Jamf VP explains enterprise security threats — and how to mitigate them

Apple-focused device management and security vendor Jamf today published its Security 360: Annual Trends report, which reveals the five security tends impacting organizations running hybrid work environments. As it is every year, the report is interesting, so I spoke to Michael Covington, vice president of portfolio strategy, for more details about what the company found this year.

First, here’s a brief rundown of some of the salient points in the report:

To read this article in full, please click here

Read more

Maybe one day every platform will be as secure as Apple

A look at the Biden Administration’s recently updated National Cybersecurity Strategy document seems to reflect some of the approaches to cybercrime Apple already employs. 

Take privacy, for example. The proposal suggests that privacy protection will no longer be something big tech can argue against – companies will be required to prioritize privacy. That’s fine if you run a business that does not require wholesale collection and analysis of user information, which has always been Apple’s approach. The best way to keep information private, the company argues, is not to collect it at all.

To read this article in full, please click here

Read more

For Apple’s enterprise success, endpoint management is the new black

Yet more data shows the acceleration of Mac adoption in the business world.

Okta’s recent Businesses at Work 2023 report shared numerous insights into the state of enterprise IT. One in particular grabbed my attention: endpoint management and security tools have become the most popular category of security product across the enterprise, with some players achieving really significant growth, partly on the back of their Mac support.

The data: Jamf Pro has seen 428% customer growth across the last four years, while smaller vendor Kandji experienced a 172% increase in its customer base in just the last year.

To read this article in full, please click here

Read more

Apple’s MFi scheme for USB-C is a good thing

Apple appears poised to make it more difficult to use cheap USB-C cables with its devices, and while it may well make a few dollars more from the purported plan, there are also good reasons to put the system in place.

Apple got to make a dollar or two

The claim is that Apple plans to replace Lightning ports and cables with USB-C in the iPhone 15, and when it does it will introduce a Made For iPhone (MFi) scheme for such products.  The idea is that consumers will be able to purchase cables and other devices in full confidence that they will be compatible with their iPhone.

To read this article in full, please click here

Read more

iPhone users targeted in phone AND data theft campaign

Categories: News

Tags: iPhone theft

Tags: passcode theft

Tags: iPhone and passcode theft

Tags: Apple

Tags: shoulder surfing

Tags: social engineering

When is an iPhone theft not just an iPhone theft? When the user’s Apple ID and more, goes with it.

(Read more…)

The post iPhone users targeted in phone AND data theft campaign appeared first on Malwarebytes Labs.

Read more

Hard-to-spot Mac crypto-mining threat, XMRig, hits Pirate Bay

A new family of Mac malware that spreads through pirated versions of Final Cut Pro, Photoshop, and other key creative apps has been identified by the Threat Labs team at Jamf.

The new XMRig threat is a subtle cryptocurrency mining attack that has evaded detection for months.

Piracy is bad karma, but good crypto

XMRig proliferates by attaching itself to pirated copies of creative applications, including versions of Final Cut Pro, Logic Pro X, and Adobe Photoshop. That’s the kind of “knock-off” Mac application you frequently find being distributed across peer to peer networks.

To read this article in full, please click here

Read more

iPhone calendar spam: What it is, and how to remove it

Categories: Awareness

Categories: News

Categories: Scams

Tags: iPhone

Tags: calendar

Tags: spam

Tags: iOS

Tags: mobile

Tags: device

Tags: ad

Tags: advert

Tags: popup

Tags: permission

Tags: remove

Tags: notification

Tags: Apple

Is your iPhone claiming that you’ve been hacked, your phone isn’t protected, or that viruses have damaged it? It could be calendar spam.

(Read more…)

The post iPhone calendar spam: What it is, and how to remove it appeared first on Malwarebytes Labs.

Read more

Update now! February’s Patch Tuesday tackles three zero-days

Categories: Exploits and vulnerabilities

Categories: News

Tags: patch Tuesday

Tags: Microsoft

Tags: Apple

Tags: Adobe

Tags: SAP

Tags: Citrix

Tags: Cisco

Tags: Atlassian

Tags: Google

Tags: Mozilla

Tags: Forta

Tags: OpenSSH

Tags: CVE-2023-21823

Tags: CVE-2023-21715

Tags: OneNote

Tags: CVE-2023-23376

Tags: CVE-2023-21706

Tags: CVE-2023-21707

Tags: CVE-2023-21529

Tags: CVE-2023-21716

Tags: CVE-2023-23378

Tags: CVE-2023-22501

Tags: CVE-2023-24486

Tags: CVE-2023-24484

Tags: CVE-2023-24484

Tags: CVE-2023-24483

Tags: CVE-2023-25136

Tags: GoAnywhere

Microsoft has released updates to patch three zero-days and lots of other vulnerabilities and so have several other vendors

(Read more…)

The post Update now! February’s Patch Tuesday tackles three zero-days appeared first on Malwarebytes Labs.

Read more