Connect with us

Hi, what are you looking for?


Network Security

FireEye Launches Threat Protection for Mac OS X, iOS

Threat protection firm FireEye has announced a new targeted attack protection offering for Apple’s Mac OS X and iOS platforms.

Threat protection firm FireEye has announced a new targeted attack protection offering for Apple’s Mac OS X and iOS platforms.

Built on the Apple platform, FireEye says the new security solutions support Apple’s Mac OS X operating system for network protection, iOS for mobile protection, and enable analytics with forensic analysis for Apple products.

Mac support has now been incorporated into the FireEye Network Security Threat Prevention Platform (NX series), FireEye Forensic Analytics (AX series), FireEye Mobile Threat Prevention (MTP) and FireEye Investigation Analysis System (IAS).

The new solutions for Apple products, which are becoming more common in enterprise environments, rounds out FireEye’s product line, which now offers advanced threat protection for Microsoft, Apple and Google Android platforms.

FireEye Offers Protection for Mac OS XAccording to Forrester Research, almost 50 percent of enterprises support Apple products, 21 percent of information workers use one or more Apple products for work, and executives and senior-level represent 41 percent of enterprise Apple users.

Not surprisingly, attackers follow these trends, and while the number of threats targeting Mac OS X and iOS is still insignificant when compared to Windows and Android threats, FireEye Labs said that it has witnessed “malware callbacks” from Macs increase 90 percent month over month from June 2013 to June 2014.

“As enterprises evolve and the Apple footprint grows within them, advanced threat actors are turning their attacks to Apple products to carry out their work,” said Manish Gupta, senior vice president of products at FireEye.

In early September, FireEye reported that a Windows backdoor (XSLCmd) used in numerous attacks by a certain threat actor group had been ported to Mac OS X (OSX.XSLCmd ) and fitted with new features. 

Advertisement. Scroll to continue reading.

Just this week, Apple updated its XProtect security feature to block malware dubbed “iWorm” that had infected more than 18,500 OS X machines as of Sept. 29.

“By supporting Apple, FireEye can now protect nearly all personal computers in the enterprise environment from advanced attacks,” said Jon Oltsik, senior principal analyst at Enterprise Strategy Group. “More importantly, since many executives, researchers and other VIPs who work with intellectual property are frequently Apple users, this new FireEye capability can help focus protection where it’s needed most — high-priority systems where sensitive data and expansive access privileges reside.”

The FireEye Multi-vector Virtual Execution (MVX) engine with support for Mac OS X is offered on the FireEye NX 7500 network security platform, the company said.

The FireEye MVX engine with Mac support performs multi-flow analysis of traffic flows, files, and Web objects to understand the full context of a cyber attack, FireEye explained.

Now with Apple support, the NX Series is designed to provide customers with additional benefits including:

• Zero-day and APT attack detection for Apple Mac OS X users to identify known and unknown threats and stops outbound malware communications

• Coverage from cyber attacks for Mac and Windows users on enterprise corporate networks, including reduced false-positives and unified management capabilities

• Integrated malware analysis and network monitoring for malicious images, PDFs, Flash or ZIP/RAR/TNEF archives to stop highly targeted attacks

For iOS protection, FireEye said it would offer a Mobile Threat Prevention App in Apple’s App Store, which will work with Mobile Threat Prevention Management to offer benefits including:

• Cloud-based analysis providing details on behavior, callbacks and live analysis for iOS apps

• Display of threat scores of iOS apps, detailing malicious or unwanted behavior within each app, and examining factors associated with endpoint device compromise.

The FireEye MTP app alerts mobile users to threats before an app is executed on their device.

The FireEye AX 5500 forensic analysis security platform will provide customers with enhanced global threat intelligence from the FireEye Dynamic Threat Intelligence (DTI) cloud with data drawn from attacks targeting Mac OS systems and the ability to correlate attacks across Microsoft Windows, Mac OS X, and Google Android platforms.

FireEye Advanced Threat Protection NX and AX with OS X support are available immediately, while the FireEye Mobile Threat Prevention App for iOS will be generally available by the end of 2014, FireEye Said.

Last month FireEye announced new offerings designed to provide customers with on-demand access to its cyber defense technology, intelligence, and analysts expertise on a subscription basis.

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Network Security

Our networks have become atomized which, for starters, means they’re highly dispersed. Not just in terms of the infrastructure – legacy, on-premises, hybrid, multi-cloud,...