Ted Reed

  • Facebook Open-Sourced Security Tool osquery in Action

    … for their static IOCs (indicators of compromise): Better yet, you can generically detect WireLurker or other persistent malware using launchd and the following scheduled query, which will keep track of new, unique additions to your infrastructure: This method has the distinct advantage of detecting malicious applications like WireLurker based…

    David Cohen/ AllFacebookin Social- 8 readers -