As Remy Baumgarten proceeds with his presentation of Mach-O Viz, a solution for Mac OS X and iOS malware analysis, he dwells on the tool’s entire feature set broken into a variety of options for generating and viewing visualized data about a file of interest. Also, the expert provides a demo of how the application handles the samples of code for some known Mac malware.
Remy Baumgarten from ANRC Services took the floor at Defcon 21 Conference to tell the audience about a new tool called Mach-O Viz which was designed for Mac malware analysis. In particular, the expert focuses on specific capabilities built into the software, its GUI structure, and visualization benefits it provides.
This article is intended to shed light upon the useful features of the new iOS 7 platform which many Apple users may not yet know about although they are there. We have singled out the top 10 hidden features that significantly facilitate managing your device and make it a yet handier thing in terms of everyday use. So get ready to learn about the iOS 7 capabilities you will definitely love after reading this review of ours.
Providing a yet deeper insight into methods for avoiding forensics while using Mac OS X, the Grugq enumerates several more attack vectors, including those associated with zero width Unicode, application file formats, browser cookies and SQLite. In conclusion, the researcher highlights some essential anti-forensics recommendations overall, and answers a few questions from the HIRBSecConf attendees on the topic.
Continuing the review of Mac OS X in the context of anti-forensics methodology, the Grugq delves here into file system attacks, in particular focusing on exploitable aspects of HFS+. The researcher provides an analysis of this file system’s components and makes an insight into the essence of B*tree nodes and data forks, singling out the ways to use those while conducting HFS+ attacks.
The Grugq, a well-known anti-forensics researcher with substantial computer security background, outlines the key issues related to counter-forensics for the OS X platform while participating in HIRBSecConf event. During this presentation entitled “How the Leopard Hides His Spots”, the Grugq, in particular, describes the techniques that help evade application-level file format attacks, HFS-specific attacks, SQLite-based attacks, etc., based on his previous experience.