![](\"https:\/\/images.idgesg.net\/images\/article\/2018\/08\/anonymous_faceless_hooded_mand_in_scary_halloween_mask_finger_to_lips_danger_threat_stealth_attack_hacker_hush_silence_warning_by_max_bender_cc0_via_unsplash_1200x800-100766358-small.jpg\"\/)
<\/p>\n
Ensuring platform security is hard, but when a company the stature of Apple begins to ramp up protection of its ecosystem, every IT decision maker should pay attention. Unfortunately, this is precisely what’s happening: Apple is now updating fundamental protection at a faster clip than it’s ever done before.<\/p>\n
That important revelation comes from Howard Oakley at the excellent Eclectic Light Company<\/a><\/em> blog. He notes that in the six weeks ending Feb. 9 Apple, has updated a Mac security feature called XProtect five times \u2014 introducing 11 new rules to the service.<\/p>\n The entire report<\/a>\u00a0is worth a read, but one paragraph in particular stands out and should be seen as a warning to everyone in tech.<\/p>\n \u201cApple\u2019s security engineers appear to be in the midst of a campaign against a combination of agile, sophisticated, and recent attacks. Adload, Genieo and Pirrit have long histories of evading static detection, and this is perhaps the first time that they have been put under such pressure. Apple must be playing the long game, in the hope that the three won\u2019t be able to sustain the pace.\u201d<\/p>\n Those rules within XProtect aim to protect against a dizzying array of malware families<\/a>. The report explains that three of these families are new and sophisticated.<\/p>\n Without wanting to create undue alarm, the frequency of updates strongly suggests Apple is aware of new attacks and that its security teams are hustling to protect users.<\/p>\n This also hints that tech decision makers (and everyone<\/em> is a tech decision maker if they use tech at all) should do anything necessary to ensure<\/a> that their own perimeter and edge security is agile and robust.<\/p>\n In the current complex-threat environment<\/a>, everyone should ramp up their security awareness. Apple users in the EU should be particularly alert, given Apple will soon be forced to reduce security on app purchasing there<\/a>.<\/p>\n The move reflects awareness at the top of the tech industry tree. Who else recalls when Apple CEO Tim Cook in 2016 warned that hacking is getting more sophisticated<\/a>?<\/p>\n XProtect is an important part of Mac security. It\u2019s built-in antivirus tech that tries to identify and remove some types of malware by using\u00a0YARA signatures<\/a>, which the company describes as \u201ca tool to conduct signature-based detection of malware.\u201d<\/p>\n The software runs in the background each time an app is launched, an app’s file system is changed, or XProtect signatures are updated. If it detects any known malware, it will prevent the app from launching on a Mac. XProtect also includes technology to remediate infections once they are identified, even if already installed.<\/p>\n Apple\u2019s own guidance states that XProtect<\/a>, \u201cincludes an engine that remediates infections based on updates automatically delivered from Apple (as part of automatic updates of system data files and security updates). It also removes malware upon receiving updated information, and it continues to periodically check for infections. XProtect doesn\u2019t automatically reboot the Mac.\u201d<\/p>\n For most users, the only direct experience of XProtect is when they try to install software sourced from outside the highly secure Apple App Store.<\/p>\n Like Rapid Security Responses, XProtect is something Apple can update in the background<\/a>. But the cadence of updates suggests Mac users should make sure they update their system software frequently, too<\/a>.<\/p>\n To ensure your Mac is installing these XProtect updates, follow these steps:<\/p>\n Oakley\u2019s report signs off with excellent advice for every Mac user to help them reduce their exposure to risk \u2014 that includes ensuring XProtect is active and that you are running the latest available system software.<\/p>\n He also advises that Mac users should never use torrented, cracked, or fake software, and that if they don\u2019t trust the security and authenticity of any third-party software they should delete it. The author also strongly advises against crypto-related apps, warning that these can be high risk.<\/p>\n This is all common sense stuff, of course.<\/p>\n Logically, good security practice also extends to the other common-sense risk-avoidance techniques: avoid clicking links you don\u2019t trust, don\u2019t open messages you don\u2019t recognize, update system software frequently, never use the same password twice, and so forth.<\/p>\n A regular virus check and investment in additional security protections, including use of Lockdown Mode if you are a potential target<\/a>, also make sense.<\/p>\n If you are running a business and you aren\u2019t yet confident in your current security protection, you cannot simply rely on Apple\u2019s platform protection. If Apple is ramping up protection on a platform basis, you should see this as a strong sign that you absolutely must bolster\u00a0your own fleet\/device\/infrastructure protection<\/a>\u00a0as well.<\/p>\n Think of the extent to which technology is used across your business and consider the protection available<\/a> to each of your connected \u2014 or connectable<\/em>\u00a0\u2014 systems. You don\u2019t want to join the growing list\u00a0of silent victims<\/a>\u00a0of successful exploits, exfiltration, ransomware, and attack. And you should also insist your partners and suppliers are equally serious<\/a> when it comes to security.<\/p>\n Please follow me on\u00a0Mastodon<\/a>, or join me in the\u00a0AppleHolic\u2019s bar & grill<\/a>\u00a0and\u00a0<\/em>Apple<\/em>\u00a0Discussions<\/em><\/a>\u00a0groups on MeWe.<\/em><\/p>\n http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":" Ensuring platform security is hard, but when a company the stature of Apple begins to ramp up protection of its ecosystem, every IT decision maker should pay attention. Unfortunately, this is precisely what’s happening: Apple is now updating fundamental protection at a faster clip than it’s ever done before.<\/p>\n That important revelation comes from Howard Oakley at the excellent Eclectic Light Company<\/a><\/em> blog. He notes that in the six weeks ending Feb. 9 Apple, has updated a Mac security feature called XProtect five times \u2014 introducing 11 new rules to the service.<\/p>\n<\/p>\nApple\u2019s security teams are alert<\/strong><\/h2>\n