AWS sees full-year profit and revenue growth as AI and public cloud demand soars
Amazon Web Services (AWS) has reported a 19% year-on-year (YoY) increase in revenue for the second successive quarter in its latest financial results, covering the…
Month: February 2025
UK Govt Orders Apple to Create Backdoor Access for iCloud Backups
The UK government has reportedly issued a secret order to Apple, compelling the tech giant to create a backdoor for accessing encrypted iCloud backups globally.…
Microsoft Sysinternals 0-Day Vulnerability Enables DLL Injection Attacks on Windows
A critical zero-day vulnerability has been discovered in Microsoft Sysinternals tools, posing a serious security threat to IT administrators and developers worldwide. The vulnerability enables attackers to…
What does the year ahead hold for SMB cybersecurity?
Small and medium businesses (SMBs) play a massive role in the economy and, in the UK private sector alone, account for three-fifths of employment and…
Attackers compromise IIS servers by leveraging exposed ASP.NET machine keys
A ViewState code injection attack spotted by Microsoft threat researchers in December 2024 could be easily replicated by other attackers, the company warned. “In the…
Microsoft Identifies 3,000 Leaked ASP.NET Keys Enabling Code Injection Attacks
Feb 07, 2025Ravie LakshmananCloud Security / Web Security Microsoft is warning of an insecure practice wherein software developers are incorporating publicly disclosed ASP.NET machine keys…
Microsoft Edge update adds AI-powered Scareware Blocker
Microsoft Edge 133 is now rolling out globally, and it ships with several improvements, including a new scareware blocker feature. In addition, Microsoft is updating…
New Attack Abusing Kerberos Delegation in Active Directory Networks
A new attack vector exploiting vulnerabilities in Kerberos delegation within Active Directory (AD) networks has been uncovered, posing significant risks to enterprise security. This technique…
Logsign Vulnerability Allows Remote Attackers to Bypass Authentication
A critical security vulnerability has been identified and disclosed in the Logsign Unified SecOps Platform, allowing remote attackers to bypass authentication mechanisms. The vulnerability tracked…
AI-Powered Social Engineering: Reinvented Threats
The foundations for social engineering attacks – manipulating humans – might not have changed much over the years. It’s the vectors – how these techniques…
430,000 Impacted by Data Breaches at New York, Pennsylvania Healthcare Organizations
The personal and health information of over 430,000 individuals was compromised in October and November 2024 data breaches at Allegheny Health Network (AHN) and University…
Microsoft has finally fixed Date & Time bug in Windows 11
Windows 11’s January 28 optional update has fixed a long-standing issue in Windows 11 24H2 that prevents non-admin users from changing their time zone in…