The Iru Blog

Arek Dreyer

•

7 min read

"Keep Learning, Keep Leading": Advice for Apple Admins

Your iPhone has more computing power than entire university systems had 50 years ago. In another 50 years, the information processing capabilities available to us will be exponentially greater still. Yet our brains remain fundamentally unchanged, evolved to track seasonal patterns and remember a few dozen faces, not to process the constant stream of security bulletins, product announcements, API changes, and community discussions that define modern Apple administration.

Thought Leadership September 11, 2025

Csaba Fitzl

•

15 min read

Finding Vulnerabilities in Apple Packages at Scale

This article summarizes work we performed in 2024, which we shared in our “Finding Vulnerabilities in Apple Packages at Scale” talk at MacDevOpsYVR and SecurityFest conferences earlier this year. You can watch the full presentation below:

Threat Intelligence September 9, 2025

Weldon Dodd

•

7 min read

How to Fix The Patching Problem Every IT Team Knows Too Well

Let's be honest: patch management in 2025 feels like trying to drink from a fire hose while juggling flaming torches. You're managing thousands of devices, dealing with constant vulnerability announcements, and somehow expected to keep everything secure without driving your users (or yourself) completely insane.

Thought Leadership August 29, 2025

Iru Team

•

7 min read

User-Based vs. Device-Based Security Exclusions: Finding the Right Balance

Security exclusions represent one of the most nuanced decisions admins face when designing effective security policies. These exceptions to your standard security rules require careful consideration - apply them too liberally, and you risk creating security gaps; too restrictively, and you might impede legitimate work. But before you can determine how many exclusions to implement, you need to decide what type of exclusions make the most sense for your environment.

Thought Leadership August 27, 2025

Adam Kohler & Christopher Lopez

•

6 min read

Threat Detected: RustyPages Malware - Part I

On August 13 2025, Iru's security researchers discovered a potentially interesting Rust-compiled file on VirusTotal. Our investigation resulted in the analysis of 6 related Mach-O files. With this initial blog post, we're focusing on the first file of this analysis, the dropper. The dropper file is designed to quietly download and run another malicious file, stay on the system by setting up persistence, and avoid being detected by commonly used macOS security tools. We have included the hashes of the relevant Mach-O files currently on VirusTotal in the IOC section below in an effort to shed light on these samples quickly while we continue our analysis of the loader samples. At the time of writing, the specific Mach-O we cover below has zero detections on VirusTotal and most of the loader Mach-O files are also undetected.

Threat Intelligence August 19, 2025

Iru Team

•

6 min read

No More Pitchforks: How to Build User Trust During Security Rollouts

The scene is familiar to anyone who's worked in IT or security: an urgent vulnerability needs patching, a new control must be deployed immediately, or a policy change can't wait. You execute the technical implementation flawlessly. Then come the Slack messages and emails.

Thought Leadership August 14, 2025

Alex Gartner

•

3 min read

Iru Quarterly Threat Intelligence Report - August 2025

Welcome to the Iru Threat Intelligence Report, our quarterly summary of emerging threats in the macOS ecosystem and how Iru is responding in real time. In each edition, we break down key threat discoveries and the protections we’ve deployed to keep customer devices secure.

Threat Intelligence August 7, 2025

Iru Team

•

4 min read

Apple Intelligence in the Enterprise: an Admin’s Perspective

The Six Colors 2025 Apple in the Enterprise Report Card has sparked plenty of conversation about Apple’s direction, areas of growth, and continued challenges with enterprise products. Jason Snell, founding editor of Six Colors, and Weldon Dodd, Iru Distinguished Solutions Engineer unpacked the report’s findings and what they mean for Apple device administrators on a recent MacAdmins Podcast episode.

Thought Leadership July 28, 2025

Iru Team

•

5 min read

Iru Launches Vulnerability Response: The Missing Link Between Detection and Remediation

If you've ever managed Mac computers in an enterprise, you know the drill: your security team discovers a critical vulnerability in Chrome, creates a ticket, and hands it off to IT to patch. Meanwhile, you're still chasing down users to update their apps while that vulnerability sits unpatched across your fleet. It's a frustrating cycle that leaves both teams feeling like they're always playing catch-up.

Product News July 23, 2025

Iru Team

•

11 min read

Choosing the Best Mac Login Experience: Comparing Kerberos SSO, Platform SSO, and Kandji Passport

The login screen, also known as the login window, is the start of every user’s Mac experience. But the average user doesn't give it much thought - they just enter a password and move on. Yet behind that moment is a critical security checkpoint and a key part of the user experience.

Thought Leadership July 18, 2025

Iru Team

•

7 min read

How IT and Security Teams are Handling AI: Insights from Our Survey

AI tools are entering the workplace faster than most IT teams can respond. What began as experimental use cases is now widespread day-to-day reliance and often without oversight.

Reports July 15, 2025

Iru Team

•

7 min read

When Great Engineers Quit: Why Tools Make or Break Job Satisfaction

The tech industry has a retention problem, but not for the reasons most people expect. Rather than quitting because work is too complex or challenging, talented IT and security engineers tend to leave because their tools prevent them from doing meaningful work.

Thought Leadership June 26, 2025

Iru Team

•

6 min read

What WWDC 2025 and the Next macOS Release Could Mean for Apple Admins

Every year, Apple’s new macOS release offers an opportunity to innovate. It also brings uncertainty for IT teams trying to keep pace with constant change. With the next major release set to preview at WWDC 2025 (June 9 to 13), admins are preparing for a high-stakes upgrade cycle. Early previews hint at broad updates spanning the Apple product suite, from design changes that unify UX across devices to much-anticipated Apple Intelligence features.

Thought Leadership June 4, 2025

Iru Team

•

7 min read

Shadow IT: IT Professionals Adapt, Respond, and Redefine Control

Shadow IT has always been a loaded term, typically implying rule-breaking, risk, or lack of control. But the reality is more nuanced. When we surveyed 115 IT professionals, what we found wasn’t a story of defiance. It was one of friction.

Reports June 2, 2025

Christopher Lopez

•

14 min read

Dissecting the macOS 'AppleProcessHub' Stealer: A Technical Analysis

On May 15, 2025, the security research team MalwareHunterTeam (@malwrhunterteam) identified a suspicious file named libsystd.dylib with low detection—only 2 at the time of posting— which appeared to be an infostealer.

Threat Intelligence May 23, 2025