iOS – Page 7 – PossibleThreat Articles

Mosyle brings new iPhone, iPad endpoint security options

November 16, 2022 0 Comments Apple, iOS, mobile device management, Security

Mosyle is ramping up its wares with new security protections for iPhones and iPad adding more fuel to the Apple-in-the-enterprise fire.

Hardening and compliance options for iPhones and iPads

The company is unveiling its first endpoint security solution for IT admins overseeing fleets of mobile Apple devices. The idea is that the product, Mosyle Hardening and Compliance, ensures that employee devices are protected, compliant, and following the latest cybersecurity benchmarks.

To read this article in full, please click here

ComputerWorld Independent

Do you really know what’s inside your iOS and Android apps?

November 14, 2022 0 Comments Android, Apple, iOS, Mobile, Security, small and medium business, Software Development

It’s time to audit your code, as it appears that some no/low code features used in iOS or Android apps may not be as secure as you thought. That’s the big take away from a report explaining that disguised Russian software is being used in apps from the US Army, CDC, the UK Labour party, and other entities.

When Washington becomes Siberia

What’s at issue is that code developed by a company called Pushwoosh has been deployed within thousands of apps from thousands of entities. These include the Centers for Disease Control and Prevention (CDC), which claims it was led to believe Pushwoosh was based in Washington when the developer is, in fact, based in Siberia, Reuters explains. A visit to the Pushwoosh Twitter feed shows the company claiming to be based in Washington, DC.

To read this article in full, please click here

Security Sophos

Emergency code execution patch from Apple – but not an 0-day

November 9, 2022 0 Comments Apple, cve-2022-40303, cve-2022-40304, iOS, OS X, vulnerability

Credit to Author: Paul Ducklin| Date: Thu, 10 Nov 2022 01:49:12 +0000

Not a zero-day, but important enough for a quick-fire patch to one system library…

Security Sophos

Apple megaupdate: Ventura out, iOS and iPad kernel zero-day – act now!

October 24, 2022 0 Comments 0 day, Apple, cve-2022-42827, Exploit, iOS, iPad, iPhone, mac, OS X, vulnerability, zer-day

Credit to Author: Paul Ducklin| Date: Mon, 24 Oct 2022 23:03:13 +0000

Ventura hits the market with 112 patches, Catalina’s gone missing, and iPhones and iPads get a critical kernel-level zero-day patch…

MalwareBytes Security

A week in security (October 10 – 16)

October 17, 2022 0 Comments A week in security, ai bill of rights, Android, chinese apt, chrome, cisa, disinformation, FBI, final fantasy xiv, iOS, lock and code s03e21, managed detection response, mdr, meta, news, Ransomware, tax scam, week in security, whatsapp

Categories: News

Tags: a week in security

Tags: week in security

Tags: AI Bill of Rights

Tags: Final Fantasy XIV

Tags: Lock and Code S03E21

Tags: Meta

Tags: WhatsApp

Tags: ransomware

Tags: tax scam

Tags: Chinese APT

Tags: Android

Tags: Chrome

Tags: iOS

Tags: managed detection response

Tags: MDR

Tags: disinformation

Tags: FBI

Tags: CISA

The most important and interesting computer security stories from the last week.

(Read more…)

The post A week in security (October 10 – 16) appeared first on Malwarebytes Labs.

MalwareBytes Security

Android and iOS leak some data outside VPNs

October 16, 2022 0 Comments Android, anonymity, captive portal, iOS, leak, news, tunnel, vpn

Categories: News

Tags: VPN

Tags: iOS

Tags: Android

Tags: tunnel

Tags: captive portal

Tags: leak

Tags: anonymity

“Block connections without VPN” doesn’t block all connections without a VPN and “Always on VPN” isn’t always on.

(Read more…)

The post Android and iOS leak some data outside VPNs appeared first on Malwarebytes Labs.

Security Sophos

S3 Ep104: Should hospital ransomware attackers be locked up for life? [Audio + Text]

October 13, 2022 0 Comments ada, ada lovelace, Apple, iOS, iPhone, Naked Security Podcast, netwalker, Podcast, Ransomware, sullivan, uber, whatsapp

Credit to Author: Paul Ducklin| Date: Thu, 13 Oct 2022 16:37:10 +0000

Have your say on three deep questions posed by this week’s podcast. Read or listen as suits you best…

Security Sophos

Mystery iPhone update patches against iOS 16 mail crash-attack

October 10, 2022 0 Comments Apple, crash-of-death, cve-2022-22658, iOS, vulnerability

Credit to Author: Paul Ducklin| Date: Tue, 11 Oct 2022 00:28:03 +0000

The problem with crashy messaging apps is that *other people* get to choose if and when to send you messages…

ComputerWorld Independent

Jamf touts big boost to enterprise security at JNUC

September 27, 2022 0 Comments Apple, iOS, MacOS, Mobile, mobile device management, Security, small and medium business

Jamf opened its annual JNUC event for Apple admins today with a slew of announcements focused on device management and security, a new Jamf Trust app, further information on its recently announced ZecOps deal and other updates likely to be of interest to Apple IT professionals.

The company also committed to supporting Microsoft Device Compliance on Macs later this year, with support for Google’s context-aware zero trust framework (BeyondCorp) on iOS devices in early 2023.

To read this article in full, please click here

ComputerWorld Independent

Sadly, IT can no longer trust geolocation for much of anything

September 16, 2022 0 Comments Android, iOS, Mobile, mobile apps, Security, small and medium business

Credit to Author: eschuman@thecontentfirm.com| Date: Fri, 16 Sep 2022 03:00:00 -0700

Geolocation was once a glorious way to know who your company is dealing with (and sometimes what they are doing). Then VPNs started to undermine that. And now, things have gotten so bad that the Apple App Store and Google Play both offer apps that unashamedly declare they can spoof locations — and neither mobile OS vendor does anything to stop it.

Why? It seems both Apple and Google created the holes these developers are using.

In a nutshell, Apple and Google — to test their apps across various geographies — needed to be able to trick the system into thinking that their developers are wherever they wanted to say that they are. What’s good for the mobile goose, as they say.

To read this article in full, please click here