Between new types of malware, egregious bugs, and universal threats like phishing, Macs are not the invulnerable lockboxes Apple once touted. But in thinking about how to defend Macs against a new generation of threats, researchers at the security firm Digita are taking advantage of features Macs already offer, to monitor threats in unexpected ways. And it’s all powered by Apple’s logic engine for videogames.
At the RSA security conference in San Francisco on Tuesday, Digita chief research officer Patrick Wardle is presenting GamePlan, a tool that watches for potentially suspicious events on Macs and flags them for humans to investigate. The general concept sounds similar to other defense platforms, and hooks into detection mechanisms—has a USB stick been inserted into a machine? has someone generated a screen capture? is a program accessing a webcam?—Apple already offers in macOS. But GamePlan, cleverly written with Apple’s GameplayKit framework, collects all of [...]