The question is once again, could these ransomware samples be stopped by macOS built-in protection like Gatekeeper and XProtect? That would be interesting to know. I did read that EvilQuest tries to disable security products, but it's not clear which ones. Of course it's no surprise that Microsoft Defender for macOS (enterprise product) stops these samples, since this article is supposed to be a showcase.
Like I said, it's a showcase for M$ products. I guess this stuff is only a problem when these malware samples are still in the zero day stage, which might allow them to bypass stuff like Gatekeeper and XProtect, which aren't exactly super advanced. But they will still of course block most of the ''in the wild'' malware.
Thanks for your input on it @Rasheed187 - I may be at the bottom of the list where concerns anything Apple/Mac yet it would seem rises to some concern when Microsoft doesn't take it likely, even in the interest of it's competitors when it's got to be a good one (potential bypass attack vector)
It isn't the first time that MS warned about serious security bugs in macOS though, see links. Of course they also do this to showcase their knowledge of the macOS and their ability to possibly protect against malware abusing these bugs with Microsoft Defender. I just wish they were a bit better in spotting the security bugs found in Windows LOL. https://www.bleepingcomputer.com/ne...ploit-for-macos-sandbox-escape-vulnerability/ https://www.bleepingcomputer.com/ne...ug-gives-access-to-protected-macos-user-data/ https://www.bleepingcomputer.com/ne...less-bug-lets-hackers-install-macos-rootkits/
