Suspected MFA Bombing Attacks Target Apple iPhone Users

Several Apple device users have experienced recent incidents where they have received incessant password reset prompts and vishing calls from a number spoofing Apple's legitimate customer support line.

Follow Dark Reading:

March 29, 2024

LATEST SECURITY NEWS & COMMENTARY Suspected MFA Bombing Attacks Target Apple iPhone Users Several Apple device users have experienced recent incidents where they have received incessant password reset prompts and vishing calls from a number spoofing Apple's legitimate customer support line. Pervasive LLM Hallucinations Expand Code Developer Attack Surface The tendency of popular AI-based tools to recommend nonexistent code libraries offers a bigger opportunity than thought to distribute malicious packages. Corporations With Cyber Governance Create Almost 4X More Value Those with special committees that include a cyber expert rather than relying on the full board are more likely to improve security and financial performance. Cisco IOS Bugs Allow Unauthenticated, Remote DoS Attacks Several Cisco products, including IOS, IOS XE, and AP software, need patching against various high-risk security vulnerabilities. US Puts Up $10M Bounty on BlackCat Ransomware Gang Members Feds are offering cash for information to help them crack down on the ransomware-as-a-service group's cyberattacks against US critical infrastructure. Saudi Arabia, UAE Top List of APT-Targeted Nations in the Middle East Government, manufacturing, and the energy industry are the top targets of advanced, persistent threat actors, with phishing attacks and remote exploits the most common vectors. 3 Strategies to Future-Proof Data Privacy To meet changing privacy regulations, regularly review data storage strategies, secure access to external networks, and deploy data plane security techniques. (Sponsored Article) What SolarWinds Means for DevSecOps The SEC's SolarWinds indictment plus its new four-day rule for disclosing cybersecurity incidents have serious implications for DevSecOps teams. MORE NEWS / MORE COMMENTARY HOT TOPICS 'Tycoon' Malware Kit Bypasses Microsoft, Google MFA Threat actors are widely adopting the fast-growing, low-cost phishing-as-a-service (PhaaS) platform, which is sold via Telegram. Getting Security Remediation on the Boardroom Agenda IT teams can better withstand scrutiny by helping their board understand risks and how they are fixed, as well as explaining their long-term vision for risk management. Worldwide Agenda Ransomware Wave Targets VMware ESXi Servers A new, improved variant on the group's malware combines fileless infection, BYOVD, and more to cause havoc in virtual environments. How New-Age Hackers Are Ditching Old Ethics Staying up to date and informed on threat-actor group behavior is one way both organizations and individuals can best navigate the continually changing security landscape. MORE PRODUCTS & RELEASES Flare Acquires Foretrace to Accelerate Threat Exposure Management Growth Checkmarx Announces Partnership With Wiz WiCyS and ISC2 Launch Spring Camp for Cybersecurity Certification New Cyber Threats to Challenge Financial Services Sector in 2024 MORE PRODUCTS & RELEASES EDITORS' CHOICE Patchless Apple M-Chip Vulnerability Allows Cryptography Bypass The available options for addressing the flaw are limited, leaving many Macs vulnerable to a "GoFetch" attack that steals keys — even quantum-resistant ones. LATEST FROM THE EDGE It's Time to Stop Measuring Security in Absolutes All-or-nothing security policies strain resources by aiming for perfection. We need a better way to assess progress. LATEST FROM DR TECHNOLOGY Strata Identity Releases New Authentication Recipes The Microsoft Identity Cookbook is a collection of orchestration recipes to help organizations adopt cloud-based identity providers. LATEST FROM DR GLOBAL Indian Government, Oil Companies Breached by 'HackBrowserData' The malicious actor used Slack channels as an exfiltration point to upload the stolen data. WEBINARS Securing Code in the Age of AI Guarding the Cloud: Top 5 Cloud Security Hacks and How You Can Avoid Them View More Dark Reading Webinars >> WHITE PAPERS The State of Incident Response Cheat Sheet - 5 Strategic Security Checkpoints A Solution Guide to Operational Technology Cybersecurity Demystifying Zero Trust in OT Causes and Consequences of IT and OT Convergence Endpoint Best Practices to Block Ransomware 2023 Work-from-Anywhere Global Study View More White Papers >> FEATURED REPORTS Industrial Networks in the Age of Digitalization Zero-Trust Adoption Driven by Data Protection How Enterprises Assess Their Cyber-Risk View More Dark Reading Reports >>

Dark Reading Daily -- Published By Dark Reading Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond here. Thoughts about this newsletter? Give us feedback. Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our Privacy Statement.

© 2024 | Informa Tech | Privacy Statement | Terms & Conditions | Contact Us