Douglas WilsoninUptycs6 tasks for macOS system monitoringOsquery offers introspection capabilities for macOS that were previously difficult to achieve. Osquery uses a universal agent to collect…Nov 14, 2018Nov 14, 2018
Douglas WilsoninUptycsOsquery In Action: Where and When to Apply “Threat Intel”So, what does Threat Intelligence mean? Ask a variety of people, and they will give you a variety of responses — IOCs, IOAs, File Hashes…Jul 19, 2018Jul 19, 2018
Douglas WilsoninUptycsSQL introduction for osquerySQL (Standard Query Language) will be in its mid-forties later this month having been introduced by its creators Donald Chamberlin and…May 3, 2018May 3, 2018
Douglas WilsoninUptycsFinding OSX/CreativeUpdater with osqueryThe first week of February 2018 has seen another piece of macOS malware — this time a cryptominer masquerading as several different…Feb 5, 2018Feb 5, 2018
Douglas WilsoninUptycsFinding OSX/MaMi with osquerySeeing on Twitter that Patrick Wardle (a must follow for macOS security!) may have found his first piece of macOS malware for 2018, I…Jan 12, 2018Jan 12, 2018
Douglas WilsoninUptycsQuick update to #iamroot issuesFurther updates in the #iamroot saga have shown a confusing set of responses from Apple that invalidate some of what I posted earlier, and…Dec 6, 2017Dec 6, 2017
Douglas WilsoninUptycsIdentifying #iamroot issues with osquery (blank password vuln in macOS 10.13.1)Update: Apple has released a somewhat confusing set of security updates, which invalidates some of what I have posted here. I will update…Nov 30, 2017Nov 30, 2017