small and medium business – Page 12 – Computer Security Articles

Jamf touts big boost to enterprise security at JNUC

September 27, 2022 admin apple, iOS, MacOS, Mobile, Mobile Device Management, Security, small and medium business

Jamf opened its annual JNUC event for Apple admins today with a slew of announcements focused on device management and security, a new Jamf Trust app, further information on its recently announced ZecOps deal and other updates likely to be of interest to Apple IT professionals.

The company also committed to supporting Microsoft Device Compliance on Macs later this year, with support for Google’s context-aware zero trust framework (BeyondCorp) on iOS devices in early 2023.

To read this article in full, please click here

ComputerWorld Independent

Jamf buys ZecOps to bring high-end security to Apple enterprise

September 26, 2022 admin apple, MacOS, Mobile, Mobile Device Management, Security, small and medium business

The Apple-in-the-enterprise story continues to unfold, this week with Jamf’s announced plans to acquire mobile threat detection and response company ZecOps.

Already consumer-simple, Jamf becomes government secure

Jamf will likely reveal more about the motivations behind the deal at its JNUC event for Apple admins, which begins tomorrow. The purchase is the latest move by the Apple-focused enterprise MDM provider to supplement device management with an increasingly effective set of tools to bolster device security.

To read this article in full, please click here

ComputerWorld Independent

Critical zero-days make September's Patch Tuesday a 'Patch Now' release

September 16, 2022 admin microsoft, Security, small and medium business, windows

With 63 updates affecting Windows, Microsoft Office and the Visual Studio and .NET platforms — and reports of three publicly exploited vulnerabilities (CVE-2022-37969, CVE-2022-34713, CVE-2021-40444) — this month’s Patch Tuesday release gets a “Patch Now” priority. Key testing areas include printing, Microsoft Word, and in general application un-installations. (The Microsoft Office, .NET and browser updates can be added to your standard release schedules.)

To read this article in full, please click here

ComputerWorld Independent

Sadly, IT can no longer trust geolocation for much of anything

September 16, 2022 admin Android, iOS, Mobile, Mobile Apps, Security, small and medium business

Credit to Author: eschuman@thecontentfirm.com| Date: Fri, 16 Sep 2022 03:00:00 -0700

Geolocation was once a glorious way to know who your company is dealing with (and sometimes what they are doing). Then VPNs started to undermine that. And now, things have gotten so bad that the Apple App Store and Google Play both offer apps that unashamedly declare they can spoof locations — and neither mobile OS vendor does anything to stop it.

Why? It seems both Apple and Google created the holes these developers are using.

In a nutshell, Apple and Google — to test their apps across various geographies — needed to be able to trick the system into thinking that their developers are wherever they wanted to say that they are. What’s good for the mobile goose, as they say.

To read this article in full, please click here

ComputerWorld Independent

When Windows updating goes bad — the case of the problematic patch

September 6, 2022 admin Security, small and medium business, windows, Windows 10, windows 11

Credit to Author: Susan Bradley| Date: Tue, 06 Sep 2022 04:08:00 -0700

Every month, Windows users and administrators receive updates from Microsoft on Patch Tuesday (or Wednesday, depending on where you’re located). And each month, most users all apply the same updates.

But should we?

Case in point: KB5012170, a patch released on Aug. 9 that either causes no issues — or triggers Bitlocker recover key requests or won’t install at all, demanding that you go find a firmware update. This patch, called the Security update for Secure Boot DBX, applies to nearly all supported Windows releases. Specifically, it affects Windows Server 2012; Windows 8.1 and Windows Server 2012 R2; Windows 10, version 1507; Windows 10, version 1607 and Windows Server 2016; Windows 10, version 1809 and Windows Server 2019; Windows 10, versions 20H2, 21H1, and 21H2; Windows Server 2022; Windows 11, version 21H2 (original release), and Azure Stack HCI, version 1809, all the way to Azure Stack Data Box, version 1809 (ASDB).

To read this article in full, please click here

ComputerWorld Independent

Apple wasn’t fooling when it said it wanted to make Macs more secure

September 2, 2022 admin apple, MacOS, Mobile, Security, small and medium business

Credit to Author: Jonny Evans| Date: Fri, 02 Sep 2022 04:55:00 -0700

When Craig Federighi, Apple’s senior vice president of software engineering last year said, “We have a level of malware on the Mac that we don’t find acceptable,” he apparently really meant it. And Apple seems to be doing about something about it.

Apple is giant taking steps to secure the Mac

Federighi characterized Apple as being in an enduring battle against malware on the Mac. He also explained that between May 2020 and May 2021 the company identified 130 types of Mac malware that infected 300,000 systems.

Given the Mac’s reputation for security, that may seem counter intuitive, but maintaining a secure platform requires constant watchfulness.

To read this article in full, please click here

ComputerWorld Independent

Apple pushes out emergency updates to address zero-day exploits

September 1, 2022 admin apple, enterprise mobile management, Mobile, Security, small and medium business

Credit to Author: Lucas Mearian| Date: Thu, 01 Sep 2022 16:46:00 -0700

Apple this week released urgent security updates to address zero-day vulnerabilities on older model iPhones, iPads, and iPods.

The patches, pushed out on Wednesday, address an out-of-bounds write issue that could be exploited by an attacker enabling them to take control of the affected device. The US Cybersecurity and Infrastructure Agency (CISA) today encouraged users and IT admins to review Apple’s advisory HT213428 and apply the necessary updates.

To read this article in full, please click here

ComputerWorld Independent

Patch Tuesday update addresses 123 vulnerabilities, two critical zero-days

August 13, 2022 admin microsoft, Security, small and medium business, windows

Credit to Author: Greg Lambert| Date: Sat, 13 Aug 2022 04:58:00 -0700

Microsoft’s August Patch Tuesday release addresses 123 security issues in Microsoft Windows, Office, Exchange (it’s back!) and Visual Studio — and unfortunately, we have two zero-days with reports of active exploitation in the wild. Since this is a broad update, it will require planning and testing before deployment.

The first (CVE-2022-34713) occurs in the Windows diagnostic tools and the second (CVE-2022-30134) affects Microsoft Exchange. Basically, the holidays are over and it’s time to pay attention to Microsoft updates again. We have made “Patch Now” recommendations for Windows, Exchange and Adobe for this month.

To read this article in full, please click here