新聞近年來遊戲玩家不斷成為駭客鎖定的目標,如今有人專門打造惡意軟體租用服務(Malware-as-a-Service),探供買家對特定遊戲的玩家發動攻擊。資安公司McAfee揭露惡意軟體租用服務WeedHack,該平臺從今年1月開始出現,專門針對Minecraft玩家,迄今已確認有116,464臺電腦受害,而且遭感染的電腦數量每天會增加2千至3千臺。一旦遭到感染,攻擊者可竊取帳密資料並挾持Disc…
Demand Is Booming For New No Tech, Repairable Tractor https://tech.slashdot.org/story/26/06/04/0043253/demand-is-booming-for-new-no-tech-repairable-tractor?utm_source=rss1.0mainlinkanon
新聞工業環境中的老舊系統(Legacy Systems)風險持續成焦點,TXOne Networks近期針對歐洲揭露其2026年度OT資安報告研究細節,解析當地工業領域面臨的挑戰。報告指出,過去一年有超過半數(51%)的歐洲工業組織,曾經歷涉及老舊Windows系統的資安事件,這項數據相較於2025年的43%有明顯增長。值得注意的是,約25%受訪者表示相關資安事故在一年內發生不只一次,反映出舊系統…
新聞英國競爭與市場管理局(Competition and Markets Authority,CMA)周三(6/3)宣布,對Google搜尋服務祭出新的行為要求(Conduct Requirement),正式要求Google讓出版商能夠單獨選擇退出(Opt-out)AI Overviews等AI搜尋功能對其內容的使用,同時不得影響其內容出現在一般搜尋結果中的資格。CMA表示,這是全球首個針對AI搜…
AI-enabled cybercriminals have better tools and are inflicting more pain on their victims, wiping out virtual machines and hypervisors and leaving infrastructure in a "dark, dead" state after an attac…
新聞上週資安公司Sansec提出警告,Magento網頁快取外掛程式Mirasvit Cache Warmer存在重大漏洞CVE-2026-45247,攻擊者在未經身分驗證的情況下,可在PHP物件進行注入,CVSS風險評為9.8分,用戶應儘速更新因應。本週美國網路安全與基礎設施安全局(CISA)指出,他們已掌握漏洞遭積極利用的證據。6月3日CISA將上述漏洞加入已遭利用的漏洞名單(KEV),要求聯…
Widely-Used libinput Updated Due To Arbitrary Root Code Execution The libinput input handling library used by both X.Org and Wayland environments on modern Linux desktops is out with a new security fi…
Phoronix@masto.ai
·
新聞Google於6月Android例行更新(Android Security Bulletin)修補零時差漏洞CVE-2025-48595,此為存在於Android框架的權限提升漏洞,已被鎖定目標的局部活動所利用,隨後美國網路安全暨基礎設施安全局(CISA)也證實被用於實際攻擊的情況。6月2日CISA發布公告,他們掌握兩個漏洞遭到積極利用的跡象,將它們加入已遭利用漏洞列表(KEV),其中一個就是…
新聞Google於5月26日宣布強化Google Workspace安全功能,擴大既有網域外檔案警示(Out-of-Domain file-level warnings)的適用範圍,新增支援行動裝置App、檔案共享通知等情境。Google表示,這項功能可協助企業使用者辨識來自組織外部的文件與使用者,降低外洩敏感資料及遭遇網路釣魚攻擊的風險。根據Google說明,網域外檔案警示功能在2025年4月推…
新聞研究人員於6月3日揭露名為HTTP/2 Bomb的遠端阻斷服務(DoS)攻擊手法,影響多款主流網頁伺服器與代理伺服器,包括Nginx、Apache httpd、Microsoft IIS、Envoy與Cloudflare Pingora。這項攻擊鎖定HTTP/2預設組態,攻擊者可透過少量流量消耗伺服器大量記憶體,導致服務回應緩慢或無法存取。資安研究發布平臺Calif指出,這項攻擊是由OpenA…
3mdeb Keeps Making Progress On Their Coreboot + AMD openSIL Port To Ryzen MSI Board Following thr 3mdeb consulting firm's recent release of their Dasharo build of Coreboot and AMD openSIL for the Giga…
Phoronix@masto.ai
·
Nintendo confirms it will sell a new Switch 2 with replaceable battery in the EU https://www.theverge.com/games/942808/nintendo-switch-2-replaceable-battery-eu
Fedora Linux 43 Exposes 20-Year-Old Microsoft Outlook Security Failure https://linux.slashdot.org/story/26/06/03/2120212/fedora-linux-43-exposes-20-year-old-microsoft-outlook-security-failure?utm_sour…
新聞微軟預告,身分識別與存取管理服務Microsoft Entra ID的自助式密碼重設(Self-Service Password Reset,SSPR)流程,將自2026年9月7日起調整。企業使用者透過SSPR重設密碼並驗證身分時,僅能使用事先完成註冊的驗證方法。若手機號碼、公司電話或備用電子郵件僅存在於目錄屬性中,未正式註冊為驗證方法,政策生效後將無法再用於密碼重設。根據微軟5月28日發布的…
Microsoft, Atom Computing, EeroQ update their quantum computing progress Some quantum computing companies we've covered have done recent progress updates. https://arstechnica.com/science/2026/06/micro…
EU Plots To Abandon US Tech https://tech.slashdot.org/story/26/06/03/2028239/eu-plots-to-abandon-us-tech?utm_source=rss1.0mainlinkanon
Apple is bringing age verification to Texas this week https://www.theverge.com/tech/942761/apple-texas-age-verification-app-store
Perhaps you stopped by a friend's house and rang their Ring doorbell. Or maybe you walked past a neighbor's front door on your way somewhere else. According to a new class action lawsuit, Ring's Famil…
Steve Ballmer’s darkest fear has come to pass: Linux has worked itself into the deepest innards of Microsoft Windows itself. At the company’s annual Build developer conference this week, Microsoft rel…
Wireless jamming attacks are on the rise. Rice University researchers have shown how self-curving radio beams can make a jammer appear to be somewhere it isn't, potentially undermining some anti-jammi…
We can't find the internet
Attempting to reconnect
Something went wrong!
Attempting to reconnect
