The Art of Mac Malware, Volume 2

Dekorationsartikel gehören nicht zum Leistungsumfang.

Sprache: Englisch

42,45 €

inkl. MwSt.

Versandkostenfrei per Post / DHL

auf Lager, Lieferzeit 1-2 Werktage

Kategorien:

Beschreibung

This first-of-its-kind guide to detecting stealthy Mac malware gives you the tools and techniques to counter even the most sophisticated threats targeting the Apple ecosystem.

As renowned Mac security expert Patrick Wardle notes in The Art of Mac Malware, Volume 2, the substantial and growing number of Mac users, both personal and enterprise, has created a compelling incentive for malware authors to ever more frequently target macOS systems. The only effective way to counter these constantly evolving and increasingly sophisticated threats is through learning and applying robust heuristic-based detection techniques.

To that end, Wardle draws upon decades of experience to guide you through the programmatic implementation of such detection techniques. By exploring how to leverage macOS’s security-centric frameworks (both public and private), diving into key elements of behavioral-based detection, and highlighting relevant examples of real-life malware, Wardle teaches and underscores the efficacy of these powerful approaches.

Across 14 in-depth chapters, you’ll learn how to:

Capture critical snapshots of system state to reveal the subtle signs of infection
Enumerate and analyze running processes to uncover evidence of malware
Parse the macOS’s distribution and binary file formats to detect malicious anomalies
Utilize code signing as an effective tool to identify malware and reduce false positives
Write efficient code that harnesses the full potential of Apple’s public and private APIs
Leverage Apple’s Endpoint Security and Network Extension frameworks to build real-time monitoring tools

This comprehensive guide provides you with the knowledge to develop tools and techniques, and to neutralize threats before it’s too late.

Capture critical snapshots of system state to reveal the subtle signs of infection
Enumerate and analyze running processes to uncover evidence of malware
Parse the macOS’s distribution and binary file formats to detect malicious anomalies
Utilize code signing as an effective tool to identify malware and reduce false positives
Write efficient code that harnesses the full potential of Apple’s public and private APIs
Leverage Apple’s Endpoint Security and Network Extension frameworks to build real-time monitoring tools

This comprehensive guide provides you with the knowledge to develop tools and techniques, and to neutralize threats before it’s too late.

Über den Autor

Patrick Wardle

Inhaltsverzeichnis

Foreword
Acknowledgments
Introduction

Part I: Data Collection
Chapter 1. Examining Processes
Chapter 2. Parsing Binaries
Chapter 3. Code Signing
Chapter 4. Network State and Statistics
Chapter 5. Persistence

Part II: System Monitoring
Chapter 6. Log Monitoring
Chapter 7. Network Monitoring
Chapter 8. Endpoint Security
Chapter 9: Muting and Authorization Events

Part III: Tool Creation
Chapter 10: Persistence Enumerator
Chapter 11: Persistence Monitor
Chapter 12: Mic and Webcam Monitor
Chapter 13: DNS Monitor
Chapter 14. Case Studies

Index

Erscheinungsjahr:	2025
Fachbereich:	Datenkommunikation, Netze & Mailboxen
Genre:	Importe , Informatik
Rubrik:	Naturwissenschaften & Technik
Medium:	Taschenbuch
Inhalt:	Einband - flex.(Paperback)
ISBN-13:	9781718503786
ISBN-10:	1718503784
Sprache:	Englisch
Einband:	Kartoniert / Broschiert
Autor:	Wardle, Patrick
Hersteller:	Random House LLC US No Starch Press
Verantwortliche Person für die EU:	Springer Fachmedien Wiesbaden GmbH, Postfach:15 46, D-65189 Wiesbaden, info@bod.de
Maße:	233 x 180 x 25 mm
Von/Mit:	Patrick Wardle
Erscheinungsdatum:	25.02.2025
Gewicht:	0,713 kg