Apple – Page 7 – PossibleThreat Articles

Microsoft today issued software updates to fix at least five dozen security holes in Windows and supported software, including patches for two zero-day vulnerabilities that are already being exploited. Also, Adobe, Google Chrome and Apple iOS users may have their own zero-day patching to do.

ComputerWorld Independent

Message to IT: Update all your Apple devices right away

September 8, 2023 0 Comments Apple, iOS, MacOS, Mobile, Security, small and medium business

Apple has pushed out an essential security update to defend against yet another attack by an out-of-control mercenary surveillance group.

Like a bad smell, NSO Group has clawed its way back into the spotlight with yet another unprincipled attack against free speech and citizens’ rights, as revealed by Citizen Lab. The security researchers found this latest example of a sinister, yet egregious zero-click attack while checking the device of an “Individual employed by a Washington DC-based civil society organization with international offices.”

To read this article in full, please click here

MalwareBytes Security

Mac users targeted in new malvertising campaign delivering Atomic Stealer

September 6, 2023 0 Comments amos, Apple, atomic stealer, Crypto, mac, malvertising, threat intelligence, wallets

Categories: Threat Intelligence

Tags: amos

Tags: apple

Tags: malvertising

Tags: atomic stealer

Tags: wallets

Tags: crypto

Tags: mac

While malvertising delivering infostealers has largely been a Windows problem, Mac users are getting targeted as well.

ComputerWorld Independent

With BYOD comes responsibility — and many firms aren't delivering

August 31, 2023 0 Comments Apple, enterprise mobile management, Mobile, mobile device management, Security, small and medium business

Apple deployments are accelerating across the global enterprise, so it’s surprising that many organizations don’t properly recognize that change. Even when companies put Macs, iPhones, and iPads in the hands of their employees, they are failing to manage these deployments. It’s quite shocking.

That’s the biggest take-away from the latest Jamf research, which warns that almost half of enterprises across Europe still don’t have a formal Bring-Your-Own-Device (BYOD) policy in place. That’s bad, as it means companies have no control over how employees connect and use corporate resources, creating a nice, soft attack surface for criminals and competitors alike.

To read this article in full, please click here

ComputerWorld Independent

New law could turn UK into a hacker's playground

August 25, 2023 0 Comments Apple, Operating Systems, Privacy, Security

It looks as if people are at last waking up to a second extraordinarily dangerous requirement buried within a UK government bill designed to promote the nation as a surveillance state. It means bureaucrats can delay or prevent distribution of essential software updates, making every computer user far less secure.

A poor law

This incredibly damaging limitation is just one of the many bad ideas buried in the UKs latest piece of shoddy tech regulation, the Investigatory Powers Act. What makes the law doubly dangerous is that in the online world, you are only ever as secure as your least secure friend, which means UK businesses will likely suffer by being flagged as running insecure versions of operating systems.

To read this article in full, please click here

ComputerWorld Independent

Jamf Threat Labs subverts iPhone security with fake Airplane Mode

August 17, 2023 0 Comments Apple, iOS, MacOS, Mobile, Security, small and medium business

Fresh security research from Jamf Threat Labs may not reflect an active attack, but it does illustrate the layered complexity of today’s threat environment.

When Airplane mode isn’t Airplane mode

In brief, the researchers have figured out a proof of concept attack that tricks victims into thinking they are using Airplane Mode. However, in reality the attacker has put in place a fake version of that mode that looks normal but lets the attacker maintain access to the device.

This is by no means a straightforward attack and hasn’t been seen in the wild. The exploit is complex and would require an attacker to successfully take control of the target device through a series of exploits, the research claims.

To read this article in full, please click here

ComputerWorld Independent

Researchers build a scary Mac attack using AI and sound

August 8, 2023 0 Comments Apple, Artificial intelligence, computers and peripherals, MacOS, Security

A UK research team based at Durham University has identified an exploit that could allow attackers to figure out what you type on your MacBook Pro — based on the sound each keyboard tap makes.

These kinds of attacks aren’t particularly new. The researchers found research dating back to the 1950s into using acoustics to identify what people write. They also note that the first paper detailing use of such an attack surface was written for the US National Security Agency (NSA) in 1972, prompting speculation such attacks may already be in place.

“(The) governmental origin of AS- CAs creates speculation that such an attack may already be possible on modern devices, but remains classified,” the researchers wrote.

To read this article in full, please click here

ComputerWorld Independent

Apple toughens up app security with API control

July 28, 2023 0 Comments Apple, Data privacy, Privacy, Security, Software Development

Apple is at war with device fingerprinting — the use of fragments of unique device-specific information to track users online. This fall, it will put in place yet another important limitation to prevent unauthorized use of this kind of tech.

Apple at WWDC 2023 announced a new initiative designed to make apps that do track users more obvious while giving users additional transparency into such use. Now it has told developers a little more about how this will work in practice.

To read this article in full, please click here