Credit to Author: Microsoft Security Threat Intelligence| Date: Mon, 19 Dec 2022 18:00:00 +0000
Microsoft discovered a vulnerability in macOS, referred to as “Achilles”, allowing attackers to bypass application execution restrictions enforced by the Gatekeeper security mechanism.
The post Gatekeeper’s Achilles heel: Unearthing a macOS vulnerability appeared first on Microsoft Security Blog.
Read more
Security and privacy go hand in hand in the connected enterprise. So as we approach the holiday break, there’s good news for security-conscious Mac-using enterprises from Jamf: powerful new telemetry tools in Jamf Protect.
We know that enterprise users don’t just have a responsibility to keep things secure, they also need to prove they’re doing so. Beyond that, many regulated industries must maintain ever more complex security event logging and insight to show how hard they’re working to protect their systems.
Given Apple’s big moves this week to roll out new data protection tools for iMessage and allow users to encrypt more of their data in iCloud, it seems obvious that security is going to be a major Apple priority in the year ahead.
The Biden administration’s decision to blacklist the mercenary hackers at NSO Group was a welcome move, but it hasn’t stopped the “surveillance-as-a-service” industry. Instead, it’s atomized it, which means we now have more companies offering such “services” than ever before.
Vira Tkachenko, CTO at Ukraine software developer MacPaw, spoke remotely to Apple admins at Jamf’s JNUC event. A real-world example of a woman in a leadership position in tech, she explained how her company planned for business continuity during the war in Ukraine.
It’s an excellent lesson in crisis management and planning for any business leader. Here are some of the insights shared during her session.
Jamf opened its annual JNUC event for Apple admins today with a slew of announcements focused on device management and security, a new Jamf Trust app, further information on its recently announced ZecOps deal and other updates likely to be of interest to Apple IT professionals.
The company also committed to supporting Microsoft Device Compliance on Macs later this year, with support for Google’s context-aware zero trust framework (BeyondCorp) on iOS devices in early 2023.
The Apple-in-the-enterprise story continues to unfold, this week with Jamf’s announced plans to acquire mobile threat detection and response company ZecOps.
Jamf will likely reveal more about the motivations behind the deal at its JNUC event for Apple admins, which begins tomorrow. The purchase is the latest move by the Apple-focused enterprise MDM provider to supplement device management with an increasingly effective set of tools to bolster device security.
Credit to Author: Jonny Evans| Date: Fri, 02 Sep 2022 04:55:00 -0700
When Craig Federighi, Apple’s senior vice president of software engineering last year said, “We have a level of malware on the Mac that we don’t find acceptable,” he apparently really meant it. And Apple seems to be doing about something about it.
Federighi characterized Apple as being in an enduring battle against malware on the Mac. He also explained that between May 2020 and May 2021 the company identified 130 types of Mac malware that infected 300,000 systems.
Given the Mac’s reputation for security, that may seem counter intuitive, but maintaining a secure platform requires constant watchfulness.
Categories: Exploits and vulnerabilities Categories: News Tags: macOS Tags: iOS Tags: CVE-2022-32894 Tags: CVE-2022-32893 Tags: kernel privileges Tags: WebKit Tags: actively exploited Tags: watering hole Tags: exploit kit Apple has released emergency security updates to fix two zero-day vulnerabilities previously exploited by attackers to hack iPhones, iPads, or Macs. |
The post Urgent update for macOS and iOS! Two actively exploited zero-days fixed appeared first on Malwarebytes Labs.
Read more
Credit to Author: Paul Ducklin| Date: Wed, 17 Aug 2022 23:33:21 +0000
Double 0-day exploits – one in WebKit (to break in) and the other in the kernel (to take over). Patch now!
Read more
Credit to Author: Paul Ducklin| Date: Mon, 15 Aug 2022 18:26:55 +0000
There’s many a slip ‘twixt the cup and the lip. Or at least between the TOC and the TOU…
Read more