secret’ YARA rules!
2023
Revisiting Lazarus' Operation Intercept
Lazarus
Malware
RE
CTI
North Korea
macOS
An analysis of a multi-stage macOS implant which shares a large number of commonalities with Lazarus’ Operation In(ter)ception.