Credit to Author: Pieter Arntz| Date: Thu, 13 May 2021 17:19:39 +0000
 | |
| A researcher has discovered a method for exfiltrating data from air-gapped networks using Apple’s Find My technology. Categories: Reports Tags: air-gappedAirTagsAppleexfiltrateSend My |
The post Using iPhones and AirTags to sneak data out of air-gapped networks appeared first on Malwarebytes Labs.
Read more
Credit to Author: Jonny Evans| Date: Thu, 13 May 2021 08:26:00 -0700
I didn’t entirely mean to focus on Apple device security for most of this week (see here and here), but new Sophos research should interest any enterprise working to enhance security awareness.
The research looks at 167 counterfeit apps used to scam iOS and Android users. Those that impact Apple’s mobile OS particularly stood out, as they show the increasing sophistication of malware authors.
Credit to Author: Jonny Evans| Date: Wed, 12 May 2021 10:38:00 -0700
Apple enterprise management company Jamf has announced its pending $400 million acquisition of zero trust cloud-based security company, Wandera.
Security remains of critical concern to the many enterprises deploying Apple equipment during the time of COVID-19, and as the mobile device management (MDM) services industry becomes more competitive, many providers are attempting to bolster services with security protection.
Credit to Author: Jonny Evans| Date: Tue, 11 May 2021 09:02:00 -0700
The XcodeGhost malware attack that allegedly affected 128 million iOS users is an excellent illustration of the kind of sophisticated attack all users should get ready to defend against as platforms become inherently more secure.
XcodeGhost was an intelligent exploit that presented itself as a malware-infested copy of Xcode made available via websites targeting Chinese developers. Developers in the region downloaded it because it was easier to get than the real code because local networks wereunreliable.
Credit to Author: Egor Nashilov| Date: Fri, 30 Apr 2021 14:51:28 +0000
What is App Tracking Transparency, and should you allow apps to track your activity in iOS, iPadOS, and tvOS?
Read moreCredit to Author: David Ruiz| Date: Fri, 30 Apr 2021 09:29:29 +0000
 | |
| Signal told investigators it could not comply with a legal request for user records and communications because the records do not exist. Categories: Privacy Tags: ACLUApplebackdoorbackdoorsearn it actend-to-end encryptionfbigoing darkprivacyprivate messagingsignal |
The post Signal app insists it’s so private it can’t provide subpoenaed call data appeared first on Malwarebytes Labs.
Read more
Credit to Author: Jonny Evans| Date: Wed, 28 Apr 2021 09:13:00 -0700
Apple will inevitably begin enforcing the privacy requirements it has put in place across its ecosystem, meaning developers who attempt to avoid or dissemble their way around these protections should expect action, including removal from the App Store.
Everyone recognizes how seriously Apple takes privacy. Statement by statement and all through iterative software and product releases, the company is making it crystal clear that it believes privacy is essential to achieve the potential of digital transformation.
Credit to Author: Jonny Evans| Date: Tue, 27 Apr 2021 07:52:00 -0700
Enterprises should install Apple’s latest macOS Big Sur 11.3 update to secure their Macs. I spoke with Jamf Mac security expert Jaron Bradley, who explained why.
Enterprise users running fleets of Macs should get their IT support teams to approve the installation of Apple’s macOS Big Sur 11.3 update as swiftly as possible; the update should protect Macs against a serious software vulnerability that places data at risk.
As first spotted by Cedric Owens (and subsequently heavily researched by Jamf), the malware — a new version of a known Shlayer vulnerability — spreads in the following ways: