"Employees account for 57% of all security incidents and 45% of these incidents come when workers bypass or ignore security policies by, for example, using unapproved tools."
"Attackers are actively searching for and exploiting those kinds of policy workarounds, seeking weaknesses in commonly used, but unapproved, tools. Users really should educate themselves."
"While companies can put some mitigations in place using device management and policy controls to constrain app use and downloads across their endpoints, Apple is also working to keep systems secure with a focus on the Terminal app."
"In this case, it will introduce new malware warnings and protections to help prevent people from using Terminal to override system security to install malware-laden scripts. That's the attack vector currently being used in the ClickFix series of attacks, which use fake macOS utilities to trick Mac users into doing just that."
Employees account for 57% of security incidents, and 45% of those incidents occur when workers bypass or ignore security policies. Common behavior includes using unapproved tools. Attackers actively search for and exploit these policy workarounds by targeting weaknesses in widely used but unapproved tools. Companies can reduce risk with device management and policy controls that constrain app use and downloads across endpoints. Apple is also adding protections focused on the Terminal app. New malware warnings and protections aim to prevent people from using Terminal to override system security and install malware-laden scripts. This attack vector is used in the ClickFix series, which relies on fake macOS utilities to trick users into running harmful actions.
Read at Computerworld
Unable to calculate read time
Collection
[
|
...
]