www.malwarebytes.com Open in urlscan Pro
2600:9000:206e:a000:16:26c7:ff80:93a1  Public Scan

Form analysis
2 forms found in the DOM

GET

<form id="search-form" onsubmit="submitSearchBlog(event)" method="get" __bizdiag="0" __biza="WJ__">
  <div class="searchbar-wrap-rightrail">
    <label for="cta-labs-rightrail-search-submit-en" aria-label="cta-labs-rightrail-search-submit-en" aria-labelledby="cta-labs-rightrail-search-submit-en">
      <input type="text" id="st-search-input-rightrail" class="st-search-input-rightrail" placeholder="Search Labs">
    </label>
    <button type="submit" id="cta-labs-rightrail-search-submit-en" aria-label="Submit your search query"><span class=""><img src="/blog/images/search.svg" alt="Magnifying glass"></span>
    </button>
  </div>
</form>

/newsletter/

<form class="newsletter-form form-inline" action="/newsletter/" __bizdiag="-1501917513" __biza="WJ__">
  <div class="email-input">
    <label for="cta-footer-newsletter-input-email-en" aria-label="cta-footer-newsletter-input-email-en" aria-labelledby="cta-footer-newsletter-input-email-en">
      <input type="text" class="email-input-field" id="cta-footer-newsletter-input-email-en" name="email" placeholder="Email Address">
    </label>
    <input name="source" type="hidden" value="">
    <input type="submit" class="submit-bttn" id="cta-footer-newsletter-subscribe-email-en" value="">
  </div>
</form>

Text Content

The official Malwarebytes logoThe official Malwarebytes logo in a blue fontB

We research. You level up.

       
Personal
Personal
 * Security & Antivirus
 * Malwarebytes for Windows
 * Malwarebytes for Mac
 * Malwarebytes for Chromebook
 * Malwarebytes for Android
 * Malwarebytes for iOS
 * Malwarebytes AdwCleaner

 * Online Privacy
 * Malwarebytes Privacy VPN
 * Malwarebytes Browser Guard
 *  
 * All-in-one Protection

 * Malwarebytes Premium + Privacy VPN   New

 * Get Started

 * The ultimate guide to privacy protection  New
   
   VISIT PRIVACY HUB  VISIT PRIVACY HUB

 *  

 * Stop infections before they happen

 * GET A FREE TRIAL  GET A FREE TRIAL

 *  

 * Find the right solution for you

 * SEE PERSONAL PRICING  SEE PERSONAL PRICING

Business
Business
 * Solutions
 * BY COMPANY SIZE
 * Small Businesses
 * single figure icon  1-99 Employees  Buy Online
 * Mid-size Businesses
 * two figure icon  100-999 Employees
 * Large Enterprise
 * three figure icon  1000+ Employees
 * BY INDUSTRY
 * Education
 * Finance
 * Healthcare
 * Government

 * Products
 * CLOUD-BASED SECURITY MANAGEMENT AND SERVICES
 * Endpoint Protection
 * Endpoint Protection for Servers
 * Endpoint Detection & Response
 * Endpoint Detection & Response for Servers
 * Incident Response
 * Malware Removal Service
 * Nebula Platform Architecture
 * Cloud Storage Scanning Service  New
 * CLOUD-BASED SECURITY MODULES
 * DNS Filtering
 * Vulnerability & Patch Management
 * Remediation for CrowdStrike®
 * NEXT-GEN ANTIVIRUS FOR SMALL BUSINESS
 * For Teams

 * Get Started
 *  * Find the right solution for your business
    * See business pricing See business pricing
   
   --------------------------------------------------------------------------------
   
    * Don't know where to start?
    * Help me choose a product See business products selector
   
   --------------------------------------------------------------------------------
   
    * See what Malwarebytes can do for you
    * Get a free trial Get a free trial
   
   --------------------------------------------------------------------------------
   
    * Our sales team is ready to help. Call us now
    * Phone icon +49 (800) 723-4800

Pricing
Partners
Partners
 * Partner Icon Explore Partnerships

 * Partner Solutions
 * Resellers
 * Managed Service Providers
 * Computer Repair
 * Technology Partners
 * Buy now Buy Now

 * Partner Success Story
 * Marek Drummond
   Managing Director at Optimus Systems
   
   "Thanks to the Malwarebytes MSP program, we have this high-quality product in
   our stack. It’s a great addition, and I have confidence that customers’
   systems are protected."

 * See full story See full story

Resources
Resources
 * Learn About Cybersecurity
 * Antivirus
 * Malware
 * Ransomware
 * Malwarebytes Labs – Blog
 * Glossary
 * Threat Center

 * Business Resources
 * Reviews
 * Analyst Reports
 * Case Studies
 * Press & News

 * Events
 * 
   
   
   
   Featured Event: RSA 2021

 * See Event See event

Support
Support
 * Technical Support
 * Personal Support
 * Business Support
 * Premium Services
 * Forums
 * Vulnerability Disclosure

 * Watch Icon Training for Personal Products
 * Watch Icon Training for Business Products

 * Featured Content
 * Privacy Logo
   
   
   
   Activate Malwarebytes Privacy on Windows device.

 * See Content See content

FREE DOWNLOAD
CONTACT US
COMPANY
COMPANY
 * About Malwarebytes
 * Careers
 * News & Press

SIGN IN
SIGN IN
 * My Account
 * Cloud Console
 * Partner Portal

SUBSCRIBE


Business


ENDPOINT SECURITY FOR MAC: 3 BEST PRACTICES

Posted: July 14, 2022 by Bill Cozens

In this post, we break down three endpoint security for Mac best practices to
help you prevent phishing attacks, DDoS attacks, and much more.

If you’re one of the 50% of small and medium-sized businesses (SMBs) that use
Mac devices today, chances are your IT and security teams have a ton of Mac
endpoints to monitor. 

Securing that many endpoints can get really complex, really fast, especially
when you consider that the common wisdom that Macs don’t get malware simply
isn’t true: in fact, the number of malware detections on Mac jumped 200%
year-on-year in 2021. 

And it’s not just malware you have to worry about with your Mac endpoints. 

Phishing attacks, vulnerability exploits, DDoS attacks, and much more threaten
your company's Macs at any time — and if any of them are successful, it could
cost your business millions in lost productivity and information theft. 

Needless to say, these are a lot of different threats to deal with when it comes
to Mac endpoint security. But Thomas Reed, Director of Mac & Mobile at
Malwarebytes, is here to remind us of a few simple things we can do to make our
Mac endpoints more secure. 

In this post, we break down three of Reed’s best practices for endpoint security
for Mac. 


1. UPDATE FREQUENTLY

As in the Windows world, one of your top priorities needs to be keeping your
Macs up to date — and by now we should all understand why. Just consider the
fact that 60% of companies say breaches could have been avoided if they had
patched known vulnerabilities. 

Tracking and patching vulnerabilities on macOS, however, is a little more
difficult to do than on Windows. 

While Microsoft regularly advertises its security updates with its Patch
Tuesdays,  Apple slips in patches on an ad-hoc basis — meaning MacOS admins need
to put in a little more legwork to keep their devices up-to-date.

To ensure that you know about the latest updates for your Mac endpoints, there
are two things you should do.

 1. Sign up for Apple’s public security notifications and announcements mailing
    list. You’ll get an email anytime Apple releases a patch for macOS.
 2. Regularly check Apple’s list of security updates and patches. It provides
    patch names, patch information, affected devices, and release dates.

Additionally, if you’re like most businesses and find that having no common view
of assets is causing you major delays in patching, you should consider a
vulnerability management solution that gives you instant visibility into
potential vulnerabilities across your macOS environment.


2. USE A DNS FILTER TO STOP WEB-BASED ATTACKS

Since Macs have a much smaller amount of “traditional” malware attacking them
compared to Windows, you might think your endpoints are in the clear of
cyberattacks. 

Not so. 

Instead of file-based malware, a lot of Mac users get attacked with adware and
PUPs that are typically delivered through a number of web-based scams. These
threats can throw advertisements up on your screen and slow your computer down,
among other things.

OK, that sounds annoying. But surely a few advertisements aren’t too big a
threat to your Mac endpoint security, right? Not quite, says Thomas Reed.

“Some of the adware out there is more sophisticated than most of the malware
that we see for Mac,” Reed says. “It can do all kinds of stuff, like sending all
your network traffic through a proxy or changing system settings to be less
secure.”

Reed also mentions that a lot of adware and PUPs are part of the payload of scam
sites that direct you to some kind of installer that you download — and so
having some sort of web-based protection is vital. That’s where DNS filtering
comes in.

“The source of all of these kinds of attacks is through the web, and DNS
filtering can help with that by blocking some of those sites,” Reed says.

DNS filtering blocks connections to malicious web servers attempting to deliver
malware payloads, so any business interested in Mac endpoint security should
have it. Learn more about the ways DNS filtering can save your business from
cyberattacks.


3. DON’T RELY ON MAC AV - USE EDR 

Since 2009, Apple has included a built-in antivirus (AV) technology called
XProtect on all Macs — and while it’s fairly good, there are a lot of threats
that it doesn’t detect (that a third-party would).

“You can't rely on the built-in antivirus that's in Mac OS to do the job,” Reed
says. “You really need to have something else on top of that.”

Even so, let’s be overly generous and say XProtect and your third-party AV
detects and removes every Mac malware threat. Throw in the fact that traditional
AVs can’t prevent sophisticated threats such as file-based malware, and you just
may be left wondering what you can do to best protect your Macs from damaging
endpoint attacks.

Endpoint detection and response (EDR) is the answer. 

EDR gives you a real-time “birds-eye view” of all of your Mac endpoints, so
whenever something happens outside the norm, you isolate an endpoint, quarantine
the threat, or remediate. This stands in stark contrast to more reactive
signature-based solutions (like AVs) that allow malware to execute before
working.

A key feature of EDR is its threat hunting capabilities. Read our Threat Hunting
Made Easy eBook to learn how to save hours every month on threat investigation
and response.


PREVENT YOUR MAC ENDPOINTS FROM ONLINE THREATS 

With everything from security vulnerabilities to malware threatening your
company's Macs at all times, Mac endpoint security is high-up on the list of
priorities for macOS admins. In this post, we explained how macOS admins can
stay on top of their patching game and why having a DNS filter and EDR are so
essential for protecting Mac endpoints from a variety of threats.

Want to learn more about what simple and effective Mac endpoint protection looks
like in action? Watch the demonstration of Malwarebytes Endpoint Detection and
Response (EDR)!

SHARE THIS ARTICLE

--------------------------------------------------------------------------------

COMMENTS



--------------------------------------------------------------------------------

RELATED ARTICLES

Business


HOW IT TEAMS CAN PREVENT PHISHING ATTACKS WITH MALWAREBYTES DNS FILTERING

August 18, 2022 - According to Verizon, 82 percent of data breaches in 2021
involved the human element—with phishing attacks making up over 60 percent of
these. But Malwarebytes DNS filtering can help you prevent a large swath of
phishing attacks.

CONTINUE READING 0 Comments

News | Ransomware


RANSOMWATER CONFUSION, DOES THE CRIMINAL KNOW WHO THE VICTIM IS?

August 17, 2022 - The Clop ransomware gang made a mistake in identifying who
exactly their victim was, but they got it right in the end

CONTINUE READING 0 Comments

News | Ransomware


CISA AND FBI ISSUE ALERT ABOUT ZEPPELIN RANSOMWARE

August 16, 2022 - The FBI and CISA have issued a joint Cybersecurity Advisory
(CSA) to raise awareness about Zeppelin ransomware

CONTINUE READING 0 Comments


VIRAL VIDEO DRIVES MALVERTISING ON SOCIAL MEDIA PLATFORM

August 12, 2022 - Tech support scammers are leveraging social media giant
Facebook to lure users into clicking on a viral article.

CONTINUE READING 0 Comments

Business


CAN YOUR EDR HANDLE A RANSOMWARE ATTACK? 6-POINT CHECKLIST FOR AN
ANTI-RANSOMWARE EDR

August 9, 2022 - In this post, a cybersecurity expert gives his 6-point
checklist of features your EDR should have to stop ransomware.

CONTINUE READING 0 Comments

--------------------------------------------------------------------------------

ABOUT THE AUTHOR

Bill Cozens
Content Writer

Bill Cozens is content writer for the Malwarebytes business blog, where he
writes about industry challenges and how best to address them.


Contributors


Threat Center


Podcast


Glossary


Scams


Write for Labs

Cyberprotection for every one.

twitter
facebook
linkedin
Youtube
instagram

Cybersecurity info you can't do without

Want to stay informed on the latest news in cybersecurity? Sign up for our
newsletter and learn how to protect your computer from threats.



Cyberprotection for every one.

FOR PERSONAL

Windows

Mac

iOS

Android

Privacy VPN

SEE ALL

COMPANY

About Us

Contact Us

Careers

News and Press

Blog

Scholarship

Forums

FOR BUSINESS

Small Businesses

Mid-size Businesses

Large Enterprise

Endpoint Protection

Endpoint Detection & Response

MY ACCOUNT

Sign In

SOLUTIONS

Free Rootkit Scanner

Free Trojan Scanner

Free Virus Scanner

Free Spyware Scanner

Anti Ransomware Protection

SEE ALL

ADDRESS

3979 Freedom Circle
12th Floor
Santa Clara, CA 95054

ADDRESS

One Albert Quay
2nd Floor
Cork T12 X8N6
Ireland

LEARN

Malware

Hacking

Phishing

Ransomware

Computer Virus

Antivirus

COMPANY

About Us

Contact Us

Careers

News and Press

Blog

Scholarship

Forums

MY ACCOUNT

Sign In

ADDRESS

3979 Freedom Circle, 12th Floor
Santa Clara, CA 95054

ADDRESS

One Albert Quay, 2nd Floor
Cork T12 X8N6
Ireland

twitter
facebook
linkedin
Youtube
instagram
   English
Legal
Privacy
Accessibility
Vulnerability Disclosure
Terms of Service


© 2022 All Rights Reserved

Select your language1

 * English
 * Deutsch
 * Español
 * Français
 * Italiano
 * Português (Portugal)
 * Português (Brasil)
 * Nederlands
 * Polski
 * Pусский
 * 日本語
 * Svenska