Jamf Blog

Meet the team of experienced threat researchers, cybersecurity experts and data scientists focus on delivering the best, most secure experience to Jamf customers. And how the work of the Jamf Threat Labs helps organizations and users alike succeed with Apple, safely and securely.

Machine Learning is not just a buzzword, but a truly helpful technology that works to supercharge your organization’s security solutions by using algorithms and statistical models to analyze data, like the volume and complexity of a cyberattack in real-time – even stopping data breaches before they can occur.

Learn how to deploy Jamf Protect with Jamf School to fortify the security posture of your devices while managing your fleet, allowing students and educators to learn and teach without compromises to productivity or endpoint security.

A patch to Windows Server released in November 2021 to fix CVE-2021-42287 inadvertently broke binding of macOS devices to Microsoft Active Directory. Microsoft released a new patch on April 12, 2022 to the release channel for Windows Server to solve the problem. Administrators are encouraged to install and vigorously test a development environment if your organization binds macOS devices to Active Directory.

The remediation for a serious security vulnerability in Microsoft Active Directory (AD) prevents Apple macOS from binding. Affected machines will lose the ability to communicate with AD domain controllers, resulting in user lockout and potential data loss.

Arguably, the healthcare sector is one of the industries that can least afford a security breach. So why was 2021 the tenth year in a row that the healthcare industry had the highest breach costs of any industry? And why, according to the HIPAA Journal, has the number of healthcare data breaches risen every year for the last decade?

And what is the industry planning to do about it?

Jamf Threat Labs researchers investigated an Android app (that has since been removed from Google Play on March 22) that was capable of stealing Facebook login credentials (username and password) from users. The app is called Craftsart Cartoon Tools and it was also reported by researchers at Pradeo.

A new vulnerability has been discovered within the Java Spring Framework which may allow for remote execution on a server. Jamf Threat Labs provides a primer on the Java-based vulnerability which has been assigned CVE-2022-22965 and given the nickname “Spring4Shell”.