Böcker av Patrick Wardle

A comprehensive guide to the threats facing Apple computers and the foundational knowledge needed to become a proficient Mac malware analyst.Defenders must fully understand how malicious software works if they hope to stay ahead of the increasingly sophisticated threats facing Apple products today. The Art of Mac Malware: The Guide to Analyzing Malicious Software is a comprehensive handbook to cracking open these malicious programs and seeing what’s inside. Discover the secrets of nation state backdoors, destructive ransomware, and subversive cryptocurrency miners as you uncover their infection methods, persistence strategies, and insidious capabilities. Then work with and extend foundational reverse-engineering tools to extract and decrypt embedded strings, unpack protected Mach-O malware, and even reconstruct binary code. Next, using a debugger, you’ll execute the malware, instruction by instruction, to discover exactly how it operates. In the book’s final section, you’ll put these lessons into practice by analyzing a complex Mac malware specimen on your own.You’ll learn to:Recognize common infections vectors, persistence mechanisms, and payloads leveraged by Mac malwareTriage unknown samples in order to quickly classify them as benign or maliciousWork with static analysis tools, including disassemblers, in order to study malicious scripts and compiled binariesLeverage dynamical analysis tools, such as monitoring tools and debuggers, to gain further insight into sophisticated threatsQuickly identify and bypass anti-analysis techniques aimed at thwarting your analysis attemptsA former NSA hacker and current leader in the field of macOS threat analysis, Patrick Wardle uses real-world examples pulled from his original research. The Art of Mac Malware: The Guide to Analyzing Malicious Software is the definitive resource to battling these ever more prevalent and insidious Apple-focused threats.

This first-of-its-kind guide to detecting stealthy Mac malware gives you the tools and techniques to counter even the most sophisticated threats targeting the Apple ecosystem. Macs have become a popular target of cyber-criminals, and there are few effective defenses against these pernicious threats - until now. The second volume of Mac Malware Detection is the first book to cover state-of-the-art programming techniques and security tools for detecting and countering malicious code running on a macOS system. Author Patrick Wardle, a former NSA hacker and a leading authority on macOS threat analysis, shares real-world examples from his own research to reveal the many strategies used by actual malware specimens to evade detection. As you dive deep into the Mac operating system's internals, you'll learn about:Apple's public and private frameworks and APIsHow to build heuristic-based security tools for the macOSUsing the macOS Endpoint Security framework to develop real-time monitoring software Objective-See's suite of anti-malware tools, including KnockKnock, BlockBlock, and OverSightBut this book is not just aimed at practitioners - for anyone interested in understanding the current threats facing the Apple ecosystem, it's a must-read.