2025

Watch Out For These 8 Cloud Security Shifts in 2025 2025-02-04 at 13:48 By As cloud security evolves in 2025 and beyond, organizations must adapt to both new and evolving realities, including the increasing reliance on cloud infrastructure for AI-driven workflows and the vast quantities of data being migrated to the cloud. But there are

Abandoned AWS S3 buckets can be reused in supply-chain attacks that would make SolarWinds look ‘insignificant’ 2025-02-04 at 13:06 By Jessica Lyons When cloud customers don’t clean up after themselves, part 97 Abandoned AWS S3 buckets could be reused to hijack the global software supply chain in an attack that would make Russia’s “SolarWinds adventures

Amazon’s Kuiper secures license to take on Starlink in the UK 2025-02-04 at 12:35 By Richard Speed Everybody is going to play nice, OK? Telecom watchdog Ofcom has granted a license application from Amazon Kuiper Services Europe for satellite connectivity in the UK.… This article is an excerpt from The Register View Original Source

Ransomware attack targets the New York Blood Center 2025-02-04 at 12:16 By The New York Blood Center experienced a ransomware attack.  This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source

UK govt must learn fast and let failing projects die young 2025-02-04 at 11:48 By Lindsay Clark Tackle longstanding issues around productivity, cyber resilience and public sector culture, advises spending watchdog The UK’s government spending watchdog has called on the current administration to make better use of technology to kickstart the misfiring economy and ensure

Taiwan Bans DeepSeek AI Over National Security Concerns, Citing Data Leakage Risks 2025-02-04 at 11:48 By Taiwan has become the latest country to ban government agencies from using Chinese startup DeepSeek’s Artificial Intelligence (AI) platform, citing security risks. “Government agencies and critical infrastructure should not use DeepSeek, because it endangers national information security,” according to

AMD SEV-SNP Vulnerability Allows Malicious Microcode Injection with Admin Access 2025-02-04 at 11:48 By A security vulnerability has been disclosed in AMD’s Secure Encrypted Virtualization (SEV) that could permit an attacker to load a malicious CPU microcode under specific conditions. The flaw, tracked as CVE-2024-56161, carries a CVSS score of 7.2 out of 10.0, indicating

Google patches odd Android kernel security bug amid signs of targeted exploitation 2025-02-04 at 10:30 By Iain Thomson Also, Netgear fixes critical router, access point vulnerabilities Google has released its February Android security updates, including a fix for a high-severity kernel-level vulnerability, which is suspected to be in use by targeted exploits.… This article is

Microsoft Patches Critical Azure AI Face Service Vulnerability with CVSS 9.9 Score 2025-02-04 at 08:33 By Microsoft has released patches to address two Critical-rated security flaws impacting Azure AI Face Service and Microsoft Account that could allow a malicious actor to escalate their privileges under certain conditions. The flaws are listed below – CVE-2025-21396 (CVSS

Google Patches 47 Android Security Flaws, Including Actively Exploited CVE-2024-53104 2025-02-04 at 08:33 By Google has shipped patches to address 47 security flaws in its Android operating system, including one it said has come under active exploitation in the wild. The vulnerability in question is CVE-2024-53104 (CVSS score: 7.8), which has been described as a