This newsletter is distributed thanks to our sponsors, Endgame and Nok Nok. Today I want to highlight this blog post on how Endgame’s MalwareScore engine works and some of how it was constructed, along with the announcement that it is now available for MacOS. The engine examines executable files for exploits, and required an entirely new data structure to handle the Mac file formats because of the changes in Mac CPU families down through the years. For malware hunters it makes for some fascinating reading. Given the rise of MacOS-based malware (the McAfee Threat report cited below shows a 240 percent increase during 2017), this is a timely effort.
-- David Strom, editor of Inside Security