Are you looking forward to the new age of mobile app insecurity?

A contact recently told me that Apple handles thousands of inquiries from people who have forgotten or misplaced their Apple ID logins every day. That’s probably why Apple recently made it easier to access your Apple ID using any known email address.

But Apple reps are also inundated with requests related to third-party apps over which they have no control. As the EU looks to force Apple into allowing apps from alternative app stores onto its devices, a practice known as sideloading, the user experience with Apple devices — and the flood of inquiries and complaints — is about to get much, much worse.

To read this article in full, please click here

Read more

Message to IT: Yes, you should install Apple security updates

Read more

Zero trust and why it matters to the Apple enterprise

Once upon a time, digital business sat inside the security perimeter. Devices were kept in offices, shared the same network, and were protected by antivirus software, firewalls, and software updates. This system wasn’t perfect and became increasingly specialized, with security teams, networking teams, and others all working in different sectors.

With mobility, this changed. Devices were unleashed from their locations, used their own networks, and stood outside of traditional corporate endpoint protection.

The pandemic accelerated these changes, fostering the evolution of innovative security protections outside of traditional perimeters, such as around zero-trust. The global zero trust security market is now expected to reach $99 billion by 2030, up from $23 billion in 2021.

To read this article in full, please click here

Read more

Pegasus spyware and how it exploited a WebP vulnerability

Categories: Android

Categories: Apple

Categories: Exploits and vulnerabilities

Tags: Pegasus

Tags: spyware

Tags: nso

Tags: webp

Tags: libwebp

Tags: buffer overflow

The company behind the infamous Pegasus spyware used a vulnerability in almost every browser to plant their malware on victim’s devices.

(Read more…)

The post Pegasus spyware and how it exploited a WebP vulnerability appeared first on Malwarebytes Labs.

Read more

Emergency update! Apple patches three zero-days

Categories: Exploits and vulnerabilities

Categories: News

Tags: Apple

Tags: emergency

Tags: update

Tags: CVE-2023-41991

Tags: CVE-2023-41992

Tags: CVE-2023-41993

Apple has released patches for three zero-day vulnerabilities that may have been actively exploited.

(Read more…)

The post Emergency update! Apple patches three zero-days appeared first on Malwarebytes Labs.

Read more

Jamf: Generative AI is coming to an Apple IT admin near you

Imagine running fleets of iPhones that alert you when unexpected security-related incidents take place, or when otherwise legitimate service requests arrive from devices at an unexpected time or location. Imagine management and security software that not only identified these kinds of anomalies but gave you useful advice to help remediate the problem.

This, and more, is the kind of protection Jamf hopes to deliver using generative AI tools.

Generative IT for Apple admins

Jamf believes generative AI can be a big benefit to tech support and IT admin, and talked about its efforts at the end of an extensive Jamf Nation User Conference (JNUC) keynote. Akash Kamath, the company’s senior vice president, engineering, explained that just as the Mac made computing personal, genAI makes AI personal.

To read this article in full, please click here

Read more

Upgrading your iPhone? Read this first

Categories: Apple

Categories: News

Tags: Wonderlust

Tags: iPhone

Tags: iCloud

Tags: backup

Tags: 2FA

Tags: Apple D

Tags: trusted device

Has the launch of the iPhone 15 triggered a yearning to upgrade to a new model? Here are some tips to consider during transfer.

(Read more…)

The post Upgrading your iPhone? Read this first appeared first on Malwarebytes Labs.

Read more

iPhone 15 launch: Wonderlust scammers rear their heads

Categories: Personal

Tags: apple

Tags: wanderlust

Tags: cryptocurrency

Tags: event

Tags: BTC

Tags: ETH

Tags: fake

We take a look at a cryptocurrency scam riding on the coat tails of the Apple Wonderlust event.

(Read more…)

The post iPhone 15 launch: Wonderlust scammers rear their heads appeared first on Malwarebytes Labs.

Read more

Patch now! September Microsoft Patch Tuesday includes two actively exploited zero-days

Categories: Business

Categories: Exploits and vulnerabilities

Categories: News

Tags: Microsoft

Tags: Adobe

Tags: Android

Tags: Apple

Tags: Chrome

Tags: SAP

Tags: Exchange

Tags: Visual Studio

Tags: CVE-2023-36761

Tags: CVE-2023-36802

Tags: CVE-2023-29332

Tags: Azure

Microsoft’s September 2023 Patch Tuesday is another important one. It patches two vulnerabilities which are known to be actively exploited.

(Read more…)

The post Patch now! September Microsoft Patch Tuesday includes two actively exploited zero-days appeared first on Malwarebytes Labs.

Read more