Jamf Blog

Posts in the Jamf Threat Labs Category

May 30, 2024 by Jamf Threat Labs

Phishing for credentials: iOS pop-up deception through sideloaded apps

In this blog, Jamf Threat Labs showcases how malicious actors deceive users. By mimicking authentic Apple pop-up messages in the native iOS style, a false sense of security is created, prompting users to instinctively input their credentials.

April 5, 2024 by Jamf Threat Labs

Infostealers continue to pose threat to macOS users

Jamf Threat Labs dissects ongoing infostealer attacks targeting macOS users. Each with different means of compromising the victim’s Macs but with similar aims: to steal sensitive user data.

January 18, 2024 by Jamf Threat Labs

Jamf Threat Labs discovers new malware embedded in pirated applications

In this blog, Jamf Threat Labs researchers analyze malware they discovered in pirated macOS applications. These apps, appearing similar to ZuRu malware, download and execute multiple payloads to compromise machines in the background.

December 5, 2023 by Jamf Threat Labs

Fake Lockdown Mode: A post-exploitation tampering technique

In this blog, Jamf Threat Labs explains how bad actors could create a false sense of security with Lockdown Mode by post-exploit tampering.

November 6, 2023 by Jamf Threat Labs

BlueNoroff strikes again with new macOS malware

Jamf Threat Labs discovered a new later-stage malware variant from BlueNoroff that shares characteristics with their RustBucket campaign. Read this blog to learn more about this malware and view the indicators of compromise.

October 9, 2023 by Jesus Vigo

A holistic approach to security: endpoint protection

Comprehensive endpoint protection provides modern threat landscape protection to your entire fleet of Apple computers and mobile devices, including Windows and Android endpoints. By protecting against new and evolving threats through effective and efficient defense-in-depth strategies, Jamf endpoint security solutions are not only best-of-breed, but their powerful and flexible workflows help organizations like yours to succeed with Apple and mobile devices at work, without compromising data security, user privacy or end-user productivity.

September 21, 2023 by Haddayr Copley-Woods

The Art of Cryptojacking

The Jamf Threat Labs team recently drew attention in the tech media for uncovering a sly piece of malware that was proliferating unnoticed in the wild. As Jamf Threat Labs pursued its trail, they discovered intriguing insights and went down some fascinating rabbit holes. This fascinating JNUC 2023 presentation walked attendees through a recent Mac malware campaign investigation from start to finish.

August 17, 2023 by Jamf Threat Labs

Fake Airplane Mode: A mobile tampering technique to maintain connectivity

Jamf Threat Labs developed a post-exploit persistence technique on iOS 16 that falsely shows a functional Airplane Mode. In reality, after successful device exploit the attacker plants an artifical Airplane Mode that edits the UI to display Airplane Mode icons and cuts internet connection to all apps except the attacker application. This enables the attacker to maintain access to the device even when the user believes it is offline. This technique has not yet been observed in the wild and is only possible on an already exploited or jailbroken device.

Subscribe to the Jamf Blog

Have market trends, Apple updates and Jamf news delivered directly to your inbox.

To learn more about how we collect, use, disclose, transfer, and store your information, please visit our Privacy Policy.