Tag Archive for: Jamf

Jamf uncovers new Mac malware linked to known hacking group

/in


Jamf finds a new strain of malware

Jamf Threat Labs has discovered a new malware strain that appears to be connected to BlueNoroff, a group that often attacks businesses in the financial sector.

The discovery came about during Jamf’s regular security checks. They found software for Mac computers secretly connecting to a known malicious internet domain, although Jamf didn’t mention a particular program that Mac users should be aware of.

What made the find particularly intriguing was that this software was not recognized as a threat by VirusTotal, a popular website used to check suspicious files, at the time of uploading by Jamf.

The program is cleverly disguised, using a digital signature that initially appears legitimate. It communicates with a server that, while appearing to be associated with a legitimate cryptocurrency platform, is controlled by the attackers.

BlueNoroff signature move

The method of operation aligns with the BlueNoroff group’s established strategies. These typically involve creating counterfeit domains that mirror reputable companies, which helps them evade detection and entice their targets.

The fraudulent domain was set up in late May 2023, and the malware uses it to send and receive information. Jamf’s analysis revealed that while they were investigating, the server behind the domain stopped responding, possibly because the attackers became aware of the scrutiny.

Further analysis by Jamf indicated that the malware was designed using Objective-C, a programming language used for Mac software. The malware acts like a remote control for the infected computer, allowing the attackers to send commands and control the system after they have breached it.

Upon activation, the malware sends a signal to the attacker-controlled domain, disguising its communications as regular internet traffic. It also collects and sends information about the infected computer, such as the version of the macOS operating system it is running.

Despite its simplicity, the malware is effective and aligns with BlueNoroff’s approach of…

Source…

Jamf VP explains enterprise security threats — and how to mitigate them

/in


Apple-focused device management and security vendor Jamf today published its Security 360: Annual Trends report, which reveals the five security tends impacting organizations running hybrid work environments. As it is every year, the report is interesting, so I spoke to Michael Covington, vice president of portfolio strategy, for more details about what the company found this year.

First, here’s a brief rundown of some of the salient points in the report:

  • In 2022, 21% of employees were using devices that were misconfigured, exposing the device and the employee to risk.
  • 31% of organizations had at least one user fall victim to a phishing attack.
  • 7% of Android devices accessed third-party app stores, which often provide versions of legitimate apps that have been tampered with to include malicious code that infects user devices, compared to 0.002% of iOS devices.
  • New malware infections dropped from just over 150 million to about 100 million, with malicious network traffic continuing to be more prevalent.

The report confirms that some of the most well-known bad security habits continue. For example, 16% of users are regularly exposing confidential or sensitive data by sharing it via unsecured Wi-Fi hotspots.

Security 360 also gives a good set of insights into how important privacy is to overall enterprise security.

The report points to a range of ways in which privacy, once broken, creates security instability, including nation states that subvert device security to watch, photograph, and record what people do in order to blackmail or otherwise exploit victims.

Another threat is poor data lifecycle management, when companies that do gather private information don’t protect that data well enough. The company continues to invest in approaches to challenge all of these. There’s a host of additional information available in the report, which you can explore here.

Source…

Jamf bolsters student security with web protection now on Chromebook

/in


Jamf has announced that Jamf Safe Internet, a comprehensive content filtering and web security solution optimised for education, is now available on Chromebook.

Jamf Safe Internet is designed to help schools protect students from harmful content on the internet, inappropriate websites and phishing attacks, while also allowing admins to enforce acceptable-use policies in a seamless way, according to the company.

Keeping students safe

Jamf Safe Internet is designed to ensure that students have a safe and secure online learning environment from the moment they unbox their device, the company states.

With Jamf Safe Internet, admins are able to enforce acceptable-use policies without sacrificing the learning experience by offering:

  • Content Control in One Click: Jamf Safe Internet allows teachers and IT admins to customise and create the level of content control that fits each class and can prevent harmful and inappropriate content from reaching student devices. This protection is powered by Jamf’s content filtering and web-based threat prevention technologies.

  • Support for Google Services: Jamf Safe Internet can now enforce Google SafeSearch and YouTube Restricted Mode, ideal for schools leveraging Google products for learning experiences.

  • Streamlined Console: Jamf Safe Internet delivers a streamlined administrative console with workflows built specifically for schools. When Jamf Safe Internet is enabled, students log in to a Chromebook with their Google Workspace for Education account and immediately have group or age group specific browsing policies applied.

  • A Continued Commitment to Protecting Privacy: Jamf’s privacy-friendly approach provides a safe online environment for students of all ages while offering schools enough information to protect students. Jamf is committed to maintaining compliance with all applicable privacy regulations and has signed the Student Privacy Pledge, highlighting its commitment to protecting the information of students, parents and teachers in schools.

Continued partnership with Google

Jamf Safe Internet for Chromebook is just the latest in security innovations brought to market by Jamf and Google. As part of the Google…

Source…

Jamf completes acquisition of ZecOps, extending its mobile security capabilities by adding advanced detections and incident response for iOS

/in


Jamf

Jamf

MINNEAPOLIS, Nov. 17, 2022 (GLOBE NEWSWIRE) — Jamf (NASDAQ: JAMF), the standard in Apple Enterprise Management, today announced it has completed the acquisition of ZecOps, a leader in mobile detection and response.

This acquisition uniquely positions Jamf to help IT and security teams strengthen their organization’s mobile security posture, accelerate mobile security investigations from weeks to minutes, leverage known indicators of compromise (IOC) at-scale, and identify sophisticated 0 or 1 click attacks on a much deeper scale.

“ZecOps’ market-leading mobile detection and response capabilities are a great fit for the Jamf platform,” said Dean Hager, CEO, Jamf. “ZecOps’ ability to thoroughly detect and investigate threats that target mobile users further propels our goal of keeping employees productive and secure no matter what device they use for work.”

Mobile devices now account for 59% of global website traffic, and according to the 2022 Verizon Mobile Security Index, close to half (45%) of companies said that they have suffered a compromise involving a mobile device in the past 12 months.

ZecOps will bring important capabilities to the Jamf platform to help address the growing trend of targeted mobile attacks. Jamf offers robust management and mobile security capabilities for iOS devices; however, access to deeper insights into potential security exploits is technically challenging and requires physical access to the device, which is difficult in a remote work environment. ZecOps is a robust, unparalleled solution that provides the deepest layer of insight and assurance for security-conscious customers with high-value targets that need something more. ZecOps provides the same level of visibility currently available for macOS through Jamf Protect but for iOS, making it capable of detecting the kinds of sophisticated mobile threats that Apple’s Lockdown mode aims to prevent.

About Jamf
Jamf’s purpose is to simplify work by helping organizations manage and secure an Apple experience that end users love and organizations trust. Jamf is the only company in the world that provides a complete management and security solution for an Apple-first environment that is…

Source…