SEARCH
Archive
Don’t Skip User Authentication on MDM Even With Apple’s DEP
Duo Labs researchers discovered that Apple was using serial numbers to authenticate devices with its Device Enrollment Program (DEP). If organizations treat DEP as a trust broker and assume DEP-registered devices are trusted, they expose themselves to a variety of risks, including rogue devices receiving internal network configuration settings.
How iOS 11.4.1 Stops USB Attacks and Bad Emojis
In its latest release of iOS, Apple has included a new feature called Restricted Mode that can prevent USB-based attacks.
A Privacy Tradeoff of the macOS QuickLook Cache
A convenient feature in macOS called QuickLook can leak information about files that users preview, even in encrypted containers.
Bug Allows Bypass of Code-Signing Tools on Macs
An issue with the way third-party tools implement Apple's code-signing API can allow malicious files to pass as legitimate ones.
iOS 12 Goes Hard on Password Security
Apple is adding a slew of new password-security features in iOS 12 to help users avoid using weak or duplicate credentials.