Jamf Threat Labs Investigating security threats that put organizations and users at risk.
What is Jamf Threat Labs?
Jamf Threat Labs is a team of experienced threat researchers, cybersecurity experts and data scientists, who help Jamf customers identify and remediate security risks. They have experience in:
- Penetration testing
- Network monitoring
- Malware research
- App risk assessment
Using MI:RIAM, our machine intelligence engine, the team constantly hunts for vulnerabilities, threats and data exposures — and has uncovered many high-profile and novel security events.
Stay informed. Latest Threat Labs articles
APT actors embed malware within macOS Flutter applications
Jamf Threat Labs performs a deep dive into how the malicious code works to remain vigilant against this potentially new method to target macOS devices and users.
Revealing how sideloaded apps can secretly monitor images
Jamf Threat Labs created a demo illustrating how a modified yet perfectly functional social media app can continuously monitor your photos and upload them to an attacker’s server.
Social engineering leads to malicious code execution
Jamf Threat Labs analyzes attack methods that lead candidates to download coding challenges — installing malware instead.
Gatekeeper vulnerability in macOS allows unsigned and unnotarized app execution
Jamf Threat Labs discovers and analyzes vunerabilities to Gatekeeper and The Unarchiver that allowed users to run unsigned and unnotarized apps.
Read all Jamf Threat Labs content
View our comprehensive list of all blogs written by Jamf Threat Labs.
Real problems need real solutions.
actually originate with authorized users accessing unauthorized systems.
involve stolen or weak passwords
Stay vigilant. Latest Threat Lab reports
Security 360: Annual Trends Report
As the workforce continues to be distributed, our perspective on the modern threat landscape continues to evolve to meet the consistent requirements of endpoint compliance, ensuring data security while upholding user privacy in the face of evolving risk.
Phishing Trends Report
Why? Because it’s easier for an attacker to exploit a person and capture data via a phishing attack than it is to exploit a robust device operating system. In fact, user credentials are far more valuable to an attacker in this age of cloud-enabled enterprises, as they provide access to sensitive data that is stored and managed beyond the device in SaaS applications, online file storage repositories and data centers.
An Analysis of iOS App Permissions
Mobile apps need data to function. That’s why app developers ask for varying levels of access to the information on your mobile device. To better understand the use of app permissions and the information that app developers are trying to collect, we looked at the metadata within a sample of almost 100,000 popular apps across the App Store catalog.