Investigating, Containing, and Removing Malware on a Mac

A very basic explanation of incident response and digital forensics — Do as I say not as I do

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

⚙️ Check out my series on Automating Cybersecurity Metrics | Code.

🔒 Related Stories: Apple Mac Security | Network Security | Data Breaches

💻 Free Content on Jobs in Cybersecurity | ✉️ Sign up for the Email List

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Let me start by saying this is not the correct way to do incident response and digital forensics exactly. I could risk infecting my entire network and everything on it the way I’m doing this but I’ve got a fairly tight network. I have a separate more restrictive network for my work that is separate from the other parts of my network.

And hey, I live life on the edge. And in the cloud. Almost everything I have is in the cloud so if I do something bad on this laptop I’ll just rebuild it. Which I plan to do anyway. Also, the particular item I’m researching actually failed to connect.

I am also going to preface this post with that although I am certified in incident response and digital forensics and reverse engineering malware, I’m not going through all those steps completely below. But I’ll explain how it would work and point you in the right direction.