Why Apple’s improved 2FA protection matters to business

Credit to Author: Jonny Evans| Date: Tue, 01 Feb 2022 06:01:00 -0800

Apple has introduced a new layer of protection to its existing two-factor authentication (2FA) system, making it a little harder for phishing attacks to successfully steal valuable authentication credentials.

Given that Apple, PayPal, and Amazon were the top three brands used for successful phishing attacks last year, according to a recent Jamf report, this matters.

Phishing costs billions and is bad for business

Phishing is a huge problem. The scale of these attacks shot up during the pandemic. The FBI Internet Crime Report 2020 revealed that phishing attacks affected 241,342 victims in 2020, up from 114,702 in 2019, with adjusted losses of more than $54 billion. Verizon’s 2021 Data Breach Investigations Report confirmed that 36% of data breaches that year involved phishing.

To read this article in full, please click here

Read more

Jamf CEO weighs in on Apple deployments and enterprise security

Credit to Author: Jonny Evans| Date: Thu, 27 Jan 2022 08:34:00 -0800

“Apple will become the number one device ecosystem in the enterprise by the end of this decade,” Jamf CEO Dean Hager told me while introducing an in-depth enterprise security trends report that enterprises should look at.

Apple continues to see incredible growth

The nature of enterprise IT is rapidly becoming multiplatform. Jamf recently shared some details concerning the rapid growth in Apple device deployments it is seeing in business. For example, it now has 60,000 active customers, up from 36,000 two years before that – and believes new services such as Apple Business Essentials will help maintain this growth.

To read this article in full, please click here

Read more

Cellular networks revolt against Apple privacy moves

Credit to Author: Jonny Evans| Date: Wed, 12 Jan 2022 09:43:00 -0800

Every time Apple attempts to inject a little more privacy into the digital world, it faces pushback – but the evidence suggests opponents would be better off going along for the ride.

A bigger business with more privacy

Take Do Not Track for ads and the move to quash IDFA tracking in iOS 14. When Apple first announced its plan, critics across the ad industry complained it would damage their business.

Apple counter-argued that it would simply inspire advertisers to think more creatively about how to reach customers — while also providing more privacy to those customers.  

To read this article in full, please click here

Read more

Google finds a nation-state level of attacks on iPhone

Credit to Author: Evan Schuman| Date: Tue, 11 Jan 2022 03:31:00 -0800

When it comes to mobile security, users are routinely warned to be extremely careful, avoid suspicious links, emails, and attachments. But the growth of no-click attacks sidesteps these soft defenses.

Google recently drilled into one such attack, which happened to have hit an iPhone. “We assess this to be one of the most technically sophisticated exploits we’ve ever seen, further demonstrating that the capabilities (one vendor) provides rival those previously thought to be accessible to only a handful of nation states,” said the Google advisory.

To read this article in full, please click here

Read more

Apple is sneaking around its own privacy policy — and will regret it

Credit to Author: Evan Schuman| Date: Fri, 07 Jan 2022 03:04:00 -0800

Apple has a rather complicated relationship with privacy, which it always points to as a differentiator with Google. But delivering on it is a different tale. 

Much of this involves the definition of privacy. Fortunately for Apple’s marketing people, “privacy” is the ultimate undefinable term because every user views it differently. If you ask a 60-year-old man in Chicago what he considers to be private, you’ll get a very different answer than if you asked a 19-year-old woman in Los Angeles. Outside the US, privacy definitions vary even more. Germans and Canadians truly value privacy, but even they don’t agree on what they personally consider private.

To read this article in full, please click here

Read more

7 smart steps to get your Android phone in tip-top shape for 2022

Credit to Author: JR Raphael| Date: Wed, 05 Jan 2022 03:00:00 -0800

Happy New Year! I don’t know about you, but I find the start of a fresh voyage around this shiny ol’ sun of ours to be a fine time for tidying up, optimizing, and getting good and organized for the months ahead. And while I’d love to pretend I’m the type of person who has one of those disgustingly pristine, clutter-free desks you see on the internet, let me be brutally honest: The physical space around me tends to resemble a half-abandoned hog parlor.

But my Android phone? My Android phone is as orderly as can be, gosh darn it. And if you ask me, that makes far more of a difference than the state of the physical space around me.

Our mobile devices are where we do so much of our actual work and contemplation these days, after all — and yet it’s all too easy to overlook the importance of maintaining an optimal arrangement for both productivity and security within ’em. So now, as we gaze ahead at the promise-filled 2022 calendar, join me in taking 10 minutes to get your own trusty Android phone fine-tuned and fully ready for the coming year.

To read this article in full, please click here

Read more

When biometrics can be outsmarted this way, we need to talk

Credit to Author: Evan Schuman| Date: Mon, 03 Jan 2022 06:43:00 -0800

It’s one of the sad facts of mobile authentication that the industry tends to initially support the least effective security options. Hence, phones initially supported authentication based on fingerprints (which can be impacted by prescriptions, cleaning products, hand injuries, and dozens of other factors) and then moved on to facial recognition. 

In theory, facial recognition is supposed to be more accurate. Mathematically, that’s fair, as it is examining far more data points than scanning a fingerprint. But the reality in the real world is much more problematic. It requires a precise distance from the phone and yet offers no pre-scan markers for the user to know when they hit it correctly. That’s one reason I see facial recognition reject a scan roughly 40% of the time — even though it will approve a positive scan two seconds later.

To read this article in full, please click here

Read more

12 security tips for the ‘work from home’ enterprise

Credit to Author: Jonny Evans| Date: Fri, 13 Mar 2020 06:26:00 -0700

If you or your employees are working from home while our governments lurch awkwardly through the current crisis, then there are several security considerations that must be explored.

Your enterprise outside the wall

Enterprises must consider the consequences of working from home in terms of systems access, access to internal IT infrastructure, bandwidth costs and data repatriation.

What this means, basically, is that when your worker accesses your data and/or databases remotely, then the risk to that data grows.

While at normal times the risk is only between the server, internal network and end user machine, external working adds public internet, local networks and consumer-grade security systems to the risk mix.

To read this article in full, please click here

Read more

Apple, the FIDO Alliance and the future of passwords


Apple is the latest firm to join the FIDO Alliance, an industry standards group developing more secure ways to log in to online accounts and apps using multi-factor authentication (MFA), biometric authentication and physical security keys. Computerworld's Lucas Mearian joins Ken Mingis and Juliet Beauchamp to discuss the Apple move, how different forms of authentication work and how far away we are from a password-less world.

Read more

A week in security (March 2 – 8)

Credit to Author: Malwarebytes Labs| Date: Mon, 09 Mar 2020 20:07:46 +0000

A roundup of the previous week’s security headlines, including the introduction of a new series on child identity theft, an examination of law enforcement’s cybersecurity woes, a progress check on our stalkerware initiative, and more coronavirus scammers on the prowl.

Categories:

Tags:

(Read more…)

The post A week in security (March 2 – 8) appeared first on Malwarebytes Labs.

Read more