Jamf Threat Labs Investigating security threats that put organizations and users at risk.
What is Jamf Threat Labs?
We help Jamf customers identify and remediate security risks.Jamf Threat Labs is comprised of experienced threat researchers, cybersecurity experts and data scientists, with skills that span penetration testing, network monitoring, malware research and app risk assessment primarily focused on Apple and mobile ecosystems.
Our team’s job is to continually hunt for vulnerabilities, threats and data exposures — we have uncovered a number of high-profile and novel security events including thousands of previously unknown and undiscovered threats — by leveraging MI:RIAM, our machine intelligence engine, primarily to build up the security capabilities of Jamf products.
Stay informed. Latest Threat Labs articles
Pirated apps deploy multiple payloads to compromise machines in the background.
Jamf Threat Labs discovers and analyzes pirated applications that contain malware similar to ZuRu malware.
Jamf Threat Labs develops a PoC with Fake Lockdown Mode
Jamf Threat Labs explains how bad actors could create a false sense of security with Lockdown Mode by post-exploit tampering.
Jamf Threat Labs discovers later-stage malware from BlueNoroff
Jamf Threat Labs found and analyzed later-stage malware with characteristics aligning with BlueNoroff's RustBucket campaign.
Jamf Threat Labs discovers vulnerability in Airplane Mode.
Read about Jamf Threat Labs' exploit of a vulnerability that allows malicious apps to remain connected while the device appears to be in Airplane Mode.
Read all Jamf Threat Labs content
View our comprehensive list of all blogs written by Jamf Threat Labs.
Real problems need real solutions.
Stay vigilant. Latest Threat Lab reports
Security 360: Annual Trends Report
As the workforce continues to be distributed, our perspective on the modern threat landscape continues to evolve to meet the consistent requirements of endpoint compliance, ensuring data security while upholding user privacy in the face of evolving risk.
Phishing Trends Report
Why? Because it’s easier for an attacker to exploit a person and capture data via a phishing attack than it is to exploit a robust device operating system. In fact, user credentials are far more valuable to an attacker in this age of cloud-enabled enterprises, as they provide access to sensitive data that is stored and managed beyond the device in SaaS applications, online file storage repositories and data centers.
An Analysis of iOS App Permissions
Mobile apps need data to function. That’s why app developers ask for varying levels of access to the information on your mobile device. To better understand the use of app permissions and the information that app developers are trying to collect, we looked at the metadata within a sample of almost 100,000 popular apps across the App Store catalog.