Using iPhones and AirTags to sneak data out of air-gapped networks

Credit to Author: Pieter Arntz| Date: Thu, 13 May 2021 17:19:39 +0000

A researcher has discovered a method for exfiltrating data from air-gapped networks using Apple’s Find My technology.

Categories: Reports

Tags:

(Read more…)

The post Using iPhones and AirTags to sneak data out of air-gapped networks appeared first on Malwarebytes Labs.

Read more

Social engineering, fake App Stores, hit iOS, Sophos warns

Credit to Author: Jonny Evans| Date: Thu, 13 May 2021 08:26:00 -0700

I didn’t entirely mean to focus on Apple device security for most of this week (see here and here), but new Sophos research should interest any enterprise working to enhance security awareness.

Breaking bad

The research looks at 167 counterfeit apps used to scam iOS and Android users. Those that impact Apple’s mobile OS particularly stood out, as they show the increasing sophistication of malware authors.

To read this article in full, please click here

Read more

Jamf adds zero trust security to the Apple enterprise

Credit to Author: Jonny Evans| Date: Wed, 12 May 2021 10:38:00 -0700

Read more

Enterprises need to get smart about iOS security

Credit to Author: Jonny Evans| Date: Tue, 11 May 2021 09:02:00 -0700

The XcodeGhost malware attack that allegedly affected 128 million iOS users is an excellent illustration of the kind of sophisticated attack all users should get ready to defend against as platforms become inherently more secure.

Designer label malware

XcodeGhost was an intelligent exploit that presented itself as a malware-infested copy of Xcode made available via websites targeting Chinese developers. Developers in the region downloaded it because it was easier to get than the real code because local networks wereunreliable.

To read this article in full, please click here

Read more

Signal app insists it’s so private it can’t provide subpoenaed call data

Credit to Author: David Ruiz| Date: Fri, 30 Apr 2021 09:29:29 +0000

Signal told investigators it could not comply with a legal request for user records and communications because the records do not exist.

Categories: Privacy

Tags:

(Read more…)

The post Signal app insists it’s so private it can’t provide subpoenaed call data appeared first on Malwarebytes Labs.

Read more

How long until Apple boots apps from its stores for privacy issues?

Credit to Author: Jonny Evans| Date: Wed, 28 Apr 2021 09:13:00 -0700

Apple will inevitably begin enforcing the privacy requirements it has put in place across its ecosystem, meaning developers who attempt to avoid or dissemble their way around these protections should expect action, including removal from the App Store.

What Apple is doing

Everyone recognizes how seriously Apple takes privacy. Statement by statement and all through iterative software and product releases, the company is making it crystal clear that it believes privacy is essential to achieve the potential of digital transformation.

To read this article in full, please click here

Read more

Why enterprises must install the latest macOS software patch

Credit to Author: Jonny Evans| Date: Tue, 27 Apr 2021 07:52:00 -0700

Enterprises should install Apple’s latest macOS Big Sur 11.3 update to secure their Macs. I spoke with Jamf Mac security expert Jaron Bradley, who explained why.

Install macOS 11.3 immediately

Enterprise users running fleets of Macs should get their IT support teams to approve the installation of Apple’s macOS Big Sur 11.3 update as swiftly as possible; the update should protect Macs against a serious software vulnerability that places data at risk.

As first spotted by Cedric Owens (and subsequently heavily researched by Jamf), the malware — a new version of a known Shlayer vulnerability — spreads in the following ways:

To read this article in full, please click here

Read more