Several Apple device users have experienced recent incidents where they have received incessant password reset prompts and vishing calls from a number spoofing Apple's legitimate customer support line. [TechWeb]( Follow Dark Reading:
[RSS](
March 29, 2024 LATEST SECURITY NEWS & COMMENTARY [Suspected MFA Bombing Attacks Target Apple iPhone Users](
Several Apple device users have experienced recent incidents where they have received incessant password reset prompts and vishing calls from a number spoofing Apple's legitimate customer support line.
[Pervasive LLM Hallucinations Expand Code Developer Attack Surface](
The tendency of popular AI-based tools to recommend nonexistent code libraries offers a bigger opportunity than thought to distribute malicious packages.
[Corporations With Cyber Governance Create Almost 4X More Value](
Those with special committees that include a cyber expert rather than relying on the full board are more likely to improve security and financial performance.
[Cisco IOS Bugs Allow Unauthenticated, Remote DoS Attacks](
Several Cisco products, including IOS, IOS XE, and AP software, need patching against various high-risk security vulnerabilities.
[US Puts Up $10M Bounty on BlackCat Ransomware Gang Members](
Feds are offering cash for information to help them crack down on the ransomware-as-a-service group's cyberattacks against US critical infrastructure.
[Saudi Arabia, UAE Top List of APT-Targeted Nations in the Middle East](
Government, manufacturing, and the energy industry are the top targets of advanced, persistent threat actors, with phishing attacks and remote exploits the most common vectors.
[3 Strategies to Future-Proof Data Privacy](
To meet changing privacy regulations, regularly review data storage strategies, secure access to external networks, and deploy data plane security techniques.
[(Sponsored Article) What SolarWinds Means for DevSecOps](
The SEC's SolarWinds indictment plus its new four-day rule for disclosing cybersecurity incidents have serious implications for DevSecOps teams. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS ['Tycoon' Malware Kit Bypasses Microsoft, Google MFA]( Threat actors are widely adopting the fast-growing, low-cost phishing-as-a-service (PhaaS) platform, which is sold via Telegram.
[Getting Security Remediation on the Boardroom Agenda]( IT teams can better withstand scrutiny by helping their board understand risks and how they are fixed, as well as explaining their long-term vision for risk management.
[Worldwide Agenda Ransomware Wave Targets VMware ESXi Servers]( A new, improved variant on the group's malware combines fileless infection, BYOVD, and more to cause havoc in virtual environments.
[How New-Age Hackers Are Ditching Old Ethics]( Staying up to date and informed on threat-actor group behavior is one way both organizations and individuals can best navigate the continually changing security landscape. [MORE]( PRODUCTS & RELEASES [Flare Acquires Foretrace to Accelerate Threat Exposure Management Growth]( [Checkmarx Announces Partnership With Wiz]( [WiCyS and ISC2 Launch Spring Camp for Cybersecurity Certification]( [New Cyber Threats to Challenge Financial Services Sector in 2024](
[MORE PRODUCTS & RELEASES]( EDITORS' CHOICE [Patchless Apple M-Chip Vulnerability Allows Cryptography Bypass](
The available options for addressing the flaw are limited, leaving many Macs vulnerable to a "GoFetch" attack that steals keys â even quantum-resistant ones. LATEST FROM THE EDGE [It's Time to Stop Measuring Security in Absolutes](
All-or-nothing security policies strain resources by aiming for perfection. We need a better way to assess progress. LATEST FROM DR TECHNOLOGY [Strata Identity Releases New Authentication Recipes](
The Microsoft Identity Cookbook is a collection of orchestration recipes to help organizations adopt cloud-based identity providers. LATEST FROM DR GLOBAL [Indian Government, Oil Companies Breached by 'HackBrowserData'](
The malicious actor used Slack channels as an exfiltration point to upload the stolen data. WEBINARS - [Securing Code in the Age of AI](
- [Guarding the Cloud: Top 5 Cloud Security Hacks and How You Can Avoid Them]( [View More Dark Reading Webinars >>]( WHITE PAPERS - [The State of Incident Response](
- [Cheat Sheet - 5 Strategic Security Checkpoints](
- [A Solution Guide to Operational Technology Cybersecurity](
- [Demystifying Zero Trust in OT](
- [Causes and Consequences of IT and OT Convergence](
- [Endpoint Best Practices to Block Ransomware](
- [2023 Work-from-Anywhere Global Study]( [View More White Papers >>]( FEATURED REPORTS - [Industrial Networks in the Age of Digitalization](
- [Zero-Trust Adoption Driven by Data Protection](
- [How Enterprises Assess Their Cyber-Risk]( [View More Dark Reading Reports >>]( Dark Reading Daily
-- Published By [Dark Reading](
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.](
Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com)
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=122467&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_03.29.24&sp_cid=52780&utm_content=DR_NL_Dark%20Reading%20Daily_03.29.24&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#ac
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2024]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)