Episode 368: The Latest on MITRE ATT&CK with Cat Self

In this episode, we’ll talk about security, ATT&CK, and the changing landscape of Mac security with one of our favoritest guests, Cat Self.

Hosts:

• Tom Bridge, Director of Product Management, Devices, JumpCloud – @tbridge@theinternet.social
• Marcus Ransom, Senior Sales Engineer, Jamf – @marcusransom

Guests:

• Cat Self, Adversary Emulation Engineer, Mitre – LinkedIn

Links:

• MITRE ATT&CK®
• Getting Started with ATT&CK (video)
• ATT&CK Framework v15 Update Log
• What is STIX/TAXII? | Cloudflare
• Blog on pulling MITRE ATT&CK data sources with JuypterLab
• Malware Unicorn: Dylib Injection Attacks
• Atomic Red Team Tests
• I created Lutherans
• Atomic Test Harness
• zScaler Advisories
• https://x.com/Technop54777070/status/1788603343843074187
• Claimed by hackers, Zscaler says there’s no impact or compromise | Cybernews 
• The ESF Playground – The Mitten Mac
• A Deep Dive into the OceanLotus Adversary Emulation for macOS & Linux 
• https://github.com/center-for-threat-informed-defense/adversary_emulation_library/blob/master/ocean_lotus/Emulation_Plan/OceanLotus_Scenario.md

Listen:

Sponsors:

Patreon Sponsors:

The Mac Admins Podcast has launched a Patreon Campaign! Our named patrons this month include Weldon Dodd, Damien Barrett, Justin Holt, Chad Swarthout, William Smith, Stephen Weinstein, Seb Nash, Dan McLaughlin, Joe Sfarra, Nate Cinal, Jon Brown, Dan Barker, Tim Perfitt, Ashley MacKinlay, Tobias Linder Philippe Daoust, AJ Potrebka, Adam Burg, & Hamlin Krewson

Sponsor the Mac Admins Podcast:

If you’re interested in sponsoring the Mac Admins Podcast, please email sponsor@macadminspodcast.com for more information.

Social Media:

Get the latest about the Mac Admins Podcast, follow us on Twitter! We’re @MacAdmPodcast!