2 Commits

Author	SHA1	Message	Date
Florian Roth	f73324aa1a	Minor adjustments in gen_malware_MacOS_plist_suspicious rule	2018-12-16 10:10:42 +01:00
John Lambert	bd8185482f	Detect suspicious MacOS launch agent config files ... plist files contain configuration for user-specific background jobs in OSX. Malware abuses this feature for persistence. Coin miners have been seen to use this feature as well.	2018-12-14 13:55:31 -08:00