Credit to Author: Paul Ducklin| Date: Wed, 23 Nov 2022 17:58:19 +0000
Five tips to keep yourself, and your friends and family, out of the clutches of “chopping block” scammers…
Read more
Jamf officially completed its acquisition of Zecops this week. Why is this important and what might it mean to enterprise mobile security? Potentially, a lot.
To get an answer to the question, think about how security has evolved. as the proliferation of mobile devices has made traditional security protections even less effective than they used to be.
Mosyle is ramping up its wares with new security protections for iPhones and iPad adding more fuel to the Apple-in-the-enterprise fire.
The company is unveiling its first endpoint security solution for IT admins overseeing fleets of mobile Apple devices. The idea is that the product, Mosyle Hardening and Compliance, ensures that employee devices are protected, compliant, and following the latest cybersecurity benchmarks.
It’s time to audit your code, as it appears that some no/low code features used in iOS or Android apps may not be as secure as you thought. That’s the big take away from a report explaining that disguised Russian software is being used in apps from the US Army, CDC, the UK Labour party, and other entities.
What’s at issue is that code developed by a company called Pushwoosh has been deployed within thousands of apps from thousands of entities. These include the Centers for Disease Control and Prevention (CDC), which claims it was led to believe Pushwoosh was based in Washington when the developer is, in fact, based in Siberia, Reuters explains. A visit to the Pushwoosh Twitter feed shows the company claiming to be based in Washington, DC.
Credit to Author: Paul Ducklin| Date: Thu, 10 Nov 2022 01:49:12 +0000
Not a zero-day, but important enough for a quick-fire patch to one system library…
Read more
Credit to Author: Paul Ducklin| Date: Mon, 24 Oct 2022 23:03:13 +0000
Ventura hits the market with 112 patches, Catalina’s gone missing, and iPhones and iPads get a critical kernel-level zero-day patch…
Read moreCategories: News Tags: a week in security Tags: week in security Tags: AI Bill of Rights Tags: Final Fantasy XIV Tags: Lock and Code S03E21 Tags: Meta Tags: WhatsApp Tags: ransomware Tags: tax scam Tags: Chinese APT Tags: Android Tags: Chrome Tags: iOS Tags: managed detection response Tags: MDR Tags: disinformation Tags: FBI Tags: CISA The most important and interesting computer security stories from the last week. |
The post A week in security (October 10 – 16) appeared first on Malwarebytes Labs.
Read moreCategories: News Tags: VPN Tags: iOS Tags: Android Tags: tunnel Tags: captive portal Tags: leak Tags: anonymity “Block connections without VPN” doesn’t block all connections without a VPN and “Always on VPN” isn’t always on. |
The post Android and iOS leak some data outside VPNs appeared first on Malwarebytes Labs.
Read more
Credit to Author: Paul Ducklin| Date: Thu, 13 Oct 2022 16:37:10 +0000
Have your say on three deep questions posed by this week’s podcast. Read or listen as suits you best…
Read more
Credit to Author: Paul Ducklin| Date: Tue, 11 Oct 2022 00:28:03 +0000
The problem with crashy messaging apps is that *other people* get to choose if and when to send you messages…
Read more