Homeland Security confirms your privacy is no longer safe

The big problem with privacy is that once you relinquish some of it, you never get it back. What makes it worse is when those who are supposed to protect your rights choose to undermine them. When they do so, they eat away at the thin protections we should all enjoy in the digital age.

US agencies’ illegal use of smartphone data

These are some of the reasons to be so concerned to learn from a newly released US Department of Homeland Security report that multiple US government agencies illegally used smartphone location data, breaching privacy regulations as they did. To do this, they purchased smartphone location data, including Advertising Identifiers (AdIDs) from data brokers that had been harvested from a wide range of apps.

To read this article in full, please click here

Read more

Update now! Apple patches vulnerabilities on iPhone and iPad

Categories: Exploits and vulnerabilities

Categories: News

Tags: Apple

Tags: iOS

Tags: iPad

Tags: 17.0.3

Tags: CVE-2023-42824

Tags: CVE-2023-5217

Apple has issued an emergency update to patch two vulnerabilities, including an actively exploited one.

(Read more…)

The post Update now! Apple patches vulnerabilities on iPhone and iPad appeared first on Malwarebytes Labs.

Read more

Are you looking forward to the new age of mobile app insecurity?

A contact recently told me that Apple handles thousands of inquiries from people who have forgotten or misplaced their Apple ID logins every day. That’s probably why Apple recently made it easier to access your Apple ID using any known email address.

But Apple reps are also inundated with requests related to third-party apps over which they have no control. As the EU looks to force Apple into allowing apps from alternative app stores onto its devices, a practice known as sideloading, the user experience with Apple devices — and the flood of inquiries and complaints — is about to get much, much worse.

To read this article in full, please click here

Read more

Message to IT: Yes, you should install Apple security updates

Read more

Zero trust and why it matters to the Apple enterprise

Once upon a time, digital business sat inside the security perimeter. Devices were kept in offices, shared the same network, and were protected by antivirus software, firewalls, and software updates. This system wasn’t perfect and became increasingly specialized, with security teams, networking teams, and others all working in different sectors.

With mobility, this changed. Devices were unleashed from their locations, used their own networks, and stood outside of traditional corporate endpoint protection.

The pandemic accelerated these changes, fostering the evolution of innovative security protections outside of traditional perimeters, such as around zero-trust. The global zero trust security market is now expected to reach $99 billion by 2030, up from $23 billion in 2021.

To read this article in full, please click here

Read more

Pegasus spyware and how it exploited a WebP vulnerability

Categories: Android

Categories: Apple

Categories: Exploits and vulnerabilities

Tags: Pegasus

Tags: spyware

Tags: nso

Tags: webp

Tags: libwebp

Tags: buffer overflow

The company behind the infamous Pegasus spyware used a vulnerability in almost every browser to plant their malware on victim’s devices.

(Read more…)

The post Pegasus spyware and how it exploited a WebP vulnerability appeared first on Malwarebytes Labs.

Read more

Emergency update! Apple patches three zero-days

Categories: Exploits and vulnerabilities

Categories: News

Tags: Apple

Tags: emergency

Tags: update

Tags: CVE-2023-41991

Tags: CVE-2023-41992

Tags: CVE-2023-41993

Apple has released patches for three zero-day vulnerabilities that may have been actively exploited.

(Read more…)

The post Emergency update! Apple patches three zero-days appeared first on Malwarebytes Labs.

Read more

Jamf: Generative AI is coming to an Apple IT admin near you

Imagine running fleets of iPhones that alert you when unexpected security-related incidents take place, or when otherwise legitimate service requests arrive from devices at an unexpected time or location. Imagine management and security software that not only identified these kinds of anomalies but gave you useful advice to help remediate the problem.

This, and more, is the kind of protection Jamf hopes to deliver using generative AI tools.

Generative IT for Apple admins

Jamf believes generative AI can be a big benefit to tech support and IT admin, and talked about its efforts at the end of an extensive Jamf Nation User Conference (JNUC) keynote. Akash Kamath, the company’s senior vice president, engineering, explained that just as the Mac made computing personal, genAI makes AI personal.

To read this article in full, please click here

Read more

Upgrading your iPhone? Read this first

Categories: Apple

Categories: News

Tags: Wonderlust

Tags: iPhone

Tags: iCloud

Tags: backup

Tags: 2FA

Tags: Apple D

Tags: trusted device

Has the launch of the iPhone 15 triggered a yearning to upgrade to a new model? Here are some tips to consider during transfer.

(Read more…)

The post Upgrading your iPhone? Read this first appeared first on Malwarebytes Labs.

Read more