PossibleThreat Articles

Articles for the experts…

Security

ComputerWorld Independent 

Managed Apple IDs, iCloud, and the shadow IT connection

0 Comments , , , ,

Apple is continuing its expansion of Managed Apple IDs for business customers, giving them increased access to iCloud services and Apple Continuity features. Companies get iCloud backup and new syncing options (particularly for passwords, passkeys, and other enterprise credentials) — along with access to business-friendly Continuity features such as Universal Control.

But they could also lead to increased data sprawl and siloing. Ironically, those issues are typically related to shadow IT, even though they’re enterprise features. Let’s look at what’s going on and how enterprises can take advantage of these features and services without running into trouble.

To read this article in full, please click here

Read more
ComputerWorld Independent 

Why and how to create corporate genAI policies

0 Comments , , , , ,

As a large number of companies continue to test and deploy generative artificial intelligence (genAI) tools, many are at risk of AI errors, malicious attacks, and running afoul of regulators — not to mention the potential exposure of sensitive data.

For example, in April, after Samsung’s semiconductor division allowed engineers to use ChatGPT, workers using the platform leaked trade secrets on least three instances, according to published accounts. One employee pasted confidential source code into the chat to check for errors, while another worker shared code with ChatGPT and “requested code optimization.”

To read this article in full, please click here

Read more
ComputerWorld Independent 

China hacks the US military and government — the Feds blame Microsoft

0 Comments , ,

Hidden in the basic infrastructure that runs the US military is a powerful piece of Windows-borne Chinese malware that can disrupt the communications systems, power grids, and water supplies at the military’s bases around the world. One US congressional aide calls it a “ticking time bomb” that as The New York Times put it, “could give China the power to interrupt or slow American military deployments or resupply operations by cutting off power, water and communications to US military bases.”

To read this article in full, please click here

Read more
ComputerWorld Independent 

Jamf Threat Labs subverts iPhone security with fake Airplane Mode

0 Comments , , , , ,

Fresh security research from Jamf Threat Labs may not reflect an active attack, but it does illustrate the layered complexity of today’s threat environment.

When Airplane mode isn’t Airplane mode

In brief, the researchers have figured out a proof of concept attack that tricks victims into thinking they are using Airplane Mode. However, in reality the attacker has put in place a fake version of that mode that looks normal but lets the attacker maintain access to the device.

This is by no means a straightforward attack and hasn’t been seen in the wild. The exploit is complex and would require an attacker to successfully take control of the target device through a series of exploits, the research claims. 

To read this article in full, please click here

Read more