All news with #news tag

🎮 Microsoft has begun a beta rollout of Gaming Copilot to Windows 11 PCs for users aged 18 and older outside mainland China. Integrated into the Game Bar via the Xbox PC app (Win+G), the assistant offers a Voice Mode for in‑game help, game recommendations, achievement checks and play‑history insights. Microsoft plans to push the feature to the Xbox mobile app on iOS and Android in October. Users can remove the widget from the Game Bar via Settings if they prefer.

🔒 AWS has published its Summer 2025 SOC 1 report covering 183 services for the period July 1, 2024 through June 30, 2025. The report provides independent assurance on controls relevant to customer financial reporting. Customers can download the report via AWS Artifact in the AWS Management Console for on-demand access. AWS says it will continue to expand service coverage and invites customers to contact their account team or the Compliance team with questions.

🚀 Amazon RDS for MySQL now supports MySQL Innovation Release 9.4 in the Amazon RDS Database Preview Environment, enabling customers to evaluate the latest community Innovation Release on managed RDS instances. The Preview Environment supports Single‑AZ and Multi‑AZ deployments on current instance classes and retains preview instances for up to 60 days. Snapshots created in the Preview Environment are restricted to the Preview Environment, and preview instances are billed at the same rates as production RDS instances in the US East (Ohio) Region.

🤝 Check Point Software Technologies recognised top-performing partners across Asia Pacific at its 2025 Partner Conference held 8-11 September at the JW Marriott Hanoi. Nearly 200 regional partners gathered to address rising AI-driven cyber threats, share best practices and strengthen go-to-market strategies. As a 100% partner-led organisation, Check Point celebrated channel excellence with awards that honoured innovation, collaboration and outstanding adoption of its unified security portfolio. The event reinforced the ecosystem’s central role in securing organizations across the region.

🔒 In this Humans of Talos interview, Alex Ryan, an Incident Commander with Cisco Talos Incident Response, reflects on her unconventional path from liberal arts degrees to a career in cybersecurity and threat intelligence. She describes the technical and emotional realities of incident response—triaging IOCs, conducting forensic analysis, and quickly building customer trust—while managing high stress and business risk. Ryan also discusses recovering from burnout after parenthood, learning to set boundaries, and how a supportive team helps sustain long-term performance.

🚀 Today Google announced 14 startups selected for the Google for Startups Accelerator: AI First program serving the Middle East, North Africa, and Turkey. The cohort addresses challenges across finance, real estate, healthcare, industrial safety, TradeTech, and education, and will receive targeted mentorship, technical training, and product and business support. Participants include Abwab.ai, COGNNA, Distichain, xBites, and Navatech, and the program emphasizes responsible AI to accelerate regional scaling and commercialization.

🚨 Security researchers say a new software supply chain campaign has compromised more than 40 npm packages by injecting a malicious bundle.js into republished releases. The trojan installs a downloader that executes TruffleHog to scan hosts for secrets and cloud credentials, targeting both Windows and Linux developer environments. Vendors warn maintainers to audit environments, rotate tokens, and remove affected versions to prevent ongoing exfiltration.

🔒 Google has confirmed that a fraudulent account was created in its Law Enforcement Request System (LERS) and has been disabled. The company says no requests were made and no data was accessed. The claim was posted by a group calling itself Scattered Lapsus$ Hunters, which also alleged access to the FBI's eCheck system; the FBI declined to comment. The group has a history of high-profile Salesforce-related thefts and has publicly taunted law enforcement and security researchers.

🔒 Google confirmed that a fraudulent account was created in its Law Enforcement Request System (LERS) portal and has been disabled. The company said no requests were made with the account and no data was accessed. The claim follows posts by a group calling itself "Scattered Lapsus$ Hunters", which also asserted access to the FBI's eCheck system. The actors have previously targeted Salesforce-related infrastructure and taunted security teams.

📢 Bruce Schneier lists his scheduled public talks and book signings through late 2025 and early 2026. Highlights include a signing at the Cambridge Public Library on October 22, 2025 at 6 PM ET, sponsored by Harvard Bookstore, and a virtual talk about his book Rewiring Democracy on October 23, 2025 at 1 PM ET hosted by Data & Society. He will also appear at the World Forum for Democracy in Strasbourg (Nov 5–7), the University of Toronto Bookstore (Nov 14), the MIT Museum with Crystal Lee (Dec 1), and the Chicago Public Library (Feb 5, 2025). Details and updates are maintained on this page.

🎬 A Tennessee man was sentenced to 57 months in prison after admitting he stole and sold ripped DVD and Blu-ray copies of unreleased blockbuster films. Steven R. Hale, 37, worked for a DVD/Blu-ray manufacturing and distribution company and sold pre-release discs through various e-commerce sites, returning about 1,160 discs as part of restitution. He also pleaded guilty to unlawful firearm possession. Prosecutors say the piracy caused tens of millions of dollars in losses.

🔔Apple has alerted some iCloud account holders to a newly identified spyware campaign that may have compromised at least one device tied to notified accounts. France’s national CERT (CERT-FR), run by ANSSI, published an advisory on 11 September after Apple issued notifications starting 3 September. CERT-FR urged recipients to contact the team immediately, retain the original Apple notification (from threat-notifications@email.apple.com or threat-notifications@apple.com), and avoid altering or restarting affected devices to preserve forensic evidence. The advisory reiterated basic and advanced risk-reduction steps including two-factor authentication, timely updates, enabling automatic updates, separating work and personal use, and activating Lockdown Mode.

🎬 AWS Deadline Cloud is now available in Asia Pacific (Seoul) and Europe (London). This fully managed service simplifies render management for teams producing computer-generated graphics and visual effects, enabling them to scale render farms near creative teams. Customers gain improved integration with existing AWS services and creative pipelines, and can now deploy Deadline Cloud across 10 AWS regions worldwide. Bringing the service closer reduces latency and streamlines collaboration across distributed production workflows.

⚠️ Microsoft is investigating an ongoing Exchange Online outage across North America that is preventing users from accessing mailboxes via any Exchange Online connection method. Customers have reported issues for more than six hours on DownDetector, with sign-in and server connection failures affecting Teams, Outlook, and Hotmail. Microsoft says it is reviewing telemetry and applying changes to optimize affected mailbox infrastructure while the root cause is still under investigation.

🚨 U.S. Senator Ron Wyden requested that the FTC investigate Microsoft for what he describes as “gross cybersecurity negligence” after product weaknesses tied to Kerberos and legacy RC4 usage contributed to ransomware incidents, including the May 2024 Ascension Health breach that exposed data for 5.6 million patients. Wyden says his office alerted Microsoft in July 2024 and urged setting stronger ciphers like AES as defaults; he criticized an October Microsoft blog as too technical to warn corporate decision-makers. Microsoft replied that RC4 accounts for under 0.1% of traffic, that full removal risks breaking legacy systems, and that deprecation is on its roadmap.

🔔 Apple warned customers that their accounts were targeted in a series of mercenary spyware attacks, according to France's CERT‑FR. Notifications were issued on March 5, April 29, June 25 and September 3 and appear at the top of account.apple.com and via the email or phone linked to users' Apple IDs. The alerts indicate highly sophisticated campaigns often using zero‑day and zero‑click techniques, meaning at least one device tied to the account may be compromised. Apple recommends enabling Lockdown Mode and seeking rapid-response assistance through Access Now.

🔒 The Panama Ministry of Economy and Finance (MEF) says a workstation may have been infected with malicious software; established security protocols were activated immediately and the incident has been contained. The ministry asserted that central systems and platforms remain unaffected, and that personal and institutional data are protected while preventive measures were reinforced. However, the INC Ransom group added MEF to its leak site on September 5, claiming to have stolen more than 1.5 TB of emails, financial records and budgeting files; MEF had not responded to requests for comment by publication.

🔁 In May 2025 the EU sanctioned Moldova-based PQ Hosting and its owners, the Neculiti brothers, for alleged links to Kremlin hybrid warfare. Recorded Future and KrebsOnSecurity reporting show Stark Industries quickly rebranded to the[.]hosting under Dutch WorkTitans BV on 24 June 2025 while key address space and assets moved to PQ Hosting Plus S.R.L. Netherlands-based MIRhosting appears to host and manage the new entities, suggesting the sanctions achieved little lasting disruption.

🎉 Microsoft announced that, starting today, individual Windows developers can publish applications to the Microsoft Store without paying registration fees. The policy covers Win32 (including .NET WPF and WinForms), UWP, PWA, .NET MAUI, and Electron apps; Microsoft will host MSIX-packaged binaries, sign apps for free, and pay for distribution so developers don't need their own CDN. Developers of non-gaming apps may also implement their own in-app payment systems and retain all revenue. To publish, creators sign in with a personal Microsoft account and must verify identity with a government ID and a selfie; no credit card is required.

🛑 Calcio, a major illegal sports-streaming platform that drew over 123 million visits in the past year across 134 domains, has been shut down after coordinated action by ACE and DAZN. The Moldova-based operator agreed to cease operations and transferred domains to ACE, which now redirects them to its Watch Legally site. The service had been especially popular in Italy, accounting for more than 80% of traffic.