Design Weakness Discovered in Apple M1 Kernel Protections

The proof-of-concept attack from MIT CSAIL researchers undermines the pointer authentication feature used to defend the Apple chip's OS kernel. [TechWeb]( Follow Dark Reading: [RSS]( June 13, 2022 LATEST SECURITY NEWS & COMMENTARY [Symbiote Malware Poses Stealthy, Linux-Based Threat to Financial Industry]( A Linux-based banking Trojan is a master at staying under the radar. [New Linux Malware 'Nearly Impossible to Detect']( So-called Symbiote malware, first found targeting financial institutions, contains stealthy rootkit capabilities. [In a Quickly Evolving Landscape, CISOs Shift Their 2022 Priorities]( Cloud migration, DevSecOps, cyber insurance, and more have emerged as important motivators for cybersecurity investment and focus. [(Sponsored Article) Security Leaders Discuss Industry Drivers at Dark Reading's News Desk at RSAC 2022]( Tune into Dark Reading's News Desk interviews with the industry’s leaders, discussing news and hot topics, such as this year’s "Transofrm" theme, at RSA Conference 2022 in San Francisco. [Artificial Intelligence and Security: What You Should Know]( Next-generation AI products learn proactively and identify changes in the networks, users, and databases using "data drift" to adapt to specific threats as they evolve. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Black Basta Ransomware Targets ESXi Servers in Active Campaign]( The new ransomware strain Black Basta is now actively targeting VMware ESXi servers in an ongoing campaign, encrypting files inside a targeted volumes folder. [An Emerging Threat: Attacking 5G Via Network Slices]( A successful attack against 5G networks could disrupt critical infrastructure, manipulate sensor data, or even cause physical harm to humans. [How Poor Communication Opens the Door to Ransomware and Extortion]( Organizations can no longer rely on traditional responses to ransomware. [MORE]( LATEST FROM DR TECHNOLOGY [Design Weakness Discovered in Apple M1 Kernel Protections]( The proof-of-concept attack from MIT CSAIL researchers undermines the pointer authentication feature used to defend the Apple chip's OS kernel. EDITORS' CHOICE [Emotet Banking Trojan Resurfaces, Skating Past Email Security]( The malware is using spreadsheets, documents, and other types of Microsoft Office attachments in a new and improved version that is often able to bypass email gateway-security scanners. LATEST FROM THE EDGE [How 4 Young Musicians Hacked Sheet Music to Help Fight the Cold War]( In 1985, a group of klezmer musicians from the US rendezvoused with underground dissidents in Tbilisi, Georgia. This is the story of how they pulled it off with homebrew cryptography. WEBINARS - [Using Threat Modeling to Improve Enterprise Cyber Defenses]( As enterprises deal with multiple threats coming in different forms, security teams are shifting to a risk-based security to handle these challenges. One of the key tools is threat modeling, a process intended to help identify potential weaknesses and prioritize ... - [Vendors as Your Largest BEC Threat]( The tactics that worked for your business five years ago likely aren't still working today, and cybercrime is no different. The CEO fraud that dominated the last few years is not nearly as successful as it used to be, partially ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [Five Best Practices for AWS Security Monitoring]( - [Sumo Logic for Continuous Intelligence]( - [Gartner, Quick Answer: How Can Organizations Use DNS to Improve Their Security Posture?]( - [The Case for Cyber Risk Management Platforms]( - [2022 The State of Application Data Privacy and Security]( - [Optimizing Endpoint Protection]( - [Ambush Attackers at the Endpoint with the Endpoint Detection Net (EDN) Suite]( [View More White Papers >>]( FEATURED REPORTS - [How Enterprises Are Securing the Application Environment]( Download this report from Dark Reading to learn more about the measures enterprises have adopted to ensure the security of their internally developed applications and third-party packaged applications. - [How Enterprises Plan to Address Endpoint Security Threats in a Post-Pandemic World]( Dark Reading's 2022 Endpoint Security Report examines how IT and cybersecurity professionals are grappling with the impact of pandemic-related changes on endpoint security strategies. The report explores how they are building their endpoint security defenses, and provides insight on what organizations ... - [How Enterprises Are Assessing Cybersecurity Risk in Today's Environment]( Many cybersecurity pros expect fundamental, long-term changes to their organization's computing and data security due to the shift to more remote work and accelerated cloud adoption. Download this report from Dark Reading to learn more about their challenges and concerns. [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [CrowdStrike Introduces Humio for Falcon, Redefining Threat Hunting with Unparalleled Scale and Speed]( [37 Major Companies and Organizations Pledge to Enhance Cyber Resiliency and Counter Evolving Global Threats]( [Cybersecurity Industry Leaders Launch Campaign to Close the Cybersecurity Talent Gap]( [CrowdStrike Introduces CrowdStrike Asset Graph to Help Organizations Proactively Identify and Eliminate Blind Spots]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [The State of Malware Threats]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2022]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)