< ciso
brief />
Vendor and Hyperscaler Watch Banner

All news in category “Vendor and Hyperscaler Watch

4625 articles · page 125 of 232

Microsoft Alerts: Phishing Uses Email Routing and DMARC Gaps

📧 Microsoft’s Threat Intelligence team warns that attackers are increasingly exploiting complex email routing and misconfigured DMARC and SPF policies to make phishing messages appear to come from inside targeted organizations. These campaigns often rely on MX records that route mail through on‑premises servers or third‑party relays before Microsoft 365, which can prevent correct spoof checks. Threat actors deliver lures ranging from password resets to shared documents and use PhaaS platforms such as Tycoon 2FA. Microsoft advises enforcing strict DMARC reject and SPF hard-fail policies, verifying connectors, and adopting phishing-resistant MFA like FIDO2 keys.
read more →

How Cisco Talos Powers Security Across Cisco Products

🔐 Cisco Talos is the threat intelligence and security research arm that underpins Cisco's defensive products. Its telemetry-driven intelligence feeds reputation and detection services across the portfolio, including SNORT and SnortML for deep packet inspection and zero-day detection. Talos also powers web and DNS filtering, email threat prevention, layered malware protection, and investigative tooling such as Orbital and Talos IR.
read more →

OpenAI Reportedly Preparing to Test Ads in ChatGPT

📣 OpenAI is reportedly preparing to test ads within ChatGPT, beginning with internal trials limited to employees. Reports say the company is evaluating multiple ad formats — including sponsored content prioritized in AI answers and sidebar placements — while details on how ads would affect paid plans like Go, Plus, and Pro remain unclear. OpenAI has confirmed it is exploring ads and says any approach would be designed to respect users' trust, though the timeline and implementation remain unspecified.
read more →

Microsoft Cancels Exchange Online Bulk Email Rate Limit

📭 Microsoft has canceled plans to impose a new daily limit of 2,000 external recipients on Exchange Online bulk senders after receiving negative customer feedback. The External Recipient Rate (ERR) cap was announced in April 2024 and was scheduled to begin in January 2025 with phased enforcement through late 2025. Microsoft said it will pursue "smarter, more adaptive approaches" to balance security and usability, while existing recipient limits remain unchanged.
read more →

AWS Marketplace Seller Reporting Adds Collection Visibility

📊 AWS announced collection visibility in AWS Marketplace Seller Reporting, adding up-to-date payment collection status to the Billed Revenue Dashboard and Billing Event Data Feed. The update lets sellers distinguish invoiced, collected, and disbursed amounts to close the gap between invoice creation and disbursement. Available in all Regions where Seller Reporting is offered; access via the Marketplace Management Portal → Insights → Finance Operations.
read more →

Amazon ECS Supports tmpfs for Fargate and Managed Instances

🧰 Amazon Elastic Container Service now supports tmpfs mounts for Linux tasks running on AWS Fargate and Amazon ECS Managed Instances, extending functionality beyond the EC2 launch type. Tmpfs creates memory-backed filesystems exposed inside containers for fast temporary storage, caches, and short-lived secrets without writing to task storage. You enable it by adding a linuxParameters block with tmpfs entries in your task definition and specifying containerPath, size, and optional mountOptions; task definitions can be registered or updated via the console, AWS CLI, CloudFormation, or AWS CDK. This capability is available in all AWS Regions where ECS and Fargate are supported.
read more →

Amazon MQ Adds HTTP-Based Auth for RabbitMQ Brokers

🔐 Amazon MQ now supports delegating RabbitMQ authentication and authorization to an HTTP endpoint. The capability is provided as a plugin for RabbitMQ 4.2 and later on Amazon MQ and is enabled by updating the broker configuration file. When provisioning, choose RabbitMQ 4.2 with the m7g instance type via the AWS Console, CLI, or SDKs, then edit the configuration to enable the plugin. The feature is available in all regions where Amazon MQ RabbitMQ 4 instances are offered.
read more →

Microsoft Defender Experts Suite: Expert-Led Security

🔒 The new Microsoft Defender Experts Suite combines managed extended detection and response (MXDR), proactive and reactive incident response, and a designated Microsoft security advisor to help organizations counter advanced, AI-accelerated threats. Microsoft analysts deliver 24/7 triage, continuous threat hunting, and on-demand expertise across endpoints, identities, email, cloud apps, and cloud workloads. Enhanced Designated Engineering supports secure deployment and operational modernization, while Incident Response offers planning, simulations, and rapid remediation. Eligible customers can access a limited-time promotional discount through 2026.
read more →

AWS Config Adds 21 New Resource Types for Monitoring

🔔 AWS Config now supports 21 additional AWS resource types across services such as Amazon EC2, Amazon SageMaker, and Amazon S3 Tables, enabling broader visibility into resource state and drift. If you have recording enabled for all resource types, these additions are tracked automatically and are available to use in Config rules and Config aggregators. The change helps teams discover, assess, and remediate resources more comprehensively.
read more →

Google Public Sector: Year of AI-Driven Transformation 2025

🤖 Google Public Sector summarizes a year of AI, cloud, and security milestones, spotlighting Gemini for Government, Vertex AI, and FedRAMP High authorizations for productivity and analytics offerings. The post highlights DoD IL6 and CMMC Level 2 certifications, partnerships with DLA and GDIT, and large-scale deployments such as GenAI.mil. It emphasizes secure, agentic workflows, edge-capable deployments, and a focus on delivering accredited commercial cloud services to accelerate mission impact.
read more →

CrowdStrike Malware Analysis Agent Detects at Speed

⚡ CrowdStrike’s Malware Analysis Agent, launched as part of the Threat AI initiative at Fal.Con 2025, automates file triage to produce near-real-time, confidence-scored intelligence for analysts. The agent runs parallel static analysis and dynamic sandbox detonations, correlates findings with CrowdStrike’s threat repository and more than 5,000 YARA rules, and synthesizes behavioral summaries, classification, and remediation guidance. Integrated with Falcon Fusion SOAR and APIs, it can trigger automated hunts, deploy protections, export IOCs, and isolate hosts to accelerate response and reduce analyst backlog.
read more →

Palo Alto Networks Prisma AIRS Validated for NVIDIA AI

🔒 Palo Alto Networks announced that Prisma AIRS, accelerated on the NVIDIA BlueField DPU, is now part of the NVIDIA Enterprise AI Factory validated design. The integration embeds zero trust runtime security into AI infrastructure by running Prisma AIRS Network Intercept on BlueField and extending enforcement to cloud environments. It leverages NVIDIA DOCA and DOCA Argus telemetry to feed Cortex XSIAM and Cortex XSOAR for AI-driven detection and response, and recommends hyperscale firewall clusters for defense-in-depth and improved TCO.
read more →

Azure Strategic Planning Enables NVIDIA Rubin Deployments

🚀 Azure says its long-range datacenter strategy already accommodates NVIDIA Vera Rubin NVL72 racks, enabling rapid, large-scale rollouts across current Fairwater sites and planned AI superfactories. Microsoft highlights prior experience with Ampere, Hopper, GB200 and GB300 generations and claims its power, cooling, networking, and memory upgrades align with Rubin’s NVLink, ConnectX‑9, and HBM4 requirements. The post frames co-design work as reducing deployment risk and accelerating customer access to higher-performance inference and training at scale.
read more →

Check Point and NVIDIA Partner to Secure AI Factories

🔒 Check Point and NVIDIA announced an integrated security capability to protect AI "factories" across the entire AI lifecycle, from data ingestion and model training to deployment and inference. The effort targets growing risks such as prompt manipulation and attacks on GenAI infrastructure, which Gartner and other industry surveys identify as rising threats. The collaboration focuses on unified visibility, real-time detection, runtime protection, and centralized policy enforcement to reduce operational risk and help organizations meet compliance and governance requirements.
read more →

Combining Arbor Edge Defense with CDN DDoS Protection

🔒 NETSCOUT's Arbor Edge Defense (AED) complements CDN-based DDoS mitigation by providing inline, on-premises protection for attacks that cloud scrubbing can miss. AED uses AI/ML-driven stateless packet processing and ATLAS threat intelligence to address application-layer, TCP state-exhaustion, and outbound threats. Together, CDN protections and AED form a layered, adaptive defense-in-depth strategy that preserves bandwidth and safeguards availability.
read more →

Amazon EC2 G5 Instances with NVIDIA A10G Now in Hong Kong

🚀 Amazon Web Services has launched Amazon EC2 G5 instances powered by NVIDIA A10G Tensor Core GPUs in the Asia Pacific (Hong Kong) region to support graphics-intensive and machine learning workloads. These instances scale to eight A10G GPUs with 2nd-generation AMD EPYC processors, up to 192 vCPUs, 100 Gbps networking and 7.6 TB of NVMe local storage across eight size options. Customers can tune performance with NVIDIA drivers for compute, gaming, or workstation workloads and purchase capacity as On-Demand or Reserved Instances to meet cost and operational needs.
read more →

Cloud SQL for MySQL: Optimized Writes Boost Throughput

⚡ Cloud SQL for MySQL Enterprise Plus now includes optimized writes, an automated runtime tuning suite that adjusts MySQL configuration and I/O behavior to reduce write latency and increase throughput. Enabled by default on Enterprise Plus instances, the feature implements adaptive purge, adaptive I/O limits, sharded I/O, faster REDO recovery, and adaptive buffer-pool warmup. Google provides a reproducible sysbench benchmark and reports up to 3x write throughput improvements versus the Enterprise edition, with results varying by machine type and workload.
read more →

Google Cloud: VM Extensions Manager for Compute Engine

🚀 VM Extensions Manager is now available in preview as part of the compute.googleapis.com API, enabling administrators to centrally define policies that install and manage Google-provided extensions across VM fleets. The preview supports zonal project policies and key agents — Cloud Ops Agent (ops-agent), Agent for SAP (sap-extension), and Agent for Compute Workload (workload-extension) — with options to pin versions or use automatic rollouts. Policies are enforced by a progressive rollout engine, and Google will expand global, Organization, and Folder-level policy support in the coming months.
read more →

Google Cloud Joins Auto-ISAC to Strengthen Vehicle Security

🚗 Google Cloud has joined the Automotive Information Sharing and Analysis Center as an Innovator Partner, pledging experts and resources to bolster vehicle and supply-chain cybersecurity. The partnership will bring threat intelligence and incident response expertise — including insights from Mandiant — to help members anticipate, mitigate, and respond to attacks against cloud-connected, software‑defined vehicles and Industry 4.0 environments. Google cites a $10 billion cybersecurity investment over five years as part of its broader commitment.
read more →

AWS Resource Explorer now available in New Zealand

🔍 AWS Resource Explorer is now available in the Asia Pacific (New Zealand) Region. This rollout lets customers search for and discover AWS resources across Regions and accounts using the console, AWS CLI, SDKs, or the unified search bar in the Management Console. Administrators can enable the service in the AWS Resource Explorer console to centralize asset discovery and streamline operations across their organization. AWS also provides documentation and region availability guidance to assist setup and adoption.
read more →