Jamf Blog

Posts in the Jamf Threat Labs Category

September 21, 2023 by Haddayr Copley-Woods

The Art of Cryptojacking

The Jamf Threat Labs team recently drew attention in the tech media for uncovering a sly piece of malware that was proliferating unnoticed in the wild. As Jamf Threat Labs pursued its trail, they discovered intriguing insights and went down some fascinating rabbit holes. This fascinating JNUC 2023 presentation walked attendees through a recent Mac malware campaign investigation from start to finish.

August 17, 2023 by Jamf Threat Labs

Fake Airplane Mode: A mobile tampering technique to maintain connectivity

Jamf Threat Labs developed a post-exploit persistence technique on iOS 16 that falsely shows a functional Airplane Mode. In reality, after successful device exploit the attacker plants an artifical Airplane Mode that edits the UI to display Airplane Mode icons and cuts internet connection to all apps except the attacker application. This enables the attacker to maintain access to the device even when the user believes it is offline. This technique has not yet been observed in the wild and is only possible on an already exploited or jailbroken device.

July 3, 2023 by Haddayr Copley-Woods

Jamf After Dark: WWDC recap

Jamf After Dark co-hosts Kat Garbis and Sean Rabbitt welcomed special guest Aaron Webb, Senior Product Marketing Manager in security at Jamf for this special segment focusing on WWDC. They uncovered the benefits of same-day support, highlighted features, outlined how Jamf will support these features and discussed which markets stand to benefit most from these developments.

June 30, 2023 by Jamf Threat Labs

Jamf protects against JokerSpy malware

Threat actors targeted a cryptocurrency exchange in Japan, installing back doors and deploying spyware. Read more about the method of attack and Jamf's defense of the threat.

May 22, 2023 by Jamf Threat Labs

The Mysteries Behind ColdIntro and ColdInvite: TL;DR edition

Learn about the discovery of a novel threat vector on iPhone that allows attackers to circumvent security mitigations by exploiting under-protected co-processors, leveraging access to further compromise the iOS kernel.

April 21, 2023 by Jamf Threat Labs

BlueNoroff APT group targets macOS with ‘RustBucket’ Malware

Learn about the macOS malware variant discovered by Jamf Threat Labs named 'RustBucket'. What it does, how it works to compromise macOS devices, where it comes from and what administrators can do to protect their Apple fleet.

April 19, 2023 by Jamf Threat Labs

The web of connections with iOS 16.4.1

In this blog, Jamf Threat Labs analyzes CVE-2023-28206, iOS 16.4.1 patches and CitizenLab’s findings on QuaDream’s exploits.

April 18, 2023 by Aleena Kaleem

Jamf in the News: 2023 highlights so far

Get up to speed on recent Jamf in the News highlights, from how we’re helping tackle security threats to promoting BYOD.

Subscribe to the Jamf Blog

Have market trends, Apple updates and Jamf news delivered directly to your inbox.

To learn more about how we collect, use, disclose, transfer, and store your information, please visit our Privacy Policy.