YARA
2024
CloudChat Cashes Out: Who Needs a C2 Anyways
macOS
Infostealers
Malware
RE
CTI
YARA
Binary Ninja
The CloudChat infostealer returns, worse in almost everyway except that now the second stage is encrypted! Yipee!
The Secrets of XProtectRemediator
Binary Ninja
Malware
RE
CTI
YARA
macOS
A primer on macOS security internals and reverse engineering macOS’ XProtectRemediators to extract ‘secret’ YARA rules!