Jamf Threat Labs Investigating security threats that put organizations and users at risk.
What is Jamf Threat Labs?
Jamf Threat Labs is a team of experienced threat researchers, cybersecurity experts and data scientists, who help Jamf customers identify and remediate security risks. They have experience in:
- Penetration testing
- Network monitoring
- Malware research
- App risk assessment
Using MI:RIAM, our machine intelligence engine, the team constantly hunts for vulnerabilities, threats and data exposures — and has uncovered many high-profile and novel security events.
Stay informed. Latest Threat Labs articles
Predator spyware hides microphone and camera use
Jamf Threat Labs analyzes how a commercial spyware sample (Predator) operates post-compromise.
OpenClaw: AI agents introduce risk
AI agents offer helpful automation, boosting user productivity. Without proper oversight, these agents can become your biggest insider threats: Jamf Threat Labs investigates.
VS code exploited by DPRK
Jamf Threat Labs identifies additional abuse of Visual Studio Code. See the latest evolution in the Contagious Interview campaign.
Predator: anti-analysis techniques in iOS spyware
A deep dive into the error code taxonomy and detection mechanisms that prior research didn't cover.
Read all Jamf Threat Labs content
View our comprehensive list of all blogs written by Jamf Threat Labs.
Real problems need real solutions.
actually originate with authorized users accessing unauthorized systems.
involve stolen or weak passwords
Stay vigilant. Latest Threat Lab reports
Security 360: Annual Trends Report
As the workforce continues to be distributed, our perspective on the modern threat landscape continues to evolve to meet the consistent requirements of endpoint compliance, ensuring data security while upholding user privacy in the face of evolving risk.
Phishing Trends Report
Why? Because it’s easier for an attacker to exploit a person and capture data via a phishing attack than it is to exploit a robust device operating system. In fact, user credentials are far more valuable to an attacker in this age of cloud-enabled enterprises, as they provide access to sensitive data that is stored and managed beyond the device in SaaS applications, online file storage repositories and data centers.
An Analysis of iOS App Permissions
Mobile apps need data to function. That’s why app developers ask for varying levels of access to the information on your mobile device. To better understand the use of app permissions and the information that app developers are trying to collect, we looked at the metadata within a sample of almost 100,000 popular apps across the App Store catalog.