IT 新聞

GitHub's new privacy policy sparks backlash over tracking cookies

Developers are furious at GitHub's upcoming privacy policy changes that would allow GitHub to place tracking cookies on some of its subdomains. The Microsoft subsidiary announced this month, it would be adding "non-essential cookies" on some marketing web pages starting in September, and offered a 30-day "comment period."

New dark web markets claim association with criminal cartels

Several new marketplaces have appeared on the dark web, claiming to be the dedicated online portals for notorious criminal cartels from Mexico.

7-Eleven Denmark confirms ransomware attack behind store closures

7-Eleven Denmark has confirmed that a ransomware attack was behind the closure of 175 stores in the country on Monday.

Automotive supplier breached by 3 ransomware gangs in 2 weeks

An automotive supplier had its systems breached and files encrypted by three different ransomware gangs over a two-week span in May, two of the attacks happening within just two hours.

Conti extortion gangs behind surge of BazarCall phishing attacks

At least three groups split from the Conti ransomware operation have adopted BazarCall phishing tactics as the primary method to gain initial access to a victim's network.

Cisco hacked by Yanluowang ransomware gang, 2.8GB allegedly stolen

Cisco confirmed today that the Yanluowang ransomware group breached its corporate network in late May and that the actor tried to extort them under the threat of leaking stolen files online.

Hacker uses new RAT malware in Cuba Ransomware attacks

A member of the Cuba ransomware operation is employing previously unseen tactics, techniques, and procedures (TTPs), including a novel RAT (remote access trojan) and a new local privilege escalation tool.

Cisco fixes bug allowing RSA private key theft on ASA, FTD devices

Cisco has addressed a high severity vulnerability affecting its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software.

Phishing attack abuses Microsoft Azure, Google Sites to steal crypto

A new large-scale phishing campaign targeting Coinbase, MetaMask, Kraken, and Gemini users is abusing Google Sites and Microsoft Azure Web App to create fraudulent sites.

Google now blocks Workspace account hijacking attempts automatically

Google Workspace (formerly G Suite) now comes with stronger protections for risky account actions, automatically blocking hijacking attempts with identity verification prompts and logging them for further investigation.