Hey Reader,
Today I didn't have the time I needed to get a test kitchen done so I decided to take this opportunity to point you towards another great blog you should be reading with a different focus.
Sarah Edwards over at the Mac4n6 blog has started a series on the apple unified audit logging. If you have not been diving deep in your MacOS/Osx/Whatever they call it now analysis by looking into the data that unified audit logs provide your missing out.
Many examiners look at MacOS as a BSD operating system and just look at syslog, forgetting that there is a whole scaffold of another OS layered on top with its own logging. Apple's Unified Audit Logging is a moving target as they are notoriously not backwards compatible, I mean who else force upgrades file systems?
So do yourself a favor and check out Sarah's blog below:
https://www.mac4n6.com/blog/2020/4/19/introducing-analysis-of-apple-unified-logs-quarantine-edition-entry-0
Also Read: Daily Blog #679
Today I didn't have the time I needed to get a test kitchen done so I decided to take this opportunity to point you towards another great blog you should be reading with a different focus.
Sarah Edwards over at the Mac4n6 blog has started a series on the apple unified audit logging. If you have not been diving deep in your MacOS/Osx/Whatever they call it now analysis by looking into the data that unified audit logs provide your missing out.
Many examiners look at MacOS as a BSD operating system and just look at syslog, forgetting that there is a whole scaffold of another OS layered on top with its own logging. Apple's Unified Audit Logging is a moving target as they are notoriously not backwards compatible, I mean who else force upgrades file systems?
So do yourself a favor and check out Sarah's blog below:
https://www.mac4n6.com/blog/2020/4/19/introducing-analysis-of-apple-unified-logs-quarantine-edition-entry-0
Also Read: Daily Blog #679
