Automated detection and response workflows can help enterprises stop the otherwise hidden cross-pollination between personal device communications and access to sensitive corporate resources and information. To prevent vulnerabilities such as this one from compromising employees and the organization’s sensitive data, companies should look to centralize and automate their current security threat detection, response and investigation protocols into a single platform. Even organizations that previously shied away from this type of program have been pushed to adopt it to better accommodate remote work. While the first inclination is to focus the impact to consumers, the much larger danger lies within companies whose employees are using their personal apple devices for work.Īmid the pandemic, the adoption of bring you own device (BYOD) policies has exploded across industries. “This zero-day, zero-click vulnerability is significant because it requires no user interaction and impacts all versions of Apple’s iOS, OSX, and watchOS. Nick Tausek, Security Solutions Architects at Swimlane, shared his perspective with Solutions Review. “Attacks like the ones described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals.” He also commended the efforts of Citizen Lab. Ivan Krstić, head of Apple Security Engineering and Architecture, gave a statement on the vulnerability.
The vulnerability appears to be closed at this time via an urgently published update to all devices. This group discovered the vulnerability and alerted Apple. The Solutions Review Buyer’s Guide for Endpoint Security helps you evaluate the best solution for your use case and features profiles of the leading providers.Īccording to researchers at the University of Toronto’s Citizen Lab, the vulnerability was already exploited by an Israeli hacker-for-hire group to plant spyware on a Saudi activist’s iPhone.
0 kommentar(er)
