Dark Matter researcher Taha Karim recently presented his research on the APT group WindShift at Hack in the Box Singapore. This group primarily focuses on highly targeted campaigns directed toward Middle Eastern government and commercial entities. One of the custom macOS backdoors employed by this group has been named WindTail and is typically delivered via email in a zip file containing an application masquerading as an Office document.