Hey Arin, I’m here. Last week was the busiest week of the year so far. We have seen an unprecedented attack against the LockBit ransomware collective. Apple is moving to future-proof iMessage with quantum computer protection, and this week’s headlines include a new report from Jamf highlighting some alarming statistics about companies using Apple. It’s about being there. Now, prepare your favorite drink. So let’s get started…
9to5Mac Security Bite is offered exclusively by: Mosyle, the only Apple integration platform. We’re all about making Apple devices ready to use and secure for enterprise use. Our unique, integrated approach to management and security delivers state-of-the-art Apple-specific security solutions for fully automated enforcement and compliance, next-generation EDR, AI-powered Zero Trust, and exclusive privilege management. , combined with the most powerful and modern Apple MDM. It’s on the market. The result is the fully automated Apple Unified Platform, which is now trusted by more than 45,000 organizations and powers millions of Apple devices effortlessly and affordably. Masu. Request an extended trial Find out why Mosyle is all about working with Apple today.
This is Security Bite, a weekly security-focused column on 9to5Mac. Every Sunday, Alyn Waichulis It provides data privacy insights, uncovers vulnerabilities, and shines a light on emerging threats within Apple’s vast ecosystem of over 2 billion active devices.s. Stay safeTake care.
Jamf, the popular Apple device management platform, has released its 2023 annual security trends report. The analysis paints a picture of the threat landscape impacting businesses and employees across multiple platforms (macOS, iOS, iPadOS, Windows, and Android), threat research and industry events, as well as threat research and industry events.
Key findings from the report
- 40% of mobile users and 39% of organizations are running devices with known vulnerabilities
- 20% of organizations were affected by malicious network traffic
- 8% of organizations had a mobile device that accessed a third-party App Store
- Android downloads twice as many third-party apps as iOS
- 2.5% of devices will have vulnerable applications installed in 2023
Apple-specific findings
- Jamf tracks 300 malware families on macOS and discovers 21 new malware families on Mac in 2023
- Trojan horses are growing in popularity, accounting for 17% of all Mac malware instances.
- Phishing attempts were 50% more successful on mobile devices than on Macs
- In 2023, 3% of Apple devices had a disabled lock screen, and 25% of organizations had at least one user with a disabled lock screen.
- FileVault was found to be disabled on 36% of devices
- GateKeeper achieved 90% activation rate for App Store and selected developers
- Firewall features were disabled on 55% of Macs
While some of these statistics are certainly alarming, they may not be entirely surprising. Early this month, 9to5 mac We reported that adoption of iOS 17 is progressing at a much slower rate than iOS 16. iOS 16 includes at least two critical vulnerabilities exploited in Operation Triangulation, which were patched in 16.2, and his second zero-click, which attackers used to inject Pegasus spyware. Masu. Fixed in iOS 16.6.1.
Lack of adoption of next-generation software may be a contributing factor to so many mobile users using devices with known vulnerabilities. Of course, this only applies to iPhones. Jamf’s data lumped all mobile operating systems together for this particular analysis, so we don’t know how much Android contributes to his 40%.
It’s a long-standing misconception that Macs are immune to malware. This is never true. Without going into too much detail, it is clear that malware targeting Mac computers is on the rise. Jamf reports that 21 additional families were detected in 2023. This would be a 50% increase over the previous year. Indeed, as Macs continue to grow in popularity, they will lose their power in small numbers and become more attractive targets for cybercriminals. But the fact remains that Mac is inherently more secure than his Windows at the moment.
“Our analysis, conducted in Q4 2023 and reviewing the previous 12 months, revealed a number of key themes, chief among them that organizations have abysmal cyber hygiene and “Actors are poised to launch the most sophisticated attacks ever,” Jamf said. .
Jamf allows you to download the entire report here.
how to protect yourself
- Keep your device updated. Whether it’s an iPhone, Mac, or iPad, the first thing everyone should do is keep the OS up to date with the latest security patches. This addresses known vulnerabilities that malware can exploit.
- Use antivirus software: Macs aren’t immune to malware! We recommend using Malwarebytes, which offers free, personalized apps that can detect and remove potential threats. Additionally, CleanMyMac X now includes a malware removal tool powered by the MoonLock service.
- Be careful when clicking: Email continues to be the most popular area for malware. It allows criminals the most success with the least amount of effort. According to Jamf, in 2023, 9% of phishing attacks were successful, increasing by 1% in 2022. As you know, be careful when clicking on links or opening attachments.
- Enable firewall: Enabling your Mac’s firewall is the best way to prevent unauthorized applications and services from being accepted. This helps you manage incoming and outgoing connections. Jamf research found that 55% of Macs had firewall functionality disabled.
- Use strong (unique) passwords. Do not put an exclamation mark after your dog’s name.
- Enable disk encryption: On Mac, this is called FileVault and encrypts all user data stored on disk on the fly. This keeps your sensitive information safe in case your device is lost or stolen. Jamf reports that it is disabled on 36% of client devices.
- Limit user privileges: Limiting user privileges is important to prevent unauthorized software installations and limit the potential impact of malware infections. Learn how to restrict permissions on your Mac.
more
FTC: We use automated affiliate links that generate income. more.