Box makes quick decision to add new collaboration capabilities in face of pandemic

/0 Comments/in /by

When the shutdown began six weeks ago, the powers that be at Box sat down for a meeting to discuss the situation. They weren’t in the same room of course. They were like everyone else, separated by the virus, but they saw this as a key moment for Box as a company.

They had been talking about digital transformation for years, trying to help customers get there with their cloud content management platform, and this was a pivotal moment with millions of employees working at home.

Box CEO Aaron Levie says the company’s executives had to decide if the change in work style they were seeing at that moment was going to be a temporary event or something that changed work forever.

After some debate, they concluded that it was going to change things for the long term, and that meant accelerating the product road map. “We made the bet six weeks ago that this was going to be a long-term change about how business works, and even if offices opened back up, we thought that companies were going to want to be resilient for this type of event in the future,” Levie explained.

From Box’s perspective, they saw this playing it in three crucial ways. Employees would need to be able to share files securely (their sweet spot). They would need to collaborate with folks inside and outside the organization. Finally, as you are working inside other cloud applications, what is the best way to interact with files stored in Box?

These are all scenarios that Levie has been talking about for years, and to some extent Box offered already, but they wanted to tighten everything up, while adding some new functionality. For starters, they are offering a cleaner interface to make it easier for users to interact with and share files.

They are also helping users organize those files with a new feature called Collections, which lets them group their files and folders in ways that make sense to them. This is organized on an individual basis, but Levie says they are already hearing requests to be able to publish collections inside the organization, something that could come down the road.

Next, they are adding an annotations capability that makes it easy to add comments either as a single editor or in a group discussion about a file. Think Google Docs collaboration tools, but for any document, allowing an individual or group to comment on a file remotely in real time, something many folks need to do right now.

Image Credit: Box

Finally, external partners and customers can share files in Box from a special landing page. Levie says that this is working in conjunction with Box Shield, and the malware detection capability announced last month to make sure these files are shared in a secure fashion.

“Companies are going to need to make sure that no matter what happens — in the fall, next year or 10 years from now — that they can be resilient to an event where people can’t transact physically, where you don’t have manual processes, where employees can go work from home instantaneously, and so that’s going to change dramatically how you adjust your company’s priorities from a technology standpoint,” Levie said.

These new features may not answer all of those huge strategic questions, but this is a case where Box saw an opening for the company to address this change in how people work more directly, and they sped up the roadmap to seize it.

These features will be rolling out starting today and over the next weeks.

Box adds automated malware detection to Box Shield security product

Harbr emerges from stealth to help build online data marketplaces

/0 Comments/in /by

Harbr co-founder Anthony Cosgrove has been working with data for over 15 years, so he has an inkling of some of the problems associated with pulling data together in a way that makes it easy for others to consume, whether internally or externally. Like many entrepreneurs before him, he decided to start a company to solve that problem, and today it came out of stealth.

Cosgrove explained that in his experience, data platforms of the past had several problems. “They were too slow. They were too expensive and too risky, and when you got the data you then ended up working in a silo with really no repeatability of anything that you did for anybody else in your organization,” he explained.

Cosgrove started Harbr because he saw a dearth of tools to help with these issues. “We wanted to create an environment where organizations could share their data, collaborate on that data and create new versions of that data that were really optimized for very specific use cases,” he said.

For now, the company is concentrating on large data vendors, helping them package and monetize the data they produce as a business more efficiently, but Cosgrove sees a time where he could be helping other firms that produce data as a byproduct of conducting business to monetize that data more easily.

He says these big data businesses generally lack the agility to package data in ways that make sense for each customer, and his company’s product should help solve that. “They’re able to start working directly with their customers to move away from kind of sending data to actually selling services, models or insights, which is what customers really want,” he said.

One other unique aspect of the tool is that it is a true platform, meaning that you are not just restricted to the data in your system. You can pull together other data sources as well, and that could make for even more interesting ways to package the data for customers.

The company launched in London in 2017 and spent some time building the product. It recently opened offices in the United States and currently has 30 employees divided between the two locations. It has raised $6.5 million in seed capital led by Boldstart Ventures .

Zoom acquires Keybase to get end-to-end encryption expertise

/0 Comments/in /by

Zoom announced this morning that it has acquired Keybase, a startup with encryption expertise. It did not reveal the purchase price.

Keybase, which has been building encryption products for several years including secure file sharing and collaboration tools, should give Zoom some security credibility as it goes through pandemic demand growing pains.

The company has faced a number of security issues in the last couple of months as demand as soared and exposed some security weaknesses in the platform. As the company has moved to address these issues, having a team of encryption experts on staff should help the company build a more secure product.

In a blog post announcing the deal, CEO Eric Yuan said they acquired Keybase to give customers a higher level of security, something that’s increasingly important to enterprise customers as more operations are relying on the platform, working from home during the pandemic.

“This acquisition marks a key step for Zoom as we attempt to accomplish the creation of a truly private video communications platform that can scale to hundreds of millions of participants, while also having the flexibility to support Zoom’s wide variety of uses,” Yuan wrote.

He added that that tools will be available for all paying customers as soon as it is incorporated into the product. “Zoom will offer an end-to-end encrypted meeting mode to all paid accounts. Logged-in users will generate public cryptographic identities that are stored in a repository on Zoom’s network and can be used to establish trust relationships between meeting attendees,” he wrote.

Under the terms of the deal, the Keybase will become a subsidiary of Zoom and co-founder and Max Krohn will lead the Zoom security engineering team, reporting directly to Yuan to help build the security product. The other almost two dozen employees will become Zoom employees. The vast majority are security engineers.

It’s not clear what will happen to Keybase’s products, but the company did say Zoom is working with Keybase to figure that out.

Keybase was founded in 2014 and has raised almost $11 million according to Crunchbase data.

In surprise choice, Zoom partners with Oracle for growing infrastructure needs

Daily Crunch: Zoom acquires security startup Keybase

/0 Comments/in /by

Zoom acquires some encryption expertise, Uber makes a big investment in scooters and we review the new 13-inch Macbook Pro.

Here’s your Daily Crunch for May 7, 2020.

1. Zoom acquires Keybase to get end-to-end encryption expertise

Keybase, whose encryption products include secure file sharing and collaboration tools, should give Zoom some security credibility as it goes through pandemic demand growing pains. A number of Zoom security issues have come to light in the last couple of months as demand has soared and exposed security weaknesses in the platform.

Under the terms of the deal, Keybase will become a subsidiary of Zoom and co-founder and Max Krohn will lead the Zoom security engineering team, reporting directly to Yuan to help build the security product.

2. Uber leads $170 million Lime investment, offloads Jump to Lime

As part of the deal (which was reported earlier this week but is now official), Lime is also acquiring Uber’s micro-mobility subsidiary Jump. There will be more integrations between Uber and Jump in the future, but both apps will remain active for now.

3. Apple MacBook Pro 13-inch review

With this week’s news, the 13-inch becomes the third and final member of the MacBook family to get the new keyboard. It’s not “Magic” as the name implies (Apple really does love the M-word), but Brian Heater says improvements are immediate and vast.

4. Nintendo sells a lot more Switches, as people stay at home playing Animal Crossing

The company says it has sold 21 million Switch units in the past year, handily beating a 19.5 million forecast. 6.2 million of those systems were the newer, cheaper Switch Lite, which hit the market in September. All of this comes as Nintendo has run up against shortages through a combination of increased popularity and a a global supply chain knocked off balance from COVID-19.

5. How will digital media survive the ad crash?

Bustle Digital Group’s Jason Wagenheim told us that he’s anticipating a 35% decline in ad revenue for this quarter. And where he’d once hoped BDG would reach $120 or $125 million in ad revenue this year, he’s now trying to figure out “what does our company look like at $75 or $90 million?” (Extra Crunch membership required.)

6. Apple awards $10 million to rapidly scale COVID-19 sample collection kit production

Apple has awarded $10 million from its Advanced Manufacturing Fund to COPAN Diagnostics, a company focused on producing sample collection kits for testing COVID-19 to hospitals in the U.S. The money comes from the fund that Apple established to support the development and growth of U.S.-based manufacturing — to date, the fund has been used to support companies tied more directly to Apple’s own supply chain.

7. Sonos debuts new Arc soundbar, next-generation Sonos Sub, and Sonos Five speaker

Sonos has introduced a trio of new hardware today, adding three new smart speakers to its lineup, including the Sonos Arc soundbar that includes Dolby Atmos support, as well as Sonos Five, the next version of its Sonos Play:5 speaker, and a third-generation Sonos Sub.

The Daily Crunch is TechCrunch’s roundup of our biggest and most important stories. If you’d like to get this delivered to your inbox every day at around 9am Pacific, you can subscribe here.

As private investment cools, enterprise startups may try tapping corporate dollars

/0 Comments/in /by

Founders hunting down capital in the middle of this pandemic may feel like they’re on a fool’s errand, but some investors are still offering financing, even if the terms might not be as good as they once were. One avenue that appears to remain open: corporate venture capital.

The corporate route offers its own set of unique challenges, depending on the philosophy of the organization’s investment arm. Some are looking strictly for companies that fit neatly into their platform, while others believe a solid investment is more important than a perfect fit.

Regardless of style, these firms want their investment targets to succeed on their own merits, rather than as part of the organization the funding arm represents. To get the lay of the land, we spoke to a couple of firms that take very different approaches to their investments: Dell Technologies Capital and Salesforce Ventures.

Corporate venture is a different animal

Corporate venture funds aren’t typically as large as private ones, but they have a lot to offer, such as global sales and marketing support and a depth of knowledge that offers direct benefits to a young upstart. This can help founders avoid mistakes, but there is danger in becoming too dependent on the company.

The good news is that these companies are often not leading the round, but are instead providing some cash and guidance, which leaves entrepreneurs to develop and grow on their own. While the pandemic is forcing many changes in approaches to investment, the two corporate venture capital firms we spoke to said they will continue to invest, and their theses remains pretty much the same.

If you have an enterprise focus and you can convince these firms to take a chance, they offer some interesting perks a private firm might not be able to, or at the very least provide a piece of your funding puzzle in these difficult times.

Zoom consultant Alex Stamos weighs in on Keybase acquisition

/0 Comments/in /by

When Zoom started having security issues in March, they turned to former Facebook and Yahoo! Security executive Alex Stamos, who signed on as a consultant to work directly with CEO Eric Yuan.

The goal was to build a more cohesive security strategy for the fast-growing company. One of the recommendations that came out of those meetings was building end-to-end encryption into the paid tier of the product. Those discussions led to the company buying Keybase this morning.

Stamos says in the big build versus buy debate that companies tend to go through when they are evaluating options, this fell somewhere in the middle. While they bought a company with a lot of expertise, it will still require Keybase engineers working with counterparts from Zoom and consultants like Stamos to build a final encrypted product.

“The truth is that what Zoom wants to do with end-to-end encryption, nobody’s really done, so there’s no product that you could just slap onto Zoom to turn it into key encryption. That’s going to have to be thought out from the beginning for the specific needs of an enterprise,” Stamos told TechCrunch.

But what they liked about Keybase in particular is that they have already thought through similar problems with file encryption and encrypted chat, and they want to turn the Keybase engineers loose on this problem.

“The design is going to be something that’s totally new. The great thing about Keybase is that they have already been through this process of thinking through and then crafting a design that is usable by normal people and that provides functionality while being somewhat invisible,” he said.

Because it’s a work in progress, it’s not possible to say when that final integration will happen, but Stamos did say that the company intends to publish a paper on May 22nd outlining its cryptographic plan moving forward, and then will have a period of public discussion before finalizing the design and moving into the integration phase.

He says that the first goal is to come up with a more highly secure version of Zoom meetings with end-to-end encryption enabled. At least initially, this will only be available for people using the Zoom client or Zoom-enabled hardware. You won’t be able to encrypt someone calling in, for instance.

As for folks who may be worried about Keybase being owned by Zoom, Stamos says, “The whole point of the Keybase design is that you don’t have to trust who owns their servers.”

Zoom acquires Keybase to get end-to-end encryption expertise

VC’s largest funds make big bets on vertical B2B marketplaces

/0 Comments/in /by

During the waning days of the first dot-com boom, some of the biggest names in venture capital invested in marketplaces and directories whose sole function was to consolidate information and foster transparency in industries that had remained opaque for decades.

The thesis was that thousands of small businesses were making specialized products consumed by larger businesses in huge industries, but the reach of smaller players was limited by their dependence on a sales structure built on conferences and personal interactions.

Companies making pharmaceuticals, chemicals, construction materials and medical supplies represented trillions in sales, but those huge aggregate numbers hide how fragmented these supply chains are — and how difficult it is for buyers to see the breadth of sellers available.

Now, similar to the way business models popularized by Kozmo.com and Webvan in decades past have since been reincarnated as Postmates and DoorDash, the B2B directory and marketplace rises from the investment graveyard.

The first sign of life for the directory model came with the success of GoodRX back in 2011. The company proved that when information about pricing in a previously opaque industry becomes available, it can unleash a torrent of new demand.

Health APIs usher in the patient revolution we have been waiting for

/0 Comments/in /by
Rish Joshi
Contributor

Rish is an entrepreneur and investor. Previously, he was a VC at Gradient Ventures (Google’s AI fund), co-founded a fintech startup building an analytics platform for SEC filings and worked on deep-learning research as a graduate student in computer science at MIT.
More posts by this contributor

If you’ve ever been stuck using a health provider’s clunky online patient portal or had to make multiple calls to transfer medical records, you know how difficult it is to access your health data.

In an era when control over personal data is more important than ever before, the healthcare industry has notably lagged behind — but that’s about to change. This past month, the U.S. Department of Health and Human Services (HHS) published two final rules around patient data access and interoperability that will require providers and payers to create APIs that can be used by third-party applications to let patients access their health data.

This means you will soon have consumer apps that will plug into your clinic’s health records and make them viewable to you on your smartphone.

Critics of the new rulings have voiced privacy concerns over patient health data leaving internal electronic health record (EHR) systems and being surfaced to the front lines of smartphone apps. Vendors such as Epic and many health providers have publicly opposed the HHS rulings, while others, such as Cerner, have been supportive.

While that debate has been heated, the new HHS rulings represent a final decision that follows initial rules proposed a year ago. It’s a multi-year win for advocates of greater data access and control by patients.

The scope of what this could lead to — more control over your health records, and apps on top of it — is immense. Apple has been making progress with its Health Records app for some time now, and other technology companies, including Microsoft and Amazon, have undertaken healthcare initiatives with both new apps and cloud services.

It’s not just big tech that is getting in on the action: startups are emerging as well, such as Commure and Particle Health, which help developers work with patient health data. The unlocking of patient health data could be as influential as the unlocking of banking data by Plaid, which powered the growth of multiple fintech startups, including Robinhood, Venmo and Betterment.

What’s clear is that the HHS rulings are here to stay. In fact, many of the provisions require providers and payers to provide partial data access within the next 6-12 months. With this new market opening up, though, it’s time for more health entrepreneurs to take a deeper look at what patient data may offer in terms of clinical and consumer innovation.

The incredible complexity of today’s patient data systems

Tech Support Scam Uses Child Porn Warning

/0 Comments/in /by

A new email scam is making the rounds, warning recipients that someone using their Internet address has been caught viewing child pornography. The message claims to have been sent from Microsoft Support, and says the recipient’s Windows license will be suspended unless they call an “MS Support” number to reinstate the license, but the number goes to a phony tech support scam that tries to trick callers into giving fraudsters direct access to their PCs.

The fraudulent message tries to seem more official by listing what are supposed to be the recipient’s IP address and MAC address. The latter term stands for “Media Access Control” and refers to a unique identifier assigned to a computer’s network interface.

However, this address is not visible to others outside of the user’s local network, and in any case the MAC address listed in the scam email is not even a full MAC address, which normally includes six groups of two alphanumeric characters separated by a colon. Also, the IP address cited in the email does not appear to have anything to do with the actual Internet address of the recipient.

Not that either of these details will be obvious to many people who receive this spam email, which states:

“We have found instances of child pornography accessed from your IP address & MAC Address.
IP Address: 206.19.86.255
MAC Address : A0:95:6D:C7

This is violation of Information Technology Act of 1996. For now we are Cancelling your Windows License, which means stopping all windows activities & updates on your computer.

If this was not You and would like to Reinstate the Windows License, Please call MS Support Team at 1-844-286-1916 for further help.

Microsoft Support
1 844 286 1916”

KrebsOnSecurity called the toll-free number in the email and was connected after a short hold to a man who claimed to be from MS Support. Immediately, he wanted me to type a specific Web addresses into my browser so he could take remote control over my computer. I was going to play along for a while but for some reason our call was terminated abruptly after several minutes.

These kinds of support scams are a dime a dozen, unfortunately. They prey mainly on elderly and unsophisticated Internet users, walking the frightened caller through a series of steps that allow the fraudsters to take complete, remote control over the system. Once inside the target’s PC, the scammer invariably finds all kinds of imaginary problems that need fixing, at which point the caller is asked for a credit card number or some form of payment and charged an exorbitant fee for some dubious service or software.

What seems new about this scam is the child porn angle, which I’m sure will worry quite a few recipients. I say this because over the past few weeks, someone has massively started sending the same type of sextortion emails that first began in earnest in the summer of 2018, and incredibly over the past few days I’ve received almost a dozen emails from readers wondering if they should be concerned or if they should pay the extortion demand.

Here’s a hard and fast rule: Never respond to spam, and certainly not to any email that threatens some negative consequence unless you respond. Doing otherwise only invites more spammy and scammy emails. On the other hand, I fully support the idea of tying up this scammer’s toll-free number with time-wasting calls.

macOS Security | So How Do Macs Get Infected With Malware?

/0 Comments/in /by

Three pervasive myths about Macs that you can find in almost any online discussion about security and macOS are “Macs are safe by design”, “Macs are not numerous enough to be of interest to malware authors” and (consequently) “there’s no real malware threats out there for macOS”. We’ve talked about the weaknesses in macOS security on a number of previous occasions, and we’ve also talked about some of the common and not-so-common threats that are out there in the wild, too. 

But as I’ve noted in the past, the view of security researchers and the views of those opining on social media are often at odds simply because the latter are speaking from their own experience and don’t have the overview that researchers have. SentinelOne protects hundreds of thousands of Macs and our telemetry paints a very clear picture, a picture that has changed vastly even in the last two to three years. But people can only argue from what they know, so let’s share a little knowledge. How do Macs really get infected? Let’s count the ways.

1. Self-inflicted Damage? Cracks, Pirates and Porn

A common argument among those who grudgingly admit there might be a “minor” problem of malware on macOS is that it is only users engaging in “risky behaviour” that are susceptible to malware, and (for some often unstated reason) this doesn’t count as a “real” problem. This argument is often swiftly followed by the claim that had these users only followed “Apple’s advice”, or “common sense” or some other prescription about what users should and should not do on a computer, then they would not have ended up with malware on their (or their company’s) Macs. The fact they didn’t do the former and ended up with the latter? Well, “only themselves to blame”. 

I believe such moralizing hinders rather than helps the real security effort needed to improve macOS security, not just for this subset of users but for all. I also don’t believe this attitude is representative of Apple itself, if you look at the kind of things that Apple’s own security tools try to detect. Rather, this is the view of a certain vociferous subsection of Apple enthusiasts. 

However, before we get further into that, let’s first take a look at the kind of threats we’re talking about here.

Those that frequent torrent sites in search of free access to copyrighted material – from books and TV series to blockbuster movies and proprietary software – share something in common with those that frequent adult entertainment sites (regardless of whether they are or are not the same users): they are disproportionately likely to expose themselves to macOS malware. 

Take this Torrent user’s offerings, for example. 

As they say on TV, “don’t try this at home, folks!” Taking the first offering in the list, the Adobe Photoshop DMG unpacks to contain both the genuine software, a patch for it, and a hidden cryptominer.

In another example, a number of easy-to-find websites offer “cracked” versions of popular apps, including another Adobe Zii crack. Here’s one:

Clicking on the link for the Adobe Zii 2020 5.2.0 Universal Patcher appears to provide a disk image for the same software.


However, after mounting the image we find no application at all, just a single mach-O file called “AdobeFlashPlayer”. 


A quick lookup of the hash on VirusTotal confirms that it’s malware. 

0d5b129d4e4f1da8847b4579cc8c4f59e12c17effa924bb2624983f0ade51ba4

Yet another site offers a crack of popular video and screencast editing software Camtasia, among many other paid-for applications. In case you know someone tempted, point them to the following sobering reality:

Downloading the DMG we find it contains an “Install” file; this time, neither an App bundle or a mach-O, but an obfuscated shell script.

And, of course, that’s malware, too.

Blaming Users Is No Way To Do Security

Regardless of the source of the infection or the payload delivered, in all these cases the user behaviour has one thing in common: each is attempting to find or obtain some premium product (or service) without paying for it. Knowing this, malware authors lure victims with promises of expensive or popular software and infect them with malware, usually instead of, but sometimes as well as, providing whatever was promised in the lure.

Are these users to blame for their own cheap skating, IP-stealing ways? There’s certainly no argument here that this kind of behavior shouldn’t be condoned and those guilty of actually stealing IP should be sanctioned by the appropriate authorities where possible. But playing the blame game ignores, rather than solves, the security issue. If users are committing crimes, surely we want them to be punished in appropriate ways by the proper authorities, not by malware authors?

More importantly, dismissing victims of supposed ‘self-inflicted’ cyber crime ignores the reality that the damage done by such malware can both have consequences far greater than the supposed ‘crime’ (you tried to steal a $99 software and lost your credit card credentials) and also can collaterally affect other users on the same device or network, a particular worry for enterprises with Mac fleets. 

In short, let’s not leave security in the precarious and unreliable hands of moralists, and instead deal with the problem properly: through advanced behavioral AI that can protect such users from themselves, and protect the rest of us from such users. 

2. Scamware, Scareware and all the PUPs

Not every user infected with macOS malware was looking to get something they should be paying for on the cheap. Some users are looking for genuine software to solve a problem, but they will rapidly encounter all kinds of sites with misleading cues and confusing download buttons, particularly if they are using a browser without some kind of advertising or pop up blocker.

A common source of scareware pop ups is product review sites, many of which are fake and lead consumers on a merry-dance through several links before throwing the inevitable alert claiming something like “Adobe Flash Player is out of date” or “Your Mac is infected with a virus”. 

Similarly, many such sites are littered with malvertising, with flashy graphics or annoying gifs with fake “Close” button lures which, after a few redirects, end up in a predictable pop-up like the one below. In this example, the ‘Later’ button re-pops the alert while the ‘Install’ button treats the user to one variant or another of OSX.Shlayer.

3. Search and (Be) Destroy(ed)

Even without visiting such sites, general Internet searches for macOS-related content can turn up results with JavaScript redirection to fake App Store pages that deliver Shlayer malware, adware or PUP installers.

In this example the user conducts a search via Google for “Can You Expand A Dmg Without Mounting?” Among the the first page hits is this one, hosted on weebly.com:

hxxps://newsletternew979[.]weebly[.]com/can-you-expand-a-dmg-without-mounting[.]html

When the referrer is Google.com, the above site uses Javascript to replace the original content with a fake App Store and download links to OSX.Shlayer malware. 

The site is scripted such that if the user follows a direct link or comes from another search engine, no redirection occurs. However, when the user is referred from Google, the original content is replaced with the fake App Store and the lure to download the malware. 

4. Phishing, Targeted Attacks and…Ransomware?

And all this is without mentioning the actual malware campaigns that are directly aimed at Mac users. In the last 18 months or so, we’ve seen the return of OSX.Dok, unknown actors behind the GMERA malware campaign and plenty of Lazarus/AppleJeus campaigns targeting cryptocurrency exchanges and crypto wallet users to name just a few. 

Only this week a well-known Remote Access Trojan/Backdoor from the Windows world (Dacls RAT) with links to Lazarus APT was discovered to have a macOS variant. 

There is also evidence that the ransomware plague which so far has spared macOS users may be coming our way soon as ransomware-as-a-service vendors like SMAUG begin to offer Mac-compatible malware. At present, we have yet to see this particular threat active in the wild or validated it for it’s efficacy against Mac targets, but the fact that such offerings are being made suggests cyber criminals are aware of the value of infecting macOS users: “Don’t leave money on the table by focusing only on Windows”, the message states.

But…Apple Have Your Back, Right?

Although you can find many Apple enthusiasts and social media “influencers” still denying that there is a malware problem on macOS, you won’t find anyone from Apple sharing that view (if you can find anyone from Apple to share a view, that is…). 

Joking aside, Apple are well aware of the problem and as we’ve pointed out before, have admirably stepped up their attention to security in the last 12 to 18 months. XProtect and MRT.app are now regularly updated, and there’s no doubt that they are both far more comprehensive than they’ve ever been before. Indeed, I’ve even written about how to keep up with Apple’s security updates myself as a means of threat research. 

That said, the issue now is not so much that Apple isn’t working hard to protect the platform as that the current tools on the platform are simply not up to the job. They are built on old technology – Yara Rules, path lists, code signing certificates – that require having already seen a threat before writing a signature to stop it. 

Conclusion

Malware is a growing problem on macOS. It certainly isn’t as big a problem as it is on the Windows platform, but it’s way past the point where anyone with any reasonable knowledge of what’s going on in the wild would deny it. 

Yes, users are sometimes culpable, and sometimes gullible; but burying our collective heads in the sand and assuming that if we can’t see macOS malware it can’t see us will only serve to exacerbate the problem. It’s been proven beyond argument that no matter the platform, the only effective way to do enterprise security is to stop chasing malware samples and start detecting malware behaviors. If you’d like to see how SentinelOne can help protect your enterprise, contact us today or request a free demo.

Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Cyber Security