All news in category "Vendor and Hyperscaler Watch"

Microsoft deploys Teams screen-capture prevention rollout

🔒 Microsoft is rolling out a new Teams Premium setting that blocks screenshots and recordings in meetings on Windows desktop and Android devices. The feature, called 'Prevent screen capture', was announced for July 2025 but the rollout was delayed and is being introduced in late November 2025. The control is off by default and must be enabled per meeting by organizers or co-organizers; unsupported clients will join audio-only.

Amazon Kinesis Video Streams adds WebRTC multi-viewer

📹 Amazon Kinesis Video Streams now supports WebRTC-based multi-viewer streaming, enabling up to three concurrent viewers of a live feed without increasing device compute or bandwidth. The feature records session audio and video to the cloud for storage, playback, and analytics, and supports two-way audio so participants can communicate in real time. Developers can use the Kinesis Video Streams with WebRTC SDK across cameras, IoT devices, PCs, and mobile devices to build live and on-demand scenarios such as home security, remote proctoring, and robot control centers.

Amazon EventBridge Adds SQS Fair Queue Target Support

🚀 Amazon EventBridge now supports sending events directly to Amazon SQS fair queues, improving message distribution across consumer groups and reducing noisy-neighbor effects in multi-tenant systems. You can choose a fair queue as an EventBridge target via the AWS Management Console, AWS CLI, or AWS SDKs and must supply a MessageGroupID, either as a static value or using a JSON path. Fair queues let multiple consumers process messages from the same tenant concurrently while keeping processing times consistent. Support for Fair Queue and FIFO targets is available in all AWS commercial and AWS GovCloud (US) Regions.

Amazon EC2 U7i-12tb Instances Launch in Stockholm Region

🚀 Amazon has made EC2 High Memory U7i instances with 12TB of DDR5 memory available in the Europe (Stockholm) Region. The u7i-12tb.224xlarge offers 896 vCPUs, up to 100 Gbps for both EBS and networking, and supports ENA Express for improved network performance. Powered by custom fourth‑generation Intel Xeon (Sapphire Rapids), these instances target mission‑critical in‑memory databases such as SAP HANA, Oracle, and SQL Server, enabling higher transaction throughput and faster data loading.

ECS Service Connect: Cross-Account Support in GovCloud

🔗 Amazon ECS Service Connect now supports cross-account communication in AWS GovCloud through integration with AWS Resource Access Manager (AWS RAM). You can share the underlying AWS Cloud Map namespaces with individual accounts, Organizational Units (OUs), or your entire AWS Organization to register services from multiple accounts in a single namespace. The capability works for both Fargate and EC2 launch modes in GovCloud (US-West and US-East) and is available via Console, API, SDK, CLI, and CloudFormation, simplifying service discovery and reducing duplication.

Amazon EC2 I8g Storage-Optimized Instances Expand Regions

🚀 Amazon Web Services announced general availability of Amazon EC2 I8g Storage Optimized instances in Asia Pacific (Seoul) and South America (São Paulo). These instances use third-generation AWS Nitro SSDs to deliver up to 65% better real-time storage performance per TB, with significantly lower storage I/O latency and variability. I8g instances target I/O-intensive, low-latency workloads with up to 45 TB local NVMe storage, up to 100 Gbps networking, and 60 Gbps dedicated EBS bandwidth across multiple sizes including a metal option.

AWS Network Load Balancer Adds QUIC Passthrough Mode

🚀 AWS announced that the Network Load Balancer (NLB) now supports QUIC in passthrough mode, enabling low-latency forwarding of QUIC traffic while preserving session stickiness via the QUIC Connection ID. This helps mobile applications maintain consistent connections when client IPs change during roaming between cellular towers or when switching between Wi‑Fi and cellular. You can enable QUIC on existing or new NLBs through the AWS Management Console, CLI, or APIs. QUIC support is available at no additional charge in all AWS commercial and AWS GovCloud (US) regions and is metered under existing UDP Load Balancer Capacity Unit entitlements.

AWS Expands EC2 G6f NVIDIA L4 GPU Instances to More Regions

🚀 Amazon Web Services has expanded availability of EC2 G6f instances powered by NVIDIA L4 GPUs to Europe (Spain) and Asia Pacific (Seoul), improving access for graphics and visualization workloads. G6f instances support GPU partitions as small as one-eighth of a GPU with 3 GB of GPU memory, enabling finer-grained right-sizing and cost savings compared to single‑GPU options. Instances are offered in multiple sizes paired with third‑generation AMD EPYC processors, and are purchasable as On‑Demand, Spot, or via Savings Plans; customers should use NVIDIA GRID driver 18.4 or later to launch these instances.

From Vulnerability Management to Exposure Platform

🛡️ CrowdStrike argues legacy vulnerability management cannot keep pace with AI-accelerated adversaries. Their Falcon Exposure Management platform leverages a single lightweight sensor to deliver continuous, native visibility across endpoints, cloud, and network assets. It pairs adversary-aware risk prioritization with agentic automation and Charlotte Agentic SOAR to reduce manual triage and remediate high-risk exposures quickly. The emphasis is on speeding effective action, cutting tool sprawl, and focusing teams on the small subset of issues that drive most breach risk.

Google Asks US Court to Shut Down Lighthouse Phishing

🛡️ Google has asked a US court to dismantle infrastructure used by the Lighthouse phishing‑as‑a‑service operation after identifying at least 107 sign‑in templates that mimic Google branding. The service is marketed to attackers who send smishing links and host fraudulent sign‑in pages to harvest credentials. Google also urged Congress to consider GUARD, Foreign Robocall Elimination and SCAM bills to bolster enforcement and funding. The company declined additional comment.

Google Sues to Dismantle Lighthouse Phishing Platform

🛡️ Google has filed a lawsuit seeking to dismantle Lighthouse, a China-linked phishing-as-a-service platform accused of powering global SMS phishing ("smishing") campaigns that impersonate USPS and E-ZPass. Google says Lighthouse has impacted more than 1 million victims across 120 countries and that phishing templates even display Google's branding to trick users. The company is pursuing federal claims including RICO, the Lanham Act, and the CFAA while expanding AI and product protections.

AWS ALB Adds JWT Verification for Service-to-Service Auth

🔐 Amazon Web Services added JWT Verification to the Application Load Balancer (ALB), enabling ALB to validate token signatures, expirations, and claims in request headers. The capability supports OAuth 2.0 flows including Client Credentials, letting teams offload M2M/S2S token validation to the ALB without changing application code. The feature is available in all ALB-supported AWS Regions.

Amazon ElastiCache M7g and R7g Graviton3 in GovCloud

🚀 Amazon Web Services has added Graviton3-based M7g and R7g ElastiCache node families to AWS GovCloud (US-East and US-West). These Graviton3 nodes deliver improved price‑performance versus Graviton2 — for example, running ElastiCache for Redis OSS on an R7g.4xlarge can yield up to 28% higher throughput, up to 21% improved P99 latency, and up to 25% greater networking bandwidth. To adopt, create a new cluster or upgrade via the AWS Management Console; consult pricing and the node-type documentation for regional availability and details.

Amazon EKS Independent Validation of Zero-Operator Access

🔒 AWS announced an independent affirmation of the Amazon EKS zero operator access design, validated by cybersecurity firm NCC Group. The review found no architectural gaps and confirmed that AWS personnel lack technical means to access or manipulate customer content in managed Kubernetes control planes or etcd backups. AWS highlights Nitro-based confidential compute, tightly scoped administrative APIs with multi-party change approval, mandatory logging and auditing, and envelope encryption for etcd as core protections. Customers retain visibility via cluster audit logs and remain responsible for securing worker node configurations outside managed modes.

Windows 11 Adds Native Support for Third-Party Passkeys

🔐 Microsoft has added native Windows 11 support for third-party passkey managers, beginning with 1Password and Bitwarden. Introduced in the November 2025 security update, the platform-level passkey API lets Windows generate a cryptographic key pair while storing the private key in the chosen manager, and uses Windows Hello (PIN or biometric) to verify logins. Microsoft also integrated its Microsoft Password Manager from Edge into Windows so users can pick their preferred manager. The change aims to improve portability, phishing resistance, and ease of passwordless authentication across devices.

AWS FIS Adds Partial-Failure Test Scenarios for AZs

🧪 AWS Fault Injection Service (FIS) introduces two new pre-built experiment scenarios to simulate partial, cross- and single-AZ disruptions. The AZ: Application Slowdown scenario simulates increased latency and degraded performance within a single Availability Zone to validate observability, alarms, and AZ evacuation playbooks. The Cross-AZ: Traffic Slowdown scenario simulates degraded traffic between AZs and lets you target subsets of traffic for realistic gray-failure testing. These scenarios are available in all Regions where AWS FIS is offered, including AWS GovCloud (US).

Microsoft unveils Fairwater AI datacenter in Atlanta

🚀 Microsoft announced the new Fairwater Azure AI datacenter in Atlanta, Georgia, expanding its planet-scale AI superfactory. The purpose-built facility integrates massive NVIDIA Blackwell GPU clusters on a single flat network and uses rack-level direct liquid cooling plus a two-story layout to maximize compute density and reduce latency. It also connects via a dedicated AI WAN to enable cross-site fungibility and dynamic workload allocation.

Emerging Threats Center in Google Security Operations

🛡️ The Emerging Threats Center in Google Security Operations uses the Gemini detection‑engineering agent to turn frontline intelligence from Mandiant, VirusTotal, and Google into actionable detections. It generates high‑fidelity synthetic events, evaluates existing rule coverage, and drafts candidate detection rules for analyst review. The capability surfaces campaign‑based IOC and detection matches across 12 months of telemetry to help teams rapidly determine exposure and validate their defensive posture.

BigQuery adds MATCH_RECOGNIZE for row-sequence SQL

🔍 BigQuery now supports MATCH_RECOGNIZE, a SQL clause for identifying ordered patterns across rows and time-series data. It lets analysts express complex sequence logic—using PARTITION BY, ORDER BY, PATTERN, DEFINE and MEASURES—inside a single query without heavy joins or external processing. The feature targets use cases like funnels, fraud detection, log sequencing, and financial pattern detection, and is immediately available to all BigQuery users.

Bringing Connected AI Work Experiences Across Devices

🚀 Google outlines its plan to embed Generative AI across enterprise platforms and endpoints, integrating Gemini into Chrome Enterprise, Android, Pixel phones and Chromebook Plus devices. The post highlights the general availability of Cameyo by Google to virtualize legacy and modern apps in the cloud and the launch of Gemini in Chrome with enterprise-grade controls. It also previews Android XR and Pixel features powered by Gemini Nano, while expanding data loss prevention and a one-click SecOps integration to help IT secure AI-driven workflows.