Pair of Apple Zero-Days Under Active Exploit; Patch & Update Accordingly

Unpatched Macs, iPhones, and iPads open to browser takeover and system kernel-level malicious code execution, Apple warns. [TechWeb]( Follow Dark Reading: [RSS]( April 11, 2023 LATEST SECURITY NEWS & COMMENTARY [Pair of Apple Zero-Days Under Active Exploit; Patch & Update Accordingly]( Unpatched Macs, iPhones, and iPads open to browser takeover and system kernel-level malicious code execution, Apple warns. [Apps for Sale: Cybercriminals Sell Android Hacks for Up to $20K a Pop]( The marketplace for malicious Google Play applications and app-takeover tools is thriving, thanks to novel hacking techniques and lax enterprise security. [Russia's Joker DPR Claims Access to Ukraine Troop Movement Data]( A hacktivist group working with Russia claims it breached DELTA, the Ukrainian battlefield management system (BMS). [High-Stakes Ransomware Response: Know What Cards You Hold]( When ransomware strikes, how much should you gamble on your resources and opponents' intentions? Here's how to deal yourself a rational, informed way to weigh your options after an attack. [Rethinking Cybersecurity's Structure & the Role of the Modern CISO]( A CISO with a focused role will be better prepared to thrive in an organization and accelerate adoption and understanding of cybersecurity. [(Sponsored Article) It Takes AI Security to Fight AI Cyberattacks]( New threats from generative AI demand a generative AI security response. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Bad Actors Will Use Large Language Models — but Defenders Can, Too]( Security teams need to find the best, most effective uses of large language models for defensive purposes. [The Pope's Security Gets a Boost With Vatican's MDM Move]( Faced with enterprise challenges, the Holy See looks to ensure it avoids a "holey" mobile device management solution. [Australia Is Scouring the Earth for Cybercriminals — the US Should Too]( It's time to get ahead of attacks before they even happen. [MORE]( EDITORS' CHOICE [Cybercriminals 'CAN' Steal Your Car, Using Novel IoT Hack]( Your family's SUV could be gone in the night thanks to a headlight crack and hack attack. LATEST FROM THE EDGE [How and Why to Put Multicloud to Work]( Complex multicloud environments present organizations with security challenges, but also opportunities for efficiency. LATEST FROM DR TECHNOLOGY [Renewed Focus on Incident Response Brings New Competitors and Partnerships]( Microsoft and others are doubling down on incident response, adding services and integrating programs to make security analysts and IR engagements more efficient. WEBINARS - [How to Accelerate XDR Outcomes: Bridging the Gap Between Network and Endpoint]( Adversaries are moving faster than ever, with modern attacks coming from all fronts across network, endpoint, and other domains. In 2022, the average breakout time declined from 98 minutes to 84 minutes, highlighting the imperative for IT and security teams to act quickly ... - [How to Launch a Threat Hunting Program]( Security teams need to be more proactive about finding threats before they can cause too much damage. How do these enterprises build threat hunting programs? What stakeholders needs to be involved? What skills are necessary for the threat hunting team? ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [The Essential Guide to Secure Web Gateway]( - [Evaluator's Guide for Managed Detection and Response (MDR) Services]( - [Making Cybersecurity Mesh a Reality]( - [Unit 42 Retainer]( - [Cloud Incident Response Datasheet]( - [Transform Your Security Strategy]( - [2022 Unit 42 Incident Response Report]( [View More White Papers >>]( FEATURED REPORTS - [Shoring Up the Software Supply Chain Across Enterprise Applications]( Supply chain security attacks are growing at an alarming pace, and things are going to keep getting worse until DevSecOps teams get on the same page. A little help from the feds could also be welcome Modern-day software development depends ... - [The Promise and Reality of Cloud Security]( Cloud security has been part of the cybersecurity conversation for years but has been on the sidelines for most enterprises. The shift to remote work during the COVID-19 pandemic and digital transformation projects have moved cloud infrastructure front-and-center as enterprises ... - [10 Hot Talks From Black Hat USA 2022]( Black Hat USA brings together cutting-edge research, new security tools, and sophisticated defensive techniques over the course of two days. There were some recurring themes across the sessions, and many of these topics are going to be important issues to ... [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [CardinalOps Launches MITRE ATT&CK Security Layers for Measuring Detection Posture]( [F5 Safeguards Digital Services With New AI-Powered App and API Security Capabilities]( [Akamai Launches Managed Security Service Updates and New Premium Offering]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [Shoring Up the Software Supply Chain Across Enterprise Applications]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)