MDM Comparison Table
https://github.com/hkystar35/MDM/blob/main/Apple/MDM%20Comparison%20Table.md
I’ve merged the updated table format from the dev branch to main
Highlights:
- Key table added
- Broke out the old “Name” and “Category” columns into Feature, Category, and OS to make it easier to identify features and where they apply
- Updated many Names / Features
- Added a few Features
- Added #intune
#jamf #mosyle #meraki #kandji #jumpcloud #addigy #macos #mdm
"The Mac Malware of 2023" published by Objecive-see. #RustBucket, #SmoothOperator, #ObjCShellz, #macOS, #KANDYKORN, #JokerSpy, #JumpCloud, #CTI, #OSINT, #LAZARUS https://objective-see.org/blog/blog_0x77.html
Hey all. I’ve been wanting to update this MDM comparison table, as well as add Intune (I haven’t gone through Intune’s features yet) to it
Please check out the dev branch table and offer up any feedback in the form of a PR
https://github.com/hkystar35/MDM/blob/dev/Apple/MDM%20Comparison%20Table.md
(From my old blog post https://sysmansquad.com/2022/05/03/2022-05-03-evaluating-apple-mdm-products/)
#mdm #mac #macos #apple #jamf #kandji #mosyle #addigy #jumpcloud #intune #meraki
"Analyzing state-sponsored malware on macOS" published by Jamf. #macOS, #JokerSpy, #3CXDesktopApp, #JumpCloud, #RustBucket, #CTI, #OSINT, #LAZARUS https://www.jamf.com/blog/threat-hunting-unraveling-malware-tactics/
"More malicious npm packages found in wake of JumpCloud supply chain hack" published by Reversinglabs. #JumpCloud, #NPM, #CTI, #OSINT, #LAZARUS https://www.reversinglabs.com/blog/more-malicious-npm-packages-found-in-wake-of-jumpcloud-supply-chain-hack
"North Korea Leverages SaaS Provider in a Targeted Supply Chain Attack" published by Mandiant. #UNC4899, #JumpCloud, #CTI, #OSINT, #LAZARUS https://www.mandiant.com/resources/blog/north-korea-supply-chain
Experts believe #NorthKorea behind #JumpCloud supply chain attack
https://securityaffairs.com/148680/apt/north-korea-jumpcloud-attack.html
#securityaffairs #hacking #malware
Few things beat a simple email when North Korean hackers are trying to break into your systems. Here's how they succeeded with #JumpCloud and tried the same with developers on #GitHub:
IOCs of JumpCloud are linked to a wide variety of activity of North Korea state sponsored hackers
#northKorea #attack #IOC #jumpcloud
https://www.sentinelone.com/labs/jumpcloud-intrusion-attacker-infrastructure-links-compromise-to-north-korean-apt-activity/
A #DPRK government-backed hacking group (known as Labyrinth Chollima) penetrated #JumpCloud and used it as a springboard to target #cryptocurrency companies in an effort to steal digital cash, reports Reuters.
North Korean hackers targeted JumpCloud to breach its cryptocurrency clients. This incident reveals broader concerns about cybersecurity and cryptocurrency in the digital world.
"JumpCloud Intrusion | Attacker Infrastructure Links Compromise to North Korean APT Activity" published by SentinelOne. #JumpCloud, #CTI, #OSINT, #LAZARUS https://www.sentinelone.com/labs/jumpcloud-intrusion-attacker-infrastructure-links-compromise-to-north-korean-apt-activity/
#Cybersecurity #Cloud #JumpCloud: "JumpCloud, a cloud-based IT management service that lists Cars.com, GoFundMe, and Foursquare among its 5,000 paying customers, experienced a security breach carried out by hackers working for a nation-state, the company said last week.
The attack began on June 22 as a spear-phishing campaign, the company revealed last Wednesday. As part of that incident, JumpCloud said, the “sophisticated nation-state sponsored threat actor” gained access to an unspecified part of the JumpCloud internal network. Although investigators at the time found no evidence any customers were affected, the company said it rotated account credentials, rebuilt its systems, and took other defensive measures."
JumpCloud: A 'state-sponsored threat actor' compromised our systems
Firm says the threat actor was 'sophisticated' and 'persistent'
https://www.computing.co.uk/news/4120325/jumpcloud-sponsored-threat-actor-compromised-systems
JumpCloud says nation-state hackers breached its systems
JumpCloud, a directory platform that allows enterprises to authenticate, authorize and manage users and devices, told customers it had reset their API keys “out of an abundance of caution”
JumpCloud said it determined a nation-state actor gained unauthorized access to its systems and targeted a “small and specific” set of customers.
#JumpCloud #security #cybersecurity #infosec #APIkeys #hacked #hackers #hacking
https://techcrunch.com/2023/07/17/jumpcloud-nation-state-breach/
#JumpCloud , an IT firm serving 200,000 orgs, says it was #hacked by nation-state
JumpCloud, a cloud-based IT management service that lists Cars.com, GoFundMe, and Foursquare among its 5,000 paying customers, experienced a #security #breach carried out by #hackers working for a nation-state, the company said last week.
#nationstate #privacy
#IT management service provider, #JumpCloud has confirmed that they were targeted by #nationstate #hackers. They revealed that they were victims of a #spearphishing attack & the attackers were able to access to an "unspecified part of the JumpCloud internal network".
The company also notes that the attack was extremely targeted & limited to specific customers.
#infosec #cybersecurity
https://arstechnica.com/security/2023/07/jumpcloud-says-nation-state-hacker-breach-targeted-some-of-its-customers/
#JumpCloud resets admin API keys amid ‘ongoing incident’
Anyone have the gossip on what happened to #jumpcloud they just sent out a cryptic email requiring everyone to rotate their API keys?
