Cybersecurity researchers at Jamf recently detected 21 new malware families that were found to be attacking Mac users.
21 New Malware Families Detected
More than 15 million devices were globally analyzed in Q4 2023 by Security 360 across 90 countries (macOS, iOS/iPad, Android, Windows) to gauge the real-world impact of security trends.
Jamf’s 2024 malware report reveals that 9% of mobile users fell for phishing, and 20% of the companies risked due to flawed smartphone setups.
Jamf is a device management service that annually reports smartphone safety. Recently it has been claimed that 40% of users use devices with vulnerabilities, and 39% of organizations have at least one such device.
This data highlights the growing concerns about iPhones alongside Android. This also notes a rising trend of the threat actors targeting Apple’s ecosystem with sophisticated attacks, highlighting a focus on developing hard-to-detect exploits for iOS/iPadOS.
Despite Apple’s focus on security, Jamf’s report reveals neglect of their platforms. For instance, FileVault, a crucial data protection feature, was disabled on 36% of surveyed devices.
You can block malware, including Trojans, ransomware, spyware, rootkits, worms, and zero-day exploits, with Perimeter81 malware protection. All are extremely harmful, can wreak havoc, and damage your network.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.
Qakbot Takedown Aftermath: Mitigations and Protecting Against Future Threats
The U.S. Department of Justice (DOJ) and the FBI recently collaborated in a multinational operation to dismantle the notorious Qakbot malware and botnet. While the operation was successful in disrupting this long-running threat, concerns have arisen as it appears that Qakbot may still pose a danger in a reduced form. This article discusses the aftermath of the takedown, provides mitigation Read More
The Hacker News | #1 Trusted Cybersecurity News Site
Patching On Time, Thwarts Cybercrime – Security Patch Management Guide
“It takes 20 years to build a reputation and a few minutes of cyber-incident to ruin it,” says Stephane Nappo, Global Head of Information Security for Société Générale International Banking Pole.
Although a cyber incident can be completed in minutes, they often require a week of prep—sometimes less.
A lot of things could happen in a week.
For example, that’s how long it took for me to finish this article.
Would you believe if I say that cybercriminals would have exploited unpatched vulnerabilities to take advantage of any organization within the span of my writing this article?
Yes, the typical length of time it takes cybercriminals to weaponize new critical vulnerabilities is just seven days.
Meanwhile, it takes anaverage of 60 days for an organization to patch a critical vulnerability.
This leaves an opening, and not just a window but wide open gates for cybercriminals to walk through and exploit vulnerabilities.
Stay compliant, stay secure
Staying secure is critical, but it is also equally important for an organization to stay compliant with regulatory standards like Payment Card Industry Data Security Standard (PCI DSS), Health Insurance Portability and Accountability Act (HIPAA), General Data Protection Regulation (GDPR), and other region-specific standards and regulations.
Failing to comply with these standards may result in financial penalties, legal repercussions, damaged reputation, or other repercussions.
Effective patch management doesn’t only save a dime but also your business.
Nip cyberattacks in the bud with Timely patching
As a part of cybersecurity hygiene, all security updates should be installed promptly, without any delay or dispute.
When a vendor releases a patch, this indicates the vulnerability has likely existed for a while.
It means the cyber attackers had a chance to know about it before the vendor did and exploit it.
Then imagine what are all the consequences your organization will be facing if you are going to take another few more months to patch the vulnerabilities.
Ha! At this point, an attacker no longer has to look for an open gate to sneak in.
This is why timely patching is imperative to keep your organization secure and unshakable.
Achieving timely patching isn’t a piece of cake
One of the biggest root causes for delay in patching is due to relying on manual processes, including:
Manually checking for new and missing patches in the network.
Downloading them from the respective vendors’ sites.
Creating deployment policies that meet specific industry needs.
Testing the patches in a pilot group of computers and approving them for deployment.
Generating reports to track the whole patching process.
Phew! A whole heap of work, isn’t it?
Choosing the right patch management tool can be a challenge. Where do you begin?
An ideal patch management solution should:
Support every major operating system which includes Windows, Mac, and Linux.
Patch various types of endpoints including laptops, desktops, servers, remote devices, etc.
Provide extensive support to third-party applications patching.
Offer a completely automated patch management solution to save time and energy.
Generate insightful reports to effectively monitor every stage of the patching process.
Make patching a piece of cake with ManageEngine’s Patch Manager Plus
Shedding light on Patch Manager Plus’ interesting attributes
Keep your network up-to-date and patched round the clock with Patch Manager Plus that Powered to patch 850+ third-party applications
Not only does it alleviate the stress of needing to regularly perform manual efforts but it also simplifies the process of managing multiple operating systems, patching 850+ third-party applications, and generating detailed reporting.
With Patch Manager Plus, patch threats, and vulnerabilities in a timely manner
– Take advantage of pre-built, tested, and ready-to-deploy packages for non-Microsoft applications.
Construct a deployment policy for your enterprise
You can schedule deploymentbased on your organization’s needs by specifying which weeks and days you want the patches to be deployed. For example, you can schedule auto-deployment to occur every weekend and Patch Tuesday.
Also, you can choose the best time to deploy patches by defining the start and end time in Deployment Window.
In today’s constantly evolving digital world, patch management needs to be a primary concern for every organization.
Although patch management can be a complicated and time-consuming process, the consequences of not using it surpass the efforts involved.
Keeping your network regularly updated may prevent significant data loss, financial harm, and security breaches.
By being precise and diligent, organizations may lower the risks of cyber-attacks and ensure the long-term success of their business.
Learn how our ManageEngine’s patch paladinPatch Manager Plus lets you do all of these to enhance the security posture of your network infrastructure!
High-severity GitLab flaw lets attackers take over accounts
GitLab patched a high-severity vulnerability that unauthenticated attackers could exploit to take over user accounts in cross-site scripting (XSS) attacks. […] Read More