Overview
Explore a detailed security conference talk that delves into RustBucket malware analysis on macOS, presented by security experts Jaron Bradley and Ferdous Saljooki. Learn about the multi-stage malware attributed to the BlueNoroff APT group, including detection methodologies, backdoor component analysis, and practical threat-hunting techniques. Discover insights into the malware's behavior, campaign strategies, and defensive measures for identifying suspicious activities in macOS environments. Get introduced to SpriteTree, a new visualization tool that leverages Apple's SpriteKit Framework to interact with ESLogger data exports. Benefit from the extensive experience of Bradley, author of OS X Incident Response Scripting and Analysis, and Saljooki, a Detection Developer at Jamf, as they share their expertise in Unix-based intrusions and macOS security research.
Syllabus
#OBTS v6.0: A Journey into Reversing RustBucket on macOS - Jaron Bradley & Ferdous Saljooki
Taught by
Objective-See Foundation