Cyber risk and advisory programs that identify security gaps and build strategies to address them.
MDR that provides improved detection, 24/7 threat hunting, end-to-end coverage and most of all, complete Response.
Our team delivers the fastest response time in the industry. Threat suppression within just 4 hours of being engaged.
Be protected by the best from Day 1.
24/7 Threat Investigation and Response.
Expert hunting, research and content.
Defend brute force attacks, active intrusions and unauthorized scans.
Protect assets from ransomware, trojans, rootkits and more.
Intelligence and visibility across AWS, O365, DevOps and more.
Configuration escalations, policy and posture management.
Detects malicious insider behavior leveraging Machine Learning models.
A new malware branded as OSX/MaMi has been actively targeting Mac OS X devices in the wild. This malware uses a technique known as DNS hijacking, which allows the attacker to change a user’s DNS settings, redirecting the internet traffic from the infected device to the attacker. DNS hijacking is used to carry out Man-in-the-Middle (MITM) attacks which can result in information theft, malicious ads or crypto-miners being injected into web traffic. In order to intercept encrypted traffic and maintain persistence on infected devices, OSX/MaMi also installs a new root certificate. Currently, the means of infection remains unknown.
OSX/MaMi appears to be in its development stage. Analysis of the malware showed various other capabilities that have not yet been activated. Future versions of OSX/MaMi are expected to enable the attacker to take screenshots, simulate mouse events, persist as a launch item, download and upload files and execute commands.
For additional information, please see the initial disclosure report . https://objective-see.com/blog/blog_0x26.html