All news in category "Vendor and Hyperscaler Watch"

Microsoft Outlook stops displaying inline SVG images

🔒 Microsoft will no longer display inline SVG images in Outlook for Web and the new Outlook for Windows; users will instead see blank spaces where those images would have appeared. The global rollout began in early September 2025 and is expected to complete by mid‑October 2025, with Microsoft estimating the change will affect less than 0.1% of images. SVG files sent as classic attachments will continue to be viewable from the attachment well to limit user disruption.

AWS Directory Service: Programmatic Edition Upgrades

🔁 AWS now lets customers upgrade Managed Microsoft AD from Standard to Enterprise Edition programmatically using the UpdateDirectorySetup API. The self-service workflow removes the need to open support tickets and automates pre-upgrade snapshots and sequential domain controller upgrades to preserve availability. Edition upgrades are available via the AWS SDK in all Directory Service regions and can be integrated with existing automation and infrastructure-as-code pipelines for on-demand scaling.

Microsoft Named a Leader in IDC MarketScape for XDR

🔒 Microsoft has been named a Leader in the IDC MarketScape: Worldwide Extended Detection and Response Software 2025 assessment. Microsoft Defender XDR is highlighted for broad signal coverage across endpoints, identities, email and collaboration, SaaS apps, cloud workloads, and data, plus AI-driven automation and native SIEM integration that consolidate visibility and accelerate response. IDC also cited Microsoft Security Copilot and automatic attack disruption as key differentiators that reduce dwell time and free SOC teams to focus on higher-value tasks.

Amazon Connect Adds Agent Screen Recording for ChromeOS

🎥 Amazon Connect now supports agent screen recording for ChromeOS devices, enabling supervisors and quality teams to capture agents' on-screen activity while handling voice calls, chats, and tasks. The capability complements audio recordings and chat transcripts to surface coaching opportunities and identify process non‑compliance. Screen recording is available in all AWS Regions where Amazon Connect operates. Refer to documentation and the pricing page for technical and billing details.

Defending Against npm Supply Chain Threats and Worms

🔒 In September, attackers used stolen maintainer credentials to inject malicious payloads into widely used npm packages such as chalk and debug, followed by the self‑propagating Shai‑Hulud worm that harvested npm tokens, GitHub PATs, and cloud credentials. The compromised packages and postinstall scripts allowed silent interception of cryptocurrency activity and automated propagation across developer environments. AWS recommends immediate actions: audit dependencies, rotate secrets, inspect CI/CD pipelines for unauthorized workflows or injected scripts, and use Amazon Inspector to detect malicious packages and share validated intelligence with OpenSSF.

AWS Direct Connect adds 10G/100G with MACsec in Makati City

🔒 AWS has expanded AWS Direct Connect capacity at the ePLDT data center near Makati City, Philippines, adding 10 Gbps and 100 Gbps dedicated connections with MACsec encryption. Customers at this Direct Connect location can establish private, direct access to all public AWS Regions (except those in China), AWS GovCloud Regions, and AWS Local Zones. The update delivers higher throughput and enhanced in‑flight protection for hybrid and colocated workloads, improving performance and security compared with internet-based connectivity.

Microsoft Defender Bug Triggers False BIOS Update Alerts

⚠️ Microsoft is addressing a logic bug in Microsoft Defender for Endpoint that causes some Dell devices' BIOS firmware to be incorrectly marked as outdated, prompting unnecessary update alerts to users. The company says a fix has been developed and is being prepared for deployment, but it has not disclosed the regions or number of customers affected. Microsoft also recently resolved macOS black screen crashes linked to a deadlock in the Apple enterprise security framework and has been correcting several anti-spam and machine-learning false positives impacting Teams and Exchange Online.

Service Desk as Attack Vector: Defend with Workflows

🔐 The service desk is now a primary enterprise perimeter for attackers, with social-engineering groups like Scattered Spider converting routine requests into broad access — as seen in high-impact incidents such as MGM Resorts and Clorox. Training matters but is not enough; verification must be a security-owned, auditable workflow rather than an agent’s discretionary call. Implement mandatory controls so agents never view credentials, apply role-based verification depths, and use points-based contingency checks when MFA fails. Integrate the flow with ITSM so tickets launch verification automatically, returning results and telemetry for alerting and audit.

Amazon Connect adds customer input for outbound calls

📞 Amazon Connect now supports Get Customer Input and Store Customer Input flow blocks for outbound voice whisper flows. The Get Customer Input block plays a prompt after a customer answers but before the agent connects, capturing responses via DTMF or an Amazon Lex bot. Use cases include obtaining consent for call recording and triggering Contact Lens recording and analytics. The capability is available in all AWS commercial regions and AWS GovCloud (US-West).

AWS Config Advanced Queries, Aggregators in New Zealand

🔔 AWS has expanded AWS Config advanced queries and configuration aggregators to the Asia Pacific (New Zealand) region. Advanced queries provide a single query endpoint and a query language to retrieve current resource configuration and compliance state without issuing service-specific describe API calls. Aggregators enable centralized visibility by collecting configuration and compliance data from multiple accounts and Regions or across an AWS Organization. These capabilities are accessible from the AWS Console and AWS CLI and, with this expansion, are now available in all supported regions.

AWS Builder ID Now Adds 'Sign in with Google' Support

🔐 AWS now lets individuals create an AWS Builder ID using Sign in with Google, enabling one-click access to AWS applications such as Kiro, AWS Builder Center, AWS Training and Certification, re:Post, and AWS Startups. This personal profile remains separate from AWS account credentials and persists across a user's education and career. The integration simplifies registration, reduces password friction, and streamlines returning-user sign-in.

Amazon GameLift Servers: View and Connect Instances

🔍 Today, Amazon GameLift Servers added console capabilities to view and connect to individual fleet instances directly from the EC2 and Container Fleet Detail pages. A new Instances tab lists associated hosts and each instance has a details page presenting human-readable metadata (also available via GameLift Server APIs). From the list or detail view you can press a Connect button to open a modal and launch AWS CloudShell to start an SSM session into the instance, enabling hands-on inspection, log retrieval, and faster diagnosis of network and health issues.

Open-Source MCP Server for Amazon Bedrock AgentCore

🚀 The open-source Model Context Protocol (MCP) Server is now available for Amazon Bedrock AgentCore, providing a standardized interface that enables developers to analyze, transform, and deploy production-ready AI agents within their preferred development environments. The release includes one-click installation and integrates with agentic IDEs like Kiro and AI coding assistants such as Claude Code, Cursor, and the Amazon Q Developer CLI. Developers can use natural language to iteratively build agents, convert agent logic to the AgentCore SDK, and deploy into development accounts. Documentation and installation instructions are published in the MCP Server GitHub repository, with additional implementation guidance and pricing details available in the AgentCore documentation and pricing resources.

Amazon Neptune Integrates with GraphStorm for Real-Time GNNs

🚀 Amazon Neptune now integrates with GraphStorm, enabling developers to deploy graph neural network models for real-time inference directly against transactional graph data. Trained GNNs can query Neptune for subgraph neighborhoods on demand and return predictions such as node classification or link prediction in sub-second timeframes. This supports use cases like fraud detection, dynamic recommendations, and continuous risk scoring while combining inference with analytics.

AWS Secrets Manager PrivateLink Support for FIPS Endpoints

🔐 AWS Secrets Manager now supports AWS PrivateLink with all Secrets Manager Federal Information Processing Standard (FIPS) endpoints available in commercial AWS Regions and the AWS GovCloud (US) Regions. With this launch you can establish a private connection between your VPC and Secrets Manager FIPS endpoints instead of connecting over the public internet. This capability helps organizations meet compliance and regulatory requirements that limit public internet connectivity.

Amazon Cognito adds configurable terms and privacy URLs

🔒 Amazon Cognito now lets customers configure terms of use and privacy policy document URLs directly in Managed Login pages so legal notices are presented during user registration without custom coding. You can assign URLs per app client and provide language-specific links tied to the lang query-parameter for localized experiences. This simplifies implementation, reduces development effort, and is available to Essentials and Plus tier customers, including AWS GovCloud (US).

Google Pixel Phones Added to DoDIN APL for Federal Use

🔒 Google Pixel phones have been added to the DoDIN APL, allowing federal agencies to procure devices that meet Department of Defense network security requirements. Pixel 9 hardware and integrated on-device protections combine with Google Cloud for secure remote management, 5G connectivity, and AI-enabled workflows. Use cases include secure field capture, centralized analytics, and pilots such as TrackInspect for transit infrastructure safety.

Google Cloud Releases Generative Media Models on Vertex AI

🎨Google Cloud announced General Availability and feature updates for its generative media models on Vertex AI, including Gemini 2.5 Flash Image, Veo 3, Imagen 4, and Gemini 2.5 TTS. The release emphasizes production readiness and enterprise security while adding multi‑aspect ratio image generation, batch image processing, vertical 9:16 video formats with precise duration controls, and studio‑quality multi‑speaker text‑to‑speech across 70+ languages. These enhancements target teams seeking faster, controlled, and scalable cross‑format media workflows for sight, sound, and motion.

Automating Pentest Delivery: Seven High-Impact Workflows

🔁 Penetration testing delivery must evolve from static, manual reports to automated, real-time workflows that shorten remediation cycles and improve visibility. This contributed piece highlights seven practical automation workflows — from auto-creating remediation tickets in Jira or ServiceNow to auto-closing informational findings — that reduce triage noise and accelerate fixes. Implementing targeted rules and alerts ensures findings reach the right teams immediately and supports continuous testing practices.

Amazon EC2 Instance Connect Endpoint Adds IPv6 Support

🌐 Amazon EC2 Instance Connect Endpoint now supports IPv6 connectivity. Customers can configure endpoints as dual-stack or IPv6-only to connect to instances with IPv6 addresses and continue using SSH and RDP without public IPv4 addresses. The capability is available in all AWS Commercial Regions, AWS GovCloud (US), and China Regions and works via the AWS Console, AWS CLI, and standard SSH/RDP clients. It maintains backward compatibility with existing IPv4 deployments.