Jamf Blog

Posts in the Jamf Threat Labs Category

January 18, 2024 by Jamf Threat Labs

Jamf Threat Labs discovers new malware embedded in pirated applications

In this blog, Jamf Threat Labs researchers analyze malware they discovered in pirated macOS applications. These apps, appearing similar to ZuRu malware, download and execute multiple payloads to compromise machines in the background.

December 5, 2023 by Jamf Threat Labs

Fake Lockdown Mode: A post-exploitation tampering technique

In this blog, Jamf Threat Labs explains how bad actors could create a false sense of security with Lockdown Mode by post-exploit tampering.

November 6, 2023 by Jamf Threat Labs

BlueNoroff strikes again with new macOS malware

Jamf Threat Labs discovered a new later-stage malware variant from BlueNoroff that shares characteristics with their RustBucket campaign. Read this blog to learn more about this malware and view the indicators of compromise.

October 9, 2023 by Jesus Vigo

A holistic approach to security: endpoint protection

Comprehensive endpoint protection provides modern threat landscape protection to your entire fleet of Apple computers and mobile devices, including Windows and Android endpoints. By protecting against new and evolving threats through effective and efficient defense-in-depth strategies, Jamf endpoint security solutions are not only best-of-breed, but their powerful and flexible workflows help organizations like yours to succeed with Apple and mobile devices at work, without compromising data security, user privacy or end-user productivity.

September 21, 2023 by Haddayr Copley-Woods

The Art of Cryptojacking

The Jamf Threat Labs team recently drew attention in the tech media for uncovering a sly piece of malware that was proliferating unnoticed in the wild. As Jamf Threat Labs pursued its trail, they discovered intriguing insights and went down some fascinating rabbit holes. This fascinating JNUC 2023 presentation walked attendees through a recent Mac malware campaign investigation from start to finish.

August 17, 2023 by Jamf Threat Labs

Fake Airplane Mode: A mobile tampering technique to maintain connectivity

Jamf Threat Labs developed a post-exploit persistence technique on iOS 16 that falsely shows a functional Airplane Mode. In reality, after successful device exploit the attacker plants an artifical Airplane Mode that edits the UI to display Airplane Mode icons and cuts internet connection to all apps except the attacker application. This enables the attacker to maintain access to the device even when the user believes it is offline. This technique has not yet been observed in the wild and is only possible on an already exploited or jailbroken device.

July 3, 2023 by Haddayr Copley-Woods

Jamf After Dark: WWDC recap

Jamf After Dark co-hosts Kat Garbis and Sean Rabbitt welcomed special guest Aaron Webb, Senior Product Marketing Manager in security at Jamf for this special segment focusing on WWDC. They uncovered the benefits of same-day support, highlighted features, outlined how Jamf will support these features and discussed which markets stand to benefit most from these developments.

June 30, 2023 by Jamf Threat Labs

Jamf protects against JokerSpy malware

Threat actors targeted a cryptocurrency exchange in Japan, installing back doors and deploying spyware. Read more about the method of attack and Jamf's defense of the threat.

Subscribe to the Jamf Blog

Have market trends, Apple updates and Jamf news delivered directly to your inbox.

To learn more about how we collect, use, disclose, transfer, and store your information, please visit our Privacy Policy.