iOS – Page 10 – Computer Security Articles

Jamf touts big boost to enterprise security at JNUC

September 27, 2022 admin apple, iOS, MacOS, Mobile, Mobile Device Management, Security, small and medium business

Jamf opened its annual JNUC event for Apple admins today with a slew of announcements focused on device management and security, a new Jamf Trust app, further information on its recently announced ZecOps deal and other updates likely to be of interest to Apple IT professionals.

The company also committed to supporting Microsoft Device Compliance on Macs later this year, with support for Google’s context-aware zero trust framework (BeyondCorp) on iOS devices in early 2023.

To read this article in full, please click here

ComputerWorld Independent

Sadly, IT can no longer trust geolocation for much of anything

September 16, 2022 admin Android, iOS, Mobile, Mobile Apps, Security, small and medium business

Credit to Author: eschuman@thecontentfirm.com| Date: Fri, 16 Sep 2022 03:00:00 -0700

Geolocation was once a glorious way to know who your company is dealing with (and sometimes what they are doing). Then VPNs started to undermine that. And now, things have gotten so bad that the Apple App Store and Google Play both offer apps that unashamedly declare they can spoof locations — and neither mobile OS vendor does anything to stop it.

Why? It seems both Apple and Google created the holes these developers are using.

In a nutshell, Apple and Google — to test their apps across various geographies — needed to be able to trick the system into thinking that their developers are wherever they wanted to say that they are. What’s good for the mobile goose, as they say.

To read this article in full, please click here

ComputerWorld Independent

What is Managed Device Attestation on Apple platforms?

August 26, 2022 admin apple, Endpoint Protection, iOS, Mobile Device Management, Security

Credit to Author: Jonny Evans| Date: Fri, 26 Aug 2022 09:43:00 -0700

Announced at WWDC 2022, Managed Device Attestation protection shows that Apple is adjusting device security protections to adapt to an increasingly distributed age.

Secure the endpoints, not the end times

This adjustment reflects a reality shift. Work doesn’t happen on specific servers or behind defined firewalls today. VPN access can differ across teams. And yet, in a workplace defined by multiple remote devices (endpoints), the security threat is greater than ever.

Managed Device Attestation works to create a second boundary of trust around which device management solutions can work to protect against attack.

To read this article in full, please click here

MalwareBytes Security

Urgent update for macOS and iOS! Two actively exploited zero-days fixed

August 18, 2022 admin actively exploited, cve-2022-32893, cve-2022-32894, exploit kit, Exploits and vulnerabilities, iOS, kernel privileges, MacOS, news, watering hole, Webkit

Categories: Exploits and vulnerabilities

Categories: News

Tags: macOS

Tags: iOS

Tags: CVE-2022-32894

Tags: CVE-2022-32893

Tags: kernel privileges

Tags: WebKit

Tags: actively exploited

Tags: watering hole

Tags: exploit kit

Apple has released emergency security updates to fix two zero-day vulnerabilities previously exploited by attackers to hack iPhones, iPads, or Macs.

ComputerWorld Independent

What is USB Restricted Mode in macOS Ventura, and why do you want it?

August 15, 2022 admin computers and peripherals, iOS, MacOS, Security

Credit to Author: Jonny Evans| Date: Mon, 15 Aug 2022 06:35:00 -0700

Once upon a time, one attack vector for industrial sabotage consisted of exfiltrating data from Macs using a standard-issue USB storage card. Researchers have also shown that it’s possible to hijack computers with malware-infested cables. It’s a jungle out there, so Apple has toughened up (Apple Silicon) Mac protection with USB Restricted Mode.

What is USB Restricted Mode?

Beginning with macOS Ventura, the new layer of protection comes in the form of USB Restricted mode, which should provide a little reassurance to enterprise IT and is enabled by default.

To read this article in full, please click here

Kaspersky Security

How Apple’s Lockdown Mode works | Kaspersky official blog

August 1, 2022 admin apple, iOS, iPad, iPhone, lockdown mode, MacOS, Pegasus, Targeted Attacks, Technology

Credit to Author: Enoch Root| Date: Mon, 01 Aug 2022 15:41:27 +0000

How Lockdown Mode works on Apple devices, who needs it and why.

ComputerWorld Independent

Apple slaps hard against ‘mercenary’ surveillance-as-a-service industry

July 7, 2022 admin apple, iOS, MacOS, Mobile, privacy, Security, small and medium business

Credit to Author: Jonny Evans| Date: Thu, 07 Jul 2022 06:17:00 -0700

Apple has struck a big blow against the mercenary “surveillance-as-a-service” industry, introducing a new, highly secure Lockdown Mode to protect individuals at the greatest risk of targeted attacks. The company is also offering millions of dollars to support research to expose such threats.

Starting in iOS 16, iPadOS 16 and macOS Ventura, and available now in the latest developer-only betas, Lockdown Mode hardens security defenses and limits the functionalities sometimes abused by state-sponsored surveillance hackers. Apple describes this protection as “sharply reducing the attack surface that potentially could be exploited by highly targeted mercenary spyware.”

To read this article in full, please click here

MalwareBytes Security

Hermit spyware is deployed with the help of a victim’s ISP

June 29, 2022 admin Android, apple, c2, command and control, commercial spyware, cve-2018-4344, cve-2019-8605, cve-2020-3837, cve-2020-9907, cve-2021-30883, cve-2021-30983, google, hermit, hermit spyware, iOS, modular spyware, Pegasus, privacy, rcs labs, reports, spyware, threat analysis group

Credit to Author: Jovi Umawing| Date: Wed, 29 Jun 2022 10:03:54 +0000

A new commercial spyware for governments, called Hermit, has spotted in the wild. It affects iOS and all Android versions.

The post Hermit spyware is deployed with the help of a victim’s ISP appeared first on Malwarebytes Labs.