I can't find any documentation that says Apple recommends Malwarebytes. Would be nice to see that.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
What antivirus app the Apple engineers and executives are using the most?
- Thread starter Joe's kitchen
- Start date
- Sort by reaction score
3rd party anti-virus systems are at best bloatware and at worst spyware. Keep your os up to date and you should be ahead of the curve.
There isn’t any evidence for that, just hearsay.
Malwarebytes in action https://forums.macrumors.com/threads/malwarebytes.2305923/post-31338621
Agree. All the hearsay I have seen (heard?) says that an Apple Support person has suggested running it when the caller has suspected Mac malware. Not quite the same was a recommendation/endorsement for general use.
Thanks for the reminder about Sophos - they always used to have a good reputation. Now giving it a try on my Mac.
Barracuda's appliances have had exploited vulnerabilities. Examples below:
Barracuda Zero-Day Attacks Target U.S. Government - Spiceworks
Chinese hackers targeted the U.S. government and associated organizations, exploiting a Barracuda ESG zero-day vulnerability. Learn more.
Barracuda fixes new ESG zero-day exploited by Chinese hackers
Network and email security firm Barracuda says it remotely patched all active Email Security Gateway (ESG) appliances on December 21 against a zero-day bug exploited by UNC4841 Chinese hackers.
"Raytheon's cyberchief describes 'Come to Jesus' moment
A rash of attacks following missile sales to Taiwan prompted a major cybersecurity review"
https://www.computerworld.com/artic...erchief-describes--come-to-jesus--moment.html
Unfortunately as virus/malware etc continue to advance, a single AV solution isn't going to be able to 100% protect you.
I've taken the following approach which does help me. It may be useful (or not):
- Use a decent AV. I use Bitdefender; it seems to stack up well against competitors, or at least it did when I compared it in July. This gives a basic level of antivirus security.
- Use an inbound network level firewall (pf or ufw in MacOS work fine, or the MacOS gui firewall whatever that uses under the skin). This helps in protecting the system from network attacks.
- Use an outbound application level firewall (such as Little Snitch or Lulu) and block all applications from outbound connections unless manually added to allow rules. This helps stop any unknown application from contacting external entities such as botnets or malware hosts and updating/sharing information.
- Dont disable SIP or Gatekeeper or the other inbuilt protection systems that Apple provide unless you really have to. I see countless threads on disabling x to get an application to run, that is simply asking for trouble unless you have a specific need to do so.
- Check all downloaded software for vendor MD5 hashes/security hashes. It helps ensure that what youve downloaded really is what you meant to download.
- Scan downloads with Virustotal.com. It's not foolproof but scanning things with multiple AV engines is better than relying on one.
- Use an adblocker such as Adguard, Wipr, Ublock Origin etc and enable the security/privacy blocklists. There are a lot of websites now which can execute malicious code on the local machine. This helps block those.
- Consider using a third party software authorisation system such as Googles opensource Santa, it adds extra protection against offensive software.
- Consider using a behaviour analytics based AV solution such as Elastic Endpoint Security. They can be expensive but in a corporate environment, the cost could be justified.
- Take a backup of critical data regularly to an offline store such as USB drive, Cloud etc. In the worst case where all of the above fail; you'll want to make sure that even if the local system is trashed, you dont loose information you need.
So in short, its a pain in the **** but offensive malicious tooling is so rife now, it's probably necessary...
I've taken the following approach which does help me. It may be useful (or not):
- Use a decent AV. I use Bitdefender; it seems to stack up well against competitors, or at least it did when I compared it in July. This gives a basic level of antivirus security.
- Use an inbound network level firewall (pf or ufw in MacOS work fine, or the MacOS gui firewall whatever that uses under the skin). This helps in protecting the system from network attacks.
- Use an outbound application level firewall (such as Little Snitch or Lulu) and block all applications from outbound connections unless manually added to allow rules. This helps stop any unknown application from contacting external entities such as botnets or malware hosts and updating/sharing information.
- Dont disable SIP or Gatekeeper or the other inbuilt protection systems that Apple provide unless you really have to. I see countless threads on disabling x to get an application to run, that is simply asking for trouble unless you have a specific need to do so.
- Check all downloaded software for vendor MD5 hashes/security hashes. It helps ensure that what youve downloaded really is what you meant to download.
- Scan downloads with Virustotal.com. It's not foolproof but scanning things with multiple AV engines is better than relying on one.
- Use an adblocker such as Adguard, Wipr, Ublock Origin etc and enable the security/privacy blocklists. There are a lot of websites now which can execute malicious code on the local machine. This helps block those.
- Consider using a third party software authorisation system such as Googles opensource Santa, it adds extra protection against offensive software.
- Consider using a behaviour analytics based AV solution such as Elastic Endpoint Security. They can be expensive but in a corporate environment, the cost could be justified.
- Take a backup of critical data regularly to an offline store such as USB drive, Cloud etc. In the worst case where all of the above fail; you'll want to make sure that even if the local system is trashed, you dont loose information you need.
So in short, its a pain in the **** but offensive malicious tooling is so rife now, it's probably necessary...