Apple's T2 Mac security chip may be vulnerable, researcher claims

Credit to Author: Jonny Evans| Date: Tue, 06 Oct 2020 06:49:00 -0700

A security researcher claims to have figured out how to break the T2 security chip on modern Intel-based Macs using a pair of exploits developed to jailbreak older phones. Apple has not commented on these claims.

What the research claims

The claim seems to be that because the T2 chip is based on the older A10 series Apple processor, it is possible to use two jailbreak tools (Checkm8 and Blackbird) to modify the behavior of T2, or even install malware to the chip.

It’s not an easy hack: Not only must an attacker have local access to the Mac, but they must connect to the target Mac using a non-standard “debugging” USB-C cable and run a version of a jailbreaking software package during startup.

To read this article in full, please click here

Read more

Current trends in Mac security threats

Credit to Author: Jonny Evans| Date: Mon, 05 Oct 2020 06:24:00 -0700

Current trends involving Mac threats indicate that while attempts are on the rise, users remain the first line of defense — particularly as “show up when you want to” (SUWYWT) becomes the future of work.

The security risk remains

In the first few weeks of the pandemic, we saw multiple businesses invest in VPN software and new hardware as they equipped employees to work from home. In the UK, for example, Starling Bank claimed it purchased every available MacBook as the pandemic struck.

Now that working from home (WFH) is normalized, there’s a need to take stock of security concerns and remind employees of good security procedure on all platforms, including Macs. Apple’s platform seems to have enjoyed incredibly strong sales as companies upgraded for WFH, but even with better inherent security those Macs must also be protected.

To read this article in full, please click here

Read more

Microsoft's Brad Anderson on Apple in the enterprise

Credit to Author: Jonny Evans| Date: Thu, 01 Oct 2020 06:55:00 -0700

When it comes to Apple in the enterprise, Microsoft wants to make the experience as smooth as possible. At this weeks JNUC2020 event I (virtually) spoke with Microsoft’s Corporate Vice President of the Enterprise Client & Mobility (ECM) team, Brad Anderson, who shared insights on his company’s work with Jamf and the emerging new normal of remote work.

Securing the remote enterprise

The COVID-19 pandemic has accelerated the rate of digital transformation, underlining the need for Microsoft to support device choice and improve cloud-based collaboration.

To read this article in full, please click here

Read more

Microsoft on Apple in the enterprise

Credit to Author: Jonny Evans| Date: Thu, 01 Oct 2020 06:55:00 -0700

When it comes to Apple in the enterprise, Microsoft wants to make the experience as smooth as possible. At JNUC2020 event I (virtually) spoke with Microsoft’s Corporate Vice President of the Enterprise Client & Mobility (ECM) team, Brad Anderson, who shared insights on his company’s work with Jamf and the emerging new normal of remote work.

Securing the remote enterprise

The COVID-19 pandemic has accelerated the rate of digital transformation, underlining the need for Microsoft to support device choice and improve cloud-based collaboration.

To read this article in full, please click here

Read more

Lessons learned: Provisioning new employees during a pandemic

Credit to Author: Jonny Evans| Date: Wed, 30 Sep 2020 06:52:00 -0700

COVID-19 means just about everyone who can do so now works from home. But the rapid pace at which this happened put IT under a great deal of pressure, so, what have we learned that may help in future?

The digital transformation continues

The JNUC conference this week sees 15,000 Apple-in-the-enterprise IT staff come together, and a lot of the focus is on the challenges of rapid migration to remote work. The scale of this migration is vast, and it seems to be continuing at pace.

Microsoft Vice President Brad Anderson shared a little data to illustrate this: “We’re seeing 1.5 million new devices every seven days coming into the cloud to be managed (by Microsoft Endpoint Manager) and that’s Windows, iOS, Mac and Android.” (Italics mine.)

To read this article in full, please click here

Read more

JNUC 2020 opens with big news for Apple and Azure

Credit to Author: Jonny Evans| Date: Tue, 29 Sep 2020 07:16:00 -0700

Apple in the enterprise focused company, Jamf, kicked off its virtual JNUC conference today with a deluge of news and information for Mac, iPhone and iPad using enterprises.

Apple and Microsoft together for work

The show comes at a pivotal moment in the transformation of enterprise IT. Not only is work becoming virtual, but Apple’s presence in the space continues to grow.

The move to virtual conferences means the event has more attendees than ever before, with around 15,000 people attending, the company said.

To read this article in full, please click here

Read more

Why you need Apple support to secure the C-suite

Credit to Author: Jonny Evans| Date: Thu, 17 Sep 2020 06:27:00 -0700

I get it. You’re one of those enterprises that doesn’t (yet) support Apple products among employees, but does that moratorium extend to the C-suite? I’m willing to bet it does not, and that’s why even Windows-only IT must learn how to secure Apple’s products.

Ignore the fantasy, this is reality

The reality is that Apple’s products are popular in the enterprise. And while there are many businesses that don’t officially support them, one section of civic society that pretty much always do their own thing no matter what they ask others to do are the boys and girls in the C-suite. I can still recall the number of CFO’s I spoke with early on in the iPad days who were deeply interested in trying the Apple tablet. Many did.

To read this article in full, please click here

Read more

Xcode becomes vector for new Mac malware attack

Credit to Author: Jonny Evans| Date: Mon, 17 Aug 2020 07:39:00 -0700

Trend Micro has identified an insidious new form of Mac malware that is propagated by injecting itself into Xcode projects before they are compiled as apps.

So good they tried it twice

We’ve seen a similar attack before. The so-called “XCode Ghost” was a malware-infested version of Apple’s developer environment that was distributed outside of Apple’s channels. Apps built using the software were preinstalled with malware.

To read this article in full, please click here

Read more