Trending
Hantavirus cases grow as ship’s captain calls experience ‘very painful’ – National
IPL 2026: Anshul Kamboj and Noor Ahmad Lead Disciplined CSK Bowling Effort Against LSG
Rio Ferdinand makes daring Arsenal vs PSG prediction for Champions League final | Football
‘You are Silly’ – WWE’s Post-WrestleMania 42 Mass Talent Cuts Defended
Ananya Panday & Lakshya Fight For Respect In Their Ishq But Legendary Love Stories Ki Ending Tragic Hoti Hai!
Waiting For Drishyam 3? Here’s Where To Watch The First Two Movies From The Franchise
Tony Makes Gabi An Unexpected Offer, Kristen Sees Sophia While Chad Defends Leo
Khamzat Chimaev looks unrecognisable in first photo post since UFC 328 title loss
Geopolitical tension now seen as top economic risk in Bank of Canada survey – National
Apple needs to repair admin authentication in ABM – Computerworld
Tue. May 12th, 2026

eBizToday

Your Weekly Window to World’s Pulse

Technology

Apple needs to repair admin authentication in ABM – Computerworld

By ebiztoday.news #ABM #Admin #apple #Authentication #Computerworld #Fix

What are the implications?

What this implies in practice is that when admins engage with the authentication process, they should achieve this using non-federated Apple Account sign-in with Apple’s two‑factor authentication (typically via a trusted device or trusted phone number using SMS/voice). That’s weird; it means the important thing accounts that manage protection for sometimes hundreds of devices are still only protected by a six-digit SMS code sent to a specified phone number. We all know that SMS authentication is dangerous, with three well-known attack paths:

  • SIM swapping, where an assailant contacts your cellular company posing as you and convinces them to transfer your phone number to a SIM of their control. Once that takes place, all of your SMS codes go to them.
  • Phishing, reminiscent of a fake login page that acts normally but intercepts your SMS code when you enter it, capturing and immediately using it to attack your actual account.
  • Interception, by which sophisticated, often nation-state-adjacent attackers exploit the known vulnerabilities of SMS to intercept messages in transit.

While it’s true most small and mid-size businesses probably don’t must worry about that third attack possibility, and the second will be mitigated against by being careful never to make use of a link provided in an email to access key accounts, the primary exploit sits throughout the reach of determined attackers.

A hole within the bucket

The implications of a successful attack will be serious. Equipped with a compromised ABM account, an attacker could reassign enrolled devices to an MDM server they control, wipe devices, or push malicious apps/profiles or configurations at your devices. Those outcomes are, let’s consider, sub-optimal.

I’m certain Apple has considered this. It has, in spite of everything, introduced a variety of security protections for all its devices, including managed devices. But on this case, it’s left things slightly exposed. That weakness is made more critical because Apple’s system permits only a small variety of administrators for every ABM setup, no matter company size. 

Related Post

Technology

“Can’t be explained” – Recent ultra stainless-steel stuns researchers

ebiztoday.news May 11, 2026
Technology

Making the case for curiosity-driven science | MIT News

ebiztoday.news May 11, 2026
Technology

Chaos erupts as cyberattack disrupts learning platform Canvas amid finals

ebiztoday.news May 10, 2026

Leave a Reply

You Missed

World

Hantavirus cases grow as ship’s captain calls experience ‘very painful’ – National

Cricket

IPL 2026: Anshul Kamboj and Noor Ahmad Lead Disciplined CSK Bowling Effort Against LSG

Football

Rio Ferdinand makes daring Arsenal vs PSG prediction for Champions League final | Football

Sports

‘You are Silly’ – WWE’s Post-WrestleMania 42 Mass Talent Cuts Defended