• Home
  • Motorcycles
  • Electric Motorcycles
  • 3 wheelers
  • FUV Electric 3 wheeler
  • Shop
  • Listings

Subscribe to Updates

Get the latest creative news from CycleNews about two, three wheelers and Electric vehicles.

What's Hot

First ever Honda electric motorcycle debuts – and it’s a cafe racer!

Apple’s Big OS Rebrand, OnePlus Embraces AI, and Samsung’s Next Folds—Your Gear News of the Week

Never Drink Alone: A Guide to Turkish Coffee

Facebook Twitter Instagram
  • Home
  • Motorcycles
  • Electric Motorcycles
  • 3 wheelers
  • FUV Electric 3 wheeler
  • Shop
  • Listings
Facebook Twitter Instagram Pinterest
Cycle News
Submit Your Ad
Cycle News
You are at:Home » Apple Chip Flaw Leaks Secret Encryption Keys
Electric Motorcycles

Apple Chip Flaw Leaks Secret Encryption Keys

cycleBy cycleMarch 23, 202404 Mins Read
Share Facebook Twitter Pinterest LinkedIn Tumblr Email
Share
Facebook Twitter LinkedIn Pinterest Email


The next time you stay in a hotel, you may want to use the door’s deadbolt. A group of security researchers this week revealed a technique that uses a series of security vulnerabilities that impact 3 million hotel room locks worldwide. While the company is working to fix the issue, many of the locks remain vulnerable to the unique intrusion technique.

Apple is having a tough week. In addition to security researchers revealing a major, virtually unpatchable vulnerability in its hardware (more on that below), the United States Department of Justice and 16 attorneys general filed an antitrust lawsuit against the tech giant, alleging that its practices related to its iPhone business are illegally anticompetitive. Part of the lawsuit highlights what it calls Apple’s “elastic” embrace of privacy and security decisions—particularly iMessage’s end-to-end encryption, which Apple has refused to make available to Android users.

Speaking of privacy, a recent change to cookie pop-up notifications reveals the number of companies each website shares your data with. A WIRED analysis of the top 10,000 most popular websites found that some sites are sharing data with more than 1,500 third parties. Meanwhile, employer review site Glassdoor, which has long allowed people to comment about companies anonymously, has begun encouraging people to use their real names.

And that’s not all. Each week, we round up the security and privacy news we don’t cover in depth ourselves. Click the headlines to read the full stories. And stay safe out there.

Apple’s M-series of chips contain a flaw that could allow an attacker to trick the processor into revealing secret end-to-end encryption keys on Macs, according to new research. An exploit developed by a team of researchers, dubbed GoFetch, takes advantage of the M-series chips’ so-called data memory-dependent prefetcher, or DMP. Data stored in a computer’s memory have addresses, and DMP’s optimize the computer’s operations by predicting the address of data that is likely to be accessed next. The DMP then puts “pointers” that are used to locate data addresses in the machine’s memory cache. These caches can be accessed by an attacker in what’s known as a side-channel attack. A flaw in the DMP makes it possible to trick the DMP into adding data to the cache, potentially exposing encryption keys.

The flaw, which is present in Apple’s M1, M2, and M3 chips, is essentially unpatchable because it is present in the silicon itself. There are mitigation techniques that cryptographic developers can create to reduce the efficacy of the exploit, but as Kim Zetter at Zero Day writes, “the bottom line for users is that there is nothing you can do to address this.”

In a letter sent to governors across the US this week, officials at the Environmental Protection Agency and the White House warned that hackers from Iran and China could attack “water and wastewater systems throughout the United States.” The letter, sent by EPA administrator Michael Regan and White House national security adviser Jake Sullivan, says hackers linked to Iran’s Islamic Revolutionary Guard and Chinese state-backed hacker group known as Volt Typhoon have already attacked drinking water systems and other critical infrastructure. Future attacks, the letter says, “have the potential to disrupt the critical lifeline of clean and safe drinking water, as well as impose significant costs on affected communities.”

There’s a new version of a wiper malware that Russian hackers appear to have used in attacks against several Ukrainian internet and mobile service providers. Dubbed AcidPour by researchers at security firm SentinelOne, the malware is likely an updated version of the AcidRain malware that crippled the Viasat satellite system in February 2022, heavily impacting Ukraine’s military communications. According to SentinelOne’s analysis of AcidPour, the malware has “expanded capabilities” that could allow it to “better disable embedded devices including networking, IoT, large storage (RAIDs), and possibly ICS devices running Linux x86 distributions.” The researchers tell CyberScoop that AcidPour may be used to carry out more widespread attacks.

Volt Typhoon isn’t the only China-linked hacker group wreaking widespread havoc. Researchers at security firm TrendMicro revealed a hacking campaign by a group known as Earth Krahang that’s targeted 116 organizations across 48 countries. Of those, Earth Krahang has managed to breach 70 organizations, including 48 government entities. According to TrendMicro, the hackers gain access through vulnerable internet-facing servers or through spear-phishing attacks. They then use access to the targeted systems to engage in espionage and commandeer the victims’ infrastructure to carry out further attacks. Trend Micro, which has been monitoring Earth Krahang since early 2022, also says it found “potential links” between the group and I-Soon, a Chinese hack-for-hire firm that was recently exposed by a mysterious leak of internal documents.



Source link

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
Previous ArticleSchuberth C5 Carbon Review [Schuberth Performance Helmet]
Next Article The US Is About to Drown in a Sea of Kittens
cycle
  • Website

Related Posts

First ever Honda electric motorcycle debuts – and it’s a cafe racer!

May 31, 2025

Apple’s Big OS Rebrand, OnePlus Embraces AI, and Samsung’s Next Folds—Your Gear News of the Week

May 31, 2025

Never Drink Alone: A Guide to Turkish Coffee

May 31, 2025
Add A Comment

Leave A Reply Cancel Reply

You must be logged in to post a comment.

Demo
Top Posts

First ever Honda electric motorcycle debuts – and it’s a cafe racer!

May 31, 2025

The urban electric commuter FUELL Fllow designed by Erik Buell is now opening orders | thepack.news | THE PACK

July 29, 2023

2024 Yamaha Ténéré 700 First Look [6 Fast Facts For ADV Riding]

July 29, 2023
Stay In Touch
  • Facebook
  • YouTube
  • TikTok
  • WhatsApp
  • Twitter
  • Instagram
Latest Reviews

Subscribe to Updates

Get the latest tech news from FooBar about tech, design and biz.

Demo
Most Popular

First ever Honda electric motorcycle debuts – and it’s a cafe racer!

May 31, 2025

The urban electric commuter FUELL Fllow designed by Erik Buell is now opening orders | thepack.news | THE PACK

July 29, 2023

2024 Yamaha Ténéré 700 First Look [6 Fast Facts For ADV Riding]

July 29, 2023
Our Picks

The Throttle Stop – August 2023

Tesla Killed The Cheapest Model Y In the US! Quick Thoughts

2024 Honda CB125R First Look [Fast Facts From Europe]

Subscribe to Updates

Get the latest news from CycleNews about two, three wheelers and Electric vehicles.

© 2025 cyclenews.blog
  • Home
  • About us
  • Get In Touch
  • Shop
  • Listings
  • My Account
  • Submit Your Ad
  • Terms & Conditions
  • Stock Ticker

Type above and press Enter to search. Press Esc to cancel.