The available options for addressing the flaw are limited, leaving many Macs vulnerable to a "GoFetch" attack that steals keys — even quantum-resistant ones. [TechWeb]( Follow Dark Reading:
[RSS](
March 28, 2024 LATEST SECURITY NEWS & COMMENTARY [Patchless Apple M-Chip Vulnerability Allows Cryptography Bypass](
The available options for addressing the flaw are limited, leaving many Macs vulnerable to a "GoFetch" attack that steals keys â even quantum-resistant ones.
[Millions of Hotel Rooms Worldwide Vulnerable to Door Lock Exploit](
Hotel locks have been vulnerable to cyber compromise for decades and are extending their run into the digital age.
['Tycoon' Malware Kit Bypasses Microsoft, Google MFA](
Threat actors are widely adopting the fast-growing, low-cost phishing-as-a-service (PhaaS) platform, which is sold via Telegram.
[Zero-Day Bonanza Drives More Exploits Against Enterprises](
Advanced adversaries are increasingly focused on enterprise technologies and their vendors, while end-user platforms are having success stifling zero-day exploits with cybersecurity investments, according to Google.
[DHS Proposes Critical Infrastructure Reporting Rules](
CISA will administer the new reporting requirements for cyber incidents and ransomware payments.
[Getting Security Remediation on the Boardroom Agenda](
IT teams can better withstand scrutiny by helping their board understand risks and how they are fixed, as well as explaining their long-term vision for risk management.
[Saudi Arabia, UAE Top List of APT-Targeted Nations in the Middle East](
Government, manufacturing, and the energy industry are the top targets of advanced, persistent threat actors, with phishing attacks and remote exploits the most common vectors. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Apple Security Bug Opens iPhone, iPad to RCE]( CVE-2024-1580 allows remote attackers to execute arbitrary code on affected devices.
[Australian Government Doubles Down On Cybersecurity in Wake of Major Attacks]( Government proposes more modern and comprehensive cybersecurity regulations for businesses, government, and critical infrastructures providers Down Under.
[How New-Age Hackers Are Ditching Old Ethics]( Staying up to date and informed on threat-actor group behavior is one way both organizations and individuals can best navigate the continually changing security landscape.
[8 Strategies for Enhancing Code Signing Security]( Strong code-signing best practices are an invaluable way to build trust in the development process and enable a more secure software supply chain. [MORE]( PRODUCTS & RELEASES [WiCyS and ISC2 Launch Spring Camp for Cybersecurity Certification]( [New Cyber Threats to Challenge Financial Services Sector in 2024]( [Checkmarx Announces Partnership With Wiz](
[MORE PRODUCTS & RELEASES]( EDITORS' CHOICE [Worldwide Agenda Ransomware Wave Targets VMware ESXi Servers](
A new, improved variant on the group's malware combines fileless infection, BYOVD, and more to cause havoc in virtual environments. LATEST FROM THE EDGE [A CISO's Guide to Materiality and Risk Determination](
For many CISOs, "materiality" remains an ambiguous term. Even so, they need to be able to discuss materiality and risk with their boards. LATEST FROM DR TECHNOLOGY [Using East-West Network Visibility to Detect Threats in Later Stages of MITRE ATT&CK](
Ensuring that traffic visibility covers both client-server and server-server communications helps NetOps teams analyze and spot potential threats early on, avoiding catastrophic effects. LATEST FROM DR GLOBAL [Vietnam Securities Broker Suffers Cyberattack That Suspended Trading](
Attackers "encrypted" VNDirect's data in an attack that kept the broker offline for days. WEBINARS - [Securing Code in the Age of AI](
- [Guarding the Cloud: Top 5 Cloud Security Hacks and How You Can Avoid Them]( [View More Dark Reading Webinars >>]( WHITE PAPERS - [Upgrade your cybersecurity in the era of AI](
- [Cheat Sheet - 5 Strategic Security Checkpoints](
- [Causes and Consequences of IT and OT Convergence](
- [Secure Access for Operational Technology at Scale](
- [Stopping Active Adversaries: Lessons from the Cyber Frontline](
- [Incident Response Planning Guide](
- [FortiSASE Customer Success Stories - The Benefits of Single Vendor SASE]( [View More White Papers >>]( FEATURED REPORTS - [Industrial Networks in the Age of Digitalization](
- [Zero-Trust Adoption Driven by Data Protection](
- [How Enterprises Assess Their Cyber-Risk]( [View More Dark Reading Reports >>]( Dark Reading Daily
-- Published By [Dark Reading](
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.](
Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com)
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=122436&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_03.28.24&sp_cid=52756&utm_content=DR_NL_Dark%20Reading%20Daily_03.28.24&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#87
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2024]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)