Evaluating YARA Rules for macOS Malware Hunting
ID: 0fd56336-e608-5b3e-a4d0-04a1c8149317
STIX ID: report--0fd56336-e608-5b3e-a4d0-04a1c8149317
Feed Name: ReversingLabs Blog
Threat Score
This report outlines YARA rule best practices for detecting macOS malware, contrasts autogenerated and human-written rules, and demonstrates using Spectra Analyze to retrohunt the Bundlore family (yielding a small number of historical matches); it recommends combining automated and manual rule development and ongoing rule refinement.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.