Gatekeeper’s Achilles heel: Unearthing a macOS vulnerability

Credit to Author: Microsoft Security Threat Intelligence| Date: Mon, 19 Dec 2022 18:00:00 +0000

Microsoft discovered a vulnerability in macOS, referred to as “Achilles”, allowing attackers to bypass application execution restrictions enforced by the Gatekeeper security mechanism.

The post Gatekeeper’s Achilles heel: Unearthing a macOS vulnerability appeared first on Microsoft Security Blog.

Read more

Jamf Protect adds powerful telemetry to protect Mac enterprise

Security and privacy go hand in hand in the connected enterprise. So as we approach the holiday break, there’s good news for security-conscious Mac-using enterprises from Jamf: powerful new telemetry tools in Jamf Protect.

Because complex security is sexy

We know that enterprise users don’t just have a responsibility to keep things secure, they also need to prove they’re doing so. Beyond that, many regulated industries must maintain ever more complex security event logging and insight to show how hard they’re working to protect their systems.

To read this article in full, please click here

Read more

Apple sets a security challenge for 2023

Given Apple’s big moves this week to roll out new data protection tools for iMessage and allow users to encrypt more of their data in iCloud, it seems obvious that security is going to be a major Apple priority in the year ahead.

Stamping out surveillance

The Biden administration’s decision to blacklist the mercenary hackers at NSO Group was a welcome move, but it hasn’t stopped the “surveillance-as-a-service” industry. Instead, it’s atomized it, which means we now have more companies offering such “services” than ever before.

To read this article in full, please click here

Read more

How Ukraine’s MacPaw got its business ready for war

Read more

Jamf touts big boost to enterprise security at JNUC

Jamf opened its annual JNUC event for Apple admins today with a slew of announcements focused on device management and security, a new Jamf Trust app, further information on its recently announced ZecOps deal and other updates likely to be of interest to Apple IT professionals.

The company also committed to supporting Microsoft Device Compliance on Macs later this year, with support for Google’s context-aware zero trust framework (BeyondCorp) on iOS devices in early 2023.

To read this article in full, please click here

Read more

Jamf buys ZecOps to bring high-end security to Apple enterprise

The Apple-in-the-enterprise story continues to unfold, this week with Jamf’s announced plans to acquire mobile threat detection and response company ZecOps.

Already consumer-simple, Jamf becomes government secure

Jamf will likely reveal more about the motivations behind the deal at its JNUC event for Apple admins, which begins tomorrow. The purchase is the latest move by the Apple-focused enterprise MDM provider to supplement device management with an increasingly effective set of tools to bolster device security.

To read this article in full, please click here

Read more

Apple wasn’t fooling when it said it wanted to make Macs more secure

Credit to Author: Jonny Evans| Date: Fri, 02 Sep 2022 04:55:00 -0700

When Craig Federighi, Apple’s senior vice president of software engineering last year said, “We have a level of malware on the Mac that we don’t find acceptable,” he apparently really meant it. And Apple seems to be doing about something about it.

Apple is giant taking steps to secure the Mac

Federighi characterized Apple as being in an enduring battle against malware on the Mac. He also explained that between May 2020 and May 2021 the company identified 130 types of Mac malware that infected 300,000 systems.

Given the Mac’s reputation for security, that may seem counter intuitive, but maintaining a secure platform requires constant watchfulness.

To read this article in full, please click here

Read more

Urgent update for macOS and iOS! Two actively exploited zero-days fixed

Categories: Exploits and vulnerabilities

Categories: News

Tags: macOS

Tags: iOS

Tags: CVE-2022-32894

Tags: CVE-2022-32893

Tags: kernel privileges

Tags: WebKit

Tags: actively exploited

Tags: watering hole

Tags: exploit kit

Apple has released emergency security updates to fix two zero-day vulnerabilities previously exploited by attackers to hack iPhones, iPads, or Macs.

(Read more…)

The post Urgent update for macOS and iOS! Two actively exploited zero-days fixed appeared first on Malwarebytes Labs.

Read more