I published the following diary on isc.sans.edu: “Malicious Python Code and LittleSnitch Detection“:
We all run plenty of security tools on our endpoints. Their goal is to protect us by preventing infection (or trying to prevent it). But all those security tools are present on our devices like normal applications and are, therefore, easy to detect. Techniques to detect the presence of such security tools are multiple… [Read more]