All news in category "Vendor and Hyperscaler Watch"

Microsoft Defender Bug Triggers False BIOS Update Alerts

⚠️ Microsoft is addressing a logic bug in Microsoft Defender for Endpoint that causes some Dell devices' BIOS firmware to be incorrectly marked as outdated, prompting unnecessary update alerts to users. The company says a fix has been developed and is being prepared for deployment, but it has not disclosed the regions or number of customers affected. Microsoft also recently resolved macOS black screen crashes linked to a deadlock in the Apple enterprise security framework and has been correcting several anti-spam and machine-learning false positives impacting Teams and Exchange Online.

Service Desk as Attack Vector: Defend with Workflows

🔐 The service desk is now a primary enterprise perimeter for attackers, with social-engineering groups like Scattered Spider converting routine requests into broad access — as seen in high-impact incidents such as MGM Resorts and Clorox. Training matters but is not enough; verification must be a security-owned, auditable workflow rather than an agent’s discretionary call. Implement mandatory controls so agents never view credentials, apply role-based verification depths, and use points-based contingency checks when MFA fails. Integrate the flow with ITSM so tickets launch verification automatically, returning results and telemetry for alerting and audit.

Amazon GameLift Servers: View and Connect Instances

🔍 Today, Amazon GameLift Servers added console capabilities to view and connect to individual fleet instances directly from the EC2 and Container Fleet Detail pages. A new Instances tab lists associated hosts and each instance has a details page presenting human-readable metadata (also available via GameLift Server APIs). From the list or detail view you can press a Connect button to open a modal and launch AWS CloudShell to start an SSM session into the instance, enabling hands-on inspection, log retrieval, and faster diagnosis of network and health issues.

Amazon Connect adds customer input for outbound calls

📞 Amazon Connect now supports Get Customer Input and Store Customer Input flow blocks for outbound voice whisper flows. The Get Customer Input block plays a prompt after a customer answers but before the agent connects, capturing responses via DTMF or an Amazon Lex bot. Use cases include obtaining consent for call recording and triggering Contact Lens recording and analytics. The capability is available in all AWS commercial regions and AWS GovCloud (US-West).

AWS Builder ID Now Adds 'Sign in with Google' Support

🔐 AWS now lets individuals create an AWS Builder ID using Sign in with Google, enabling one-click access to AWS applications such as Kiro, AWS Builder Center, AWS Training and Certification, re:Post, and AWS Startups. This personal profile remains separate from AWS account credentials and persists across a user's education and career. The integration simplifies registration, reduces password friction, and streamlines returning-user sign-in.

Open-Source MCP Server for Amazon Bedrock AgentCore

🚀 The open-source Model Context Protocol (MCP) Server is now available for Amazon Bedrock AgentCore, providing a standardized interface that enables developers to analyze, transform, and deploy production-ready AI agents within their preferred development environments. The release includes one-click installation and integrates with agentic IDEs like Kiro and AI coding assistants such as Claude Code, Cursor, and the Amazon Q Developer CLI. Developers can use natural language to iteratively build agents, convert agent logic to the AgentCore SDK, and deploy into development accounts. Documentation and installation instructions are published in the MCP Server GitHub repository, with additional implementation guidance and pricing details available in the AgentCore documentation and pricing resources.

AWS Secrets Manager PrivateLink Support for FIPS Endpoints

🔐 AWS Secrets Manager now supports AWS PrivateLink with all Secrets Manager Federal Information Processing Standard (FIPS) endpoints available in commercial AWS Regions and the AWS GovCloud (US) Regions. With this launch you can establish a private connection between your VPC and Secrets Manager FIPS endpoints instead of connecting over the public internet. This capability helps organizations meet compliance and regulatory requirements that limit public internet connectivity.

Amazon Neptune Integrates with GraphStorm for Real-Time GNNs

🚀 Amazon Neptune now integrates with GraphStorm, enabling developers to deploy graph neural network models for real-time inference directly against transactional graph data. Trained GNNs can query Neptune for subgraph neighborhoods on demand and return predictions such as node classification or link prediction in sub-second timeframes. This supports use cases like fraud detection, dynamic recommendations, and continuous risk scoring while combining inference with analytics.

Amazon Cognito adds configurable terms and privacy URLs

🔒 Amazon Cognito now lets customers configure terms of use and privacy policy document URLs directly in Managed Login pages so legal notices are presented during user registration without custom coding. You can assign URLs per app client and provide language-specific links tied to the lang query-parameter for localized experiences. This simplifies implementation, reduces development effort, and is available to Essentials and Plus tier customers, including AWS GovCloud (US).

AWS Config Advanced Queries, Aggregators in New Zealand

🔔 AWS has expanded AWS Config advanced queries and configuration aggregators to the Asia Pacific (New Zealand) region. Advanced queries provide a single query endpoint and a query language to retrieve current resource configuration and compliance state without issuing service-specific describe API calls. Aggregators enable centralized visibility by collecting configuration and compliance data from multiple accounts and Regions or across an AWS Organization. These capabilities are accessible from the AWS Console and AWS CLI and, with this expansion, are now available in all supported regions.

Google Cloud Releases Generative Media Models on Vertex AI

🎨Google Cloud announced General Availability and feature updates for its generative media models on Vertex AI, including Gemini 2.5 Flash Image, Veo 3, Imagen 4, and Gemini 2.5 TTS. The release emphasizes production readiness and enterprise security while adding multi‑aspect ratio image generation, batch image processing, vertical 9:16 video formats with precise duration controls, and studio‑quality multi‑speaker text‑to‑speech across 70+ languages. These enhancements target teams seeking faster, controlled, and scalable cross‑format media workflows for sight, sound, and motion.

Google Pixel Phones Added to DoDIN APL for Federal Use

🔒 Google Pixel phones have been added to the DoDIN APL, allowing federal agencies to procure devices that meet Department of Defense network security requirements. Pixel 9 hardware and integrated on-device protections combine with Google Cloud for secure remote management, 5G connectivity, and AI-enabled workflows. Use cases include secure field capture, centralized analytics, and pilots such as TrackInspect for transit infrastructure safety.

Automating Pentest Delivery: Seven High-Impact Workflows

🔁 Penetration testing delivery must evolve from static, manual reports to automated, real-time workflows that shorten remediation cycles and improve visibility. This contributed piece highlights seven practical automation workflows — from auto-creating remediation tickets in Jira or ServiceNow to auto-closing informational findings — that reduce triage noise and accelerate fixes. Implementing targeted rules and alerts ensures findings reach the right teams immediately and supports continuous testing practices.

Amazon ECS adds one-click event capture and querying

🔎 The Amazon Elastic Container Service (ECS) console now offers one-click event capture and an integrated event history query interface. With a single click the console configures underlying EventBridge rules and CloudWatch log groups and provides pre-built query templates and filters for time range, task ID, deployment ID, stop codes, and exit codes. Available in all AWS Commercial and GovCloud (US) Regions.

Amazon EC2 Instance Connect Endpoint Adds IPv6 Support

🌐 Amazon EC2 Instance Connect Endpoint now supports IPv6 connectivity. Customers can configure endpoints as dual-stack or IPv6-only to connect to instances with IPv6 addresses and continue using SSH and RDP without public IPv4 addresses. The capability is available in all AWS Commercial Regions, AWS GovCloud (US), and China Regions and works via the AWS Console, AWS CLI, and standard SSH/RDP clients. It maintains backward compatibility with existing IPv4 deployments.

AWS PCS Adds Slurm Node Reboot, Available in All Regions

🔁 AWS Parallel Computing Service (PCS) now supports rebooting compute nodes using Slurm commands without triggering instance replacement. You can use the scontrol reboot command with options for immediate or deferred reboots to troubleshoot, perform resource cleanup, or recover from degraded states. This capability is available in all PCS-supported AWS Regions and helps teams maintain cluster health more efficiently while reducing costs associated with unnecessary instance replacements.

AWS PCS allows dynamic Slurm cluster configuration

🔧 AWS Parallel Computing Service (AWS PCS) now lets you change key Slurm workload manager settings on live clusters without rebuilding them. Administrators can update accounting and workload management parameters via the AWS Management Console, AWS CLI, or AWS SDK. This change reduces operational disruption and enables faster adaptation to evolving HPC requirements. Changes are available in all regions where AWS PCS is offered.

AWS PCS Expands Slurm Configuration with 60+ Settings

🔧 AWS Parallel Computing Service (AWS PCS) now supports over 60 additional Slurm configuration parameters, giving administrators finer control of job scheduling, resource allocation, access permissions, and job lifecycle behavior. New options include queue-specific priority policies, preemption rules, custom time and resource limits, and account-level access controls. Per-job execution behaviors and QoS tuning help run multi-team production HPC environments more efficiently. The expanded settings are available in all AWS PCS regions.

AWS Clean Rooms Adds Data Access Budgets and Limits

🔒 AWS Clean Rooms now supports data access budgets for tables in a collaboration, letting data owners limit how often their data can be analyzed for custom ML training, inference, SQL queries, or PySpark jobs. Administrators can set daily, weekly, or monthly refresh budgets, lifetime caps, or both; once a budget is exhausted the system blocks further analyses until the budget refreshes. Budgets may be edited or reset at any time to suit changing needs. This privacy control reduces unintended data exposure while maintaining collaborative analysis.

Cohere Embed v4 Multimodal Embeddings on Amazon Bedrock

🚀 Amazon Bedrock now supports Cohere Embed v4, a multimodal embedding model that generates high-quality embeddings for text, images, and complex business documents. The model natively processes tables, charts, diagrams, code snippets, and handwritten notes, reducing the need for extensive preprocessing and data cleanup. It supports over 100 languages and includes industry fine-tuning for finance, healthcare, and manufacturing. Cohere Embed v4 is available for on-demand inference in select AWS Regions; access is requested via the Bedrock console.