How to Blue Team: Detecting Weaponized Office Documents on Apple Macs (OS X)
Introduction to How to Blue Team: There’s a lot of documents on how to use pen testing tools, how to crack, hack and break into things. Not a lot is written on how to detect these things, especially at the “Enterprise” level where a lot of the blog posts seem to give use cases that do not scale well. So,