For a long time, Mac security threats weren’t a top of mind concern for security teams and vendors, who primarily focused on securing Windows where they had a much larger footprint. Now, many employees are using Macs to access production infrastructure, presenting new avenues for attackers to exploit.
As attackers continually evolve their tactics, the arsenal of tools at hand for defenders needs to respond to attacker complexity while still enabling day-to-day business to happen.
When it comes to detecting malware, the arms race between attackers and defenders is certainly nothing new. The once seemingly simple battle between nuisance script kiddie worms and simple anti-virus software evolved over time into a much more complex and layered approach towards stopping powerful weapons against organizations to extort, incur damages, and steal intellectual property. For a long time now, malware-detection technologies have become more sophisticated as malware works harder than ever to gain access to a target machine and then conceal its presence as it runs.
MITRE ATT&CK is a trusted tool in the arsenal of many security teams. When it comes to endpoint security, analysts need to stay proactive to ensure their organization remains resolute in the face of growing threats.