Apple finally adds encryption to iCloud backups

Apple today introduced several new security features focused on fending off threats to user data in the cloud, including end-to-end encryption for backups for iCloud users.

Along with end-to-end encryption for iCloud, Apple’s cloud storage and computing platform, the company announced iMessage Contact Key Verification, allowing users to verify they are communicating only with whom they intend.

apple advanced security advanced data protection inline.jpg.large Apple

Apple also announced hardware Security Keys for Apple ID, giving users the choice to require two-factor authentication to sign into their Apple ID account. (Hardware security keys use devices, such as USB thumb drives or near-field communication (NFC) dongles, to enable access to a service or application.)

To read this article in full, please click here

Read more

AWS brings Verified Access security to the Apple enterprise

Read more

The future of security: smarter devices that protect themselves

Read more

Why Macs and iPhones should avoid installing 'orphan' apps

There are many reasons any business with a connected fleet of tech products needs robust security policies in place. But the need to protect the enterprise against vulnerabilities inherited with third-party software must be among the biggest motivators. While I shouldn’t need to convince Computerworld readers to keep things locked down, I want to reprise two recent reports to reinforce the warning.

Half of all macOS malware comes from one app

Elastic Security Labs (via 9to5Mac) recently estimated that half of all macOS malware is installed as a result of poor management of the MacKeeper utility app. The report said almost 50% of Mac malware arrives through its installation.

To read this article in full, please click here

Read more

Mosyle brings new iPhone, iPad endpoint security options

Mosyle is ramping up its wares with new security protections for iPhones and iPad adding more fuel to the Apple-in-the-enterprise fire.

Hardening and compliance options for iPhones and iPads

The company is unveiling its first endpoint security solution for IT admins overseeing fleets of mobile Apple devices. The idea is that the product, Mosyle Hardening and Compliance, ensures that employee devices are protected, compliant, and following the latest cybersecurity benchmarks.

To read this article in full, please click here

Read more

Do you really know what’s inside your iOS and Android apps?

It’s time to audit your code, as it appears that some no/low code features used in iOS or Android apps may not be as secure as you thought. That’s the big take away from a report explaining that disguised Russian software is being used in apps from the US Army, CDC, the UK Labour party, and other entities.

When Washington becomes Siberia

What’s at issue is that code developed by a company called Pushwoosh has been deployed within thousands of apps from thousands of entities. These include the Centers for Disease Control and Prevention (CDC), which claims it was led to believe Pushwoosh was based in Washington when the developer is, in fact, based in Siberia, Reuters explains. A visit to the Pushwoosh Twitter feed shows the company claiming to be based in Washington, DC.

To read this article in full, please click here

Read more