Mac usage, as you’ve probably seen in your workplace, has risen exponentially in enterprises. According to a Jamf survey, 74 percent of those who previously used a PC for work experience fewer issues now that they use a Mac. Of course, Macs carry additional advantages as seen in the image below:
Just like you’ve been watching the rapid rise of Macs in enterprises, so have attackers—the ones wreaking havoc in enterprises through malware attacks.
Trend Micro recently discovered a malware strain developed for macOS machines; this malware masquerades as a legitimate trading app named Stockfolio, and has been stealing user information and uploading it on a third-party website.
This malware follows closely on the heels of four different malware strains targeting macOS in recent months.
- Malwarebytes discovered a cracked version of Ableton Live 10, which on installation unpacks a cryptominer that runs in the background via Linux emulation. This malware was dubbed the ‘BirdMiner‘.
- Intego discovered that Firefox’s zero-day vulnerability was used by attackers to unleash OSX/Netwire and OSX/Mokes. Both are backdoor malware strains capable of recording keystrokes, taking screenshots of infected systems, and allowing the attacker to spy on victims.
- Intego yet again discovered the OSX/CrescentCore trojan, another strain of macOS malware which masquerades as Adobe Flash Player and on installation infects the device. This trojan has been designed to be undetectable by antivirus solutions, difficult for malware analysts to examine, and equally difficult to reverse engineer. There also exists a second variant, which either installs a rogue piece of software named Advanced Mac Cleaner or installs a malicious Safari browser extension.
So what’s the solution?
The simplest way to prevent unapproved apps from being installed is by using Gatekeeper. As the name suggests, Gatekeeper ensures only apps available in the App Store and/or developed by trusted developers can be installed on macOS machines. As seen in the above examples, malware usually spreads via apps not available in the official App Store; restricting these installations can go a long way in preventing such attacks.
While configuring Gatekeeper helps in mitigating the spread of malware via apps, MDM solutions also provide two important policies that can secure the corporate data present on Macs. First is FileVault, which encrypts the data saved on Macs, ensuring zero chance of unauthorized access. FileVault’s on-the-fly encryption happens in the back end without affecting productivity.
The next important policy supported by MDM solutions is the firmware password. When this policy is configured, macOS machines can be booted up only using the default startup disk and not using any other internal or external disk, minimizing the chance of unauthorized access.
In addition to Gatekeeper, FileVault, and Firmware, MDM provides enterprises with umpteen security features for macOS machines.
If you’re looking for an MDM solution with extensive macOS management capabilities, look no further: start your fully functional, 30-day free trial of Mobile Device Manager Plus today.
The post Yet another malware attack: macOS now the target for security attacks appeared first on ManageEngine Blog.
Powered by WPeMatico