"New GoFetch attack on Apple Silicon CPUs can steal crypto keys."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 22 March 2024, 1520 UTC.

Content and Source:

Please scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (

New GoFetch attack on Apple Silicon CPUs can steal crypto keys

  • A new side-channel attack called "GoFetch" impacts Apple M1, M2, and M3 processors and can be used to steal secret cryptographic keys from data in the CPU's cache.

  • Arduino

Build your own IoT gear with $350 off Raspberry Pi & Arduino training

  • Why wait for a company to manufacture the tech you need when you can build it yourself? These nine Raspberry Pi and Arduino courses show you how for $69.99, $353 off the $423 MSRP.

    • MARCH 22, 2024
    • 07:17 AM
    • Comment Count 0
  • Pwn2Own Vancouver

Hackers earn $1,132,500 for 29 zero-days at Pwn2Own Vancouver

  • Pwn2Own Vancouver 2024 has ended with security researchers collecting $1,132,500 after demoing 29 zero-days (and some bug collisions).

  • Windows 11

Windows 11 Notepad finally gets spellcheck and autocorrect

  • Microsoft continues to add new features to the Windows Notepad, today announcing a preview release with built-in spellchecking and an autocorrect feature.

  • KDE

KDE advises extreme caution after theme wipes Linux user's files

  • On Wednesday, the KDE team warned Linux users to exercise "extreme caution" when installing global themes, even from the official KDE Store, because these themes run arbitrary code on devices to customize the desktop's appearance.

  • Windows 10

This Windows 11 Pro and Microsoft Office 2019 bundle is now under $50

  • Grab this Windows 11 Pro and Microsoft Office 2019 lifetime license bundle while it's on sale for just $49.97 (reg. $408) through March 24 at 11:59 p.m. PT. No coupon is needed.

    • MARCH 21, 2024
    • 02:21 PM
    • Comment Count 1
  • RFID Hotel Room Door Unlock

Unsaflok flaw can let hackers unlock millions of hotel doors

  • Security vulnerabilities in over 3 million Saflok electronic RFID locks deployed in 13,000 hotels and homes worldwide allowed researchers to easily unlock any door in a hotel by forging a pair of keycards.

  • WordPress

Evasive Sign1 malware campaign infects 39,000 WordPress sites

  • A previously unknown malware campaign called Sign1 has infected over 39,000 websites over the past six months, causing visitors to see unwanted redirects and popup ads.

  • Fortinet

Exploit released for Fortinet RCE bug used in attacks, patch now

  • Security researchers have released a proof-of-concept (PoC) exploit for a critical vulnerability in Fortinet's FortiClient Enterprise Management Server (EMS) software, which is now actively exploited in attacks.

  • What the Latest Ransomware Attacks Teach About Defending Networks

What the Latest Ransomware Attacks Teach About Defending Networks

  • Recent ransomware attacks have shared valuable lessons on how to limit risk to your own networks. Learn from Blink Ops about how organizations can limit their ransomware risk.

  • Windows Server

Microsoft confirms Windows Server issue behind domain controller crashes

  • Microsoft confirmed that a memory leak introduced with the March 2024 Windows Server security updates is behind a widespread issue causing Windows domain controllers to crash.

  • Coder Programmer

Learn new coding skills with $550 off StackSkills Unlimited

  • Picking up new skills and ideas is part of the joy of life. This lifetime subscription to StackSkills Unlimited provides hours of training for $49.99, $550 off the $599 MSRP.

    • MARCH 21, 2024
    • 07:15 AM
    • Comment Count 0
  • Pwn2Own Vancouver

Windows 11, Tesla, and Ubuntu Linux hacked at Pwn2Own Vancouver

  • On the first day of Pwn2Own Vancouver 2024, contestants demoed 19 zero-day vulnerabilities in Windows 11, Tesla, Ubuntu Linux and other devices and software to win $732,500 and a Tesla Model 3 car.

  • Windows Server

New Windows Server updates cause domain controller crashes, reboots

  • The March 2024 Windows Server updates are causing some domain controllers to crash and restart, according to widespread reports from Windows administrators.

  • SPA GP

Spa Grand Prix email account hacked to phish banking info from fans

  • Hackers hijacked the official contact email for the Belgian Grand Prix event and used it to lure fans to a fake website promising a €50 gift voucher.

  • Loop DoS

New ‘Loop DoS’ attack may impact up to 300,000 online systems

  • A new denial-of-service attack dubbed 'Loop DoS' targeting application layer protocols can pair network services into an indefinite communication loop that creates large volumes of traffic.

  • GitHub

GitHub’s new AI-powered tool auto-fixes vulnerabilities in your code

  • GitHub introduced a new AI-powered feature capable of speeding up vulnerability fixes while coding. This feature is in public beta and automatically enabled on all private repositories for GitHub Advanced Security (GHAS) customers

  • Cybersecurity Lock World

Study ethical hacking for life with this $46 course bundle

  • The All-in-One Super-Sized Ethical Hacking Bundle is on sale for just $45.99 (reg. $1,098) for a limited time only. 

    • MARCH 20, 2024
    • 02:11 PM
    • Comment Count 0
  • Ivanti

Ivanti fixes critical Standalone Sentry bug reported by NATO

  • Ivanti warned customers to immediately patch a critical severity Standalone Sentry vulnerability reported by NATO Cyber Security Centre researchers.

  • Greggs

UK bakery Greggs is latest victim of recent POS system outages

  • UK bakery chain Greggs is the latest victim of recent point of sale system outages that forced store closures at large retail chains over the past few weeks.



Popular posts from this blog

SecurityWeek Briefing.

Cyber War Newswire

SecurityWeek Briefing.