2025-02-22 21:39:09 Pacfic
South Korea Suspends DeepSeek AI Downloads Over Privacy - 4d
South Korea has temporarily suspended downloads of DeepSeek AI’s apps due to privacy concerns. The Personal Information Protection Commission (PIPC) cited the need for the service to comply with data protection regulations. This action follows similar restrictions in other regions, highlighting increasing global scrutiny over AI app privacy practices. The suspension will remain in effect until DeepSeek implements the necessary changes to address the identified privacy issues.
whoAMI Attack Exploits AWS AMI Name Confusion - 6d
A new type of name confusion attack called whoAMI that allows anyone who publishes an Amazon Machine Image (AMI) with a specific name to gain code execution within the Amazon Web Services (AWS) account. An AMI is a pre-configured virtual machine template used to launch EC2 instances in AWS. Attackers can exploit this by publishing a malicious AMI with a matching name and newer timestamp, tricking automated infrastructure-as-Code (IaC) tools like Terraform into selecting a compromised image.
Threat to Software Supply Chain via Abandoned AWS S3 Buckets - 15d
Abandoned AWS S3 buckets used by various software projects, governments, and infrastructure deployment pipelines, now pose security risks.
Ransomware Abuses AWS Encryption Features - 8d
A new ransomware campaign is exploiting Amazon Web Services’ (AWS) Server-Side Encryption with Customer Provided Keys (SSE-C) to encrypt S3 buckets. The attackers use encryption keys unknown to the victims and demand ransoms for the decryption keys. This attack abuses a legitimate AWS feature, creating a very difficult situation for its victims who cannot recover their data without the decryption key. The ransomware crew has been dubbed ‘Codefinger’.
Fake BMI App on Amazon Appstore Steals Data - 2h
A fake BMI calculator app, ‘BMI CalculationVsn,’ on the Amazon Appstore was stealing user data. The app has been removed from the store after the report by McAfee. Users who installed the app should manually uninstall it.
Amazon Under Fire For Its Growing Partnership With TikTok - 7d
Amazon is facing scrutiny from the US House Select Committee on China regarding its growing partnership with TikTok. The Committee summoned Amazon staffers in September to discuss concerns about the partnership, particularly in light of TikTok’s Chinese ownership. This development highlights increasing concerns about the potential security risks associated with TikTok and its access to user data. The Committee’s investigation raises questions about the potential for TikTok to be used as a tool for Chinese government espionage or influence operations. The investigation underscores the growing global tension surrounding data security and the potential for tech companies with ties to foreign governments to be used for nefarious purposes.