Apple’s Business Essentials subscriptions support small businesses that only use Apple
Add extra security to your backup
15 November 2021
This week Apple unveiled another beta program, but instead of offering early previews of software for your Mac, iPhone, or iPad, it’s a new initiative called Business Essentials. In line with Apple’s recent shift toward selling services, it’s a subscription package aimed at small businesses with three different plans and a move that has been anticipated since it acquired the device management platform Fleetsmith a little over a year ago.
Starting at $2.99 per device per month, they can cover employees across a single device, more than one device, or a more expensive plan that covers multiple devices and adds more cloud storage. An AppleCare+ package will be available when it launches full in spring 2022, adding 24/7 phone support, access to training, and on-site repairs from Apple-trained technicians.
Like many other device manage platforms, it streamlines the onboarding process, preinstalled apps, as well as management of security settings like FileVault for disk encryption and Activation Lock to secure devices if they’re lost or stolen. There’s also a new Business Essentials app for iOS, iPadOS, and macOS that puts all of the various settings in one place.
I spoke to Vox Media senior VP of IT, Oumar Sall, who points out that it could be beneficial for startups during periods of high growth. Particularly while dealing with more remote workers, it can help get new employees up and running as quickly as possible even if a business doesn’t have the other parts of its network fully formed yet. It could also be helpful for schools if Apple’s existing School Manager system isn’t a good fit.
It also has the advantage of being available from Apple itself. However, it’s unlikely to challenge mainstays in the industry since, at least so far, it is limited by the number of employees supported, and it isn’t available across different platforms. There’s also the question of how exporting data works if a company wants to leave iCloud, endpoint security management, and the other issues that can crop up later.
Jamf is one of those companies, as it provides device management to a number of organizations, including Vox Media. On an earnings call Friday after Apple’s announcement, CEO Dean Hager said that he expects the service will help improve Apple’s built-in management tools that Jamf also relies on, without competing directly with many features Jamf provides. If Business Essentials helps kickstart adoption among small businesses or startups, it gives them a basis to buy even more Apple devices and services as they grow, even if they eventually move to more on-premises support or another provider altogether.
The FBI’s email system was hacked to send out fake cybersecurity warnings
A flaw in the FBI’s website allowed hackers to use the FBI’s legitimate email address
15 November 2021
Hackers targeted the Federal Bureau of Investigation’s (FBI) email servers, sending out thousands of phony messages that say its recipients have become the victims of a “sophisticated chain attack,” first reported by Bleeping Computer. The emails were initially uncovered by The Spamhaus Project, a nonprofit organization that investigates email spammers.
The emails claim that Vinny Troia was behind the fake attacks and also falsely state that Troia is associated with the infamous hacking group, The Dark Overlord — the same bad actors who leaked the fifth season of Orange Is the New Black. In reality, Troia is a prominent cybersecurity researcher who runs two dark web security companies, NightLion and Shadowbyte.
As noted by Bleeping Computer, the hackers managed to send out emails to over 100,000 addresses, all of which were scraped from the American Registry for Internet Numbers (ARIN) database. A report by Bloomberg says that hackers used the FBI’s public-facing email system, making the emails seem all the more legitimate. Cybersecurity researcher Kevin Beaumont also attests to the email’s legitimate appearance, stating that the headers are authenticated as coming from FBI servers using the Domain Keys Identified Mail (DKIM) process that’s part of the system Gmail uses to stick brand logos on verified corporate emails.
The FBI responded to the incident in a press release, noting that it’s an “ongoing situation” and that “the impacted hardware was taken offline.” Aside from that, the FBI says it doesn’t have any more information it can share at this time.
According to Bleeping Computer, the spam campaign was likely carried out as an attempt to defame Troia. In a tweet, Troia speculates that an individual who goes by the name “Pompompurin” may have launched the attack. As Bleeping Computer notes, that same person has allegedly tried damaging Troia’s reputation in similar ways in the past.
A report by computer security reporter Brian Krebs also connects Pompompurin to the incident — the individual allegedly messaged him from an FBI email address when the attacks were launched, stating, “Hi its pompompurin. Check headers of this email it’s actually coming from FBI server.” KrebsOnSecurity even got a chance to speak with Pompompurin, who claims that the hack was meant to highlight the security vulnerabilities within the FBI’s email systems.
“I could’ve 1000 percent used this to send more legit looking emails, trick companies into handing over data etc.,” Pompompurin said in a statement to KrebsOnSecurity. The individual also told the outlet that they exploited a security gap on the FBI’s Law Enforcement Enterprise (LEEP) portal and managed to sign up for an account using a one-time password embedded in the page’s HTML. From there, Pompompurin claims they were able to manipulate the sender’s address and email body, executing the massive spam campaign.
With that kind of access, the attack could’ve been much worse than a false alert that put system administrators on high alert. Earlier this month, President Joe Biden mandated a bug fix that calls for civilian federal agencies to patch any known threats. In May, Biden signed an executive order that aims to improve the nation’s cyber defenses in the wake of detrimental attacks on the Colonial Pipeline and SolarWinds.