All news in category "Vendor and Hyperscaler Watch"

AWS Transfer Family Terraform Module Adds Malware Scanning

🛡️ AWS has updated the Transfer Family Terraform module to support automated malware scanning workflows for files transferred to S3. The module provisions GuardDuty S3 Protection–based scan pipelines, dynamic routing based on results, and threat notifications in a single deployment. It preserves folder structure, allows granular S3 prefix targeting, and helps ensure only verified clean files reach applications and data lakes.

Amazon Polly adds five voices and three Asia Pacific regions

🎧 Amazon Polly now offers five new Generative TTS voices—Austrian German (Hannah), Irish English (Niamh), Brazilian Portuguese (Camila), Belgian Dutch (Lisa), and Korean (Seoyeon)—bringing the Generative engine to thirty-one voices across twenty locales. The Generative engine is generally available in three new Asia Pacific regions: Asia Pacific (Seoul), Asia Pacific (Singapore), and Asia Pacific (Tokyo), and all Generative voices are now available in US East (N. Virginia), Europe (Frankfurt), and US West (Oregon). These updates expand Amazon Polly's managed text-to-speech capabilities for conversational AI and speech content creation.

Fortinet and CSI Launch Global Cybercrime Bounty Program

🛡️ Fortinet and Crime Stoppers International (CSI) have launched the Cybercrime Bounty program, a global initiative enabling secure, anonymous reporting of cybercriminal activity. Validated reports will feed Fortinet’s threat intelligence to support law enforcement investigations and potential prosecutions. The program scales deterrence by combining community-sourced tips with expert analysis, building on decades of Fortinet collaboration with INTERPOL and other public-private partners.

Cloudflare outage disrupts global network services

⚠️ Cloudflare is investigating an outage that has produced widespread 500 internal server errors and impacted its Dashboard and API, disrupting access to numerous customer websites and platforms. The company first reported support portal availability issues and then an incident at 11:48 UTC affecting the Cloudflare Global Network, with multiple European nodes observed offline. Downdetector logged tens of thousands of reports, and Cloudflare says it is working to mitigate the incident; partial recovery has been reported for Access and WARP while remediation continues for application services.

Snort3 Adds Severity-Based Rule Grouping for Flexibility

🔔 Cisco Talos has introduced a new Severity rule group for Snort3 in Cisco Secure Firewall, grouping detection rules by CVSS-derived severity tiers (low, medium, high, critical). Administrators can set coverage by time range — from the last two years up to all historical vulnerabilities — to balance detection depth and performance. This makes it easier to align rules with patch cycles, compliance needs, and organizational risk priorities while reducing manual tuning.

AWS launches Storage-Optimized EC2 I7i instances in regions

🚀 AWS has made high performance, storage-optimized Amazon EC2 I7i instances available in Asia Pacific (Melbourne, Mumbai, Osaka) and Middle East (UAE) regions. Powered by 5th‑generation Intel Xeon Scalable processors and 3rd‑generation AWS Nitro SSDs, I7i delivers up to 23% better compute performance and more than 10% better price performance versus prior I4i instances. I7i offers up to 45 TB of NVMe storage with significant reductions in storage I/O latency and variability, supports torn-write prevention up to 16 KB blocks, and is offered in eleven sizes including bare metal, with up to 100 Gbps network and 60 Gbps EBS bandwidth.

AWS Lambda Adds Python 3.14 Managed Runtime Support

🔔 AWS Lambda now supports Python 3.14 for both managed runtimes and as a container base image. AWS will automatically apply updates to the managed runtime and base image as they become available, reducing maintenance overhead. The runtime is available in all Regions, including AWS GovCloud (US) and China Regions, and is supported for Lambda@Edge in applicable Regions. Developers can deploy using the Lambda console, AWS CLI, AWS SAM, AWS CDK, and CloudFormation, and Powertools for AWS Lambda (Python) also supports Python 3.14.

AWS Backup releases low-cost warm storage for S3 backups

🚀 AWS Backup introduces a low-cost warm storage tier for Amazon S3 backups that can cut storage costs by up to 30%. After S3 backup data resides in a vault for 60 days (configurable to a longer period), you can automatically move it to the new tier while preserving the same performance and features, including ransomware protection, recovery, and auditing. Automatic tiering can be enabled at the account, vault, or bucket level and is available in all Regions where AWS Backup for S3 is offered; a one-time transition fee applies.

CloudFormation introduces drift-aware change sets for IaC

🔁 AWS CloudFormation now offers drift-aware change sets to detect and reconcile configuration drift by comparing a new template, the last-deployed template, and the live infrastructure state. The feature lets you preview deployment impacts on drifted resources, avoid unintended overwrites, and revert out-of-band changes. Create a change set in the console as “Drift-aware” or call CreateChangeSet with --deployment-mode REVERT_DRIFT. Available in Regions where CloudFormation is offered.

AWS launches Supplementary Packages for Amazon Linux

📦 AWS announced the general availability of Supplementary Packages for Amazon Linux (SPAL), a curated repository offering thousands of pre-built EPEL9-compatible packages for Amazon Linux 2023 (AL2023). SPAL reduces the need to compile software from source, accelerating deployments and lowering operational overhead for developers, system administrators, and DevOps teams. Packages are derived from community EPEL9 sources with AWS applying security patches as they become available upstream. SPAL is available across all AWS Commercial Regions, including GovCloud and China.

Amazon MSK Replicator expands to Hyderabad and Malaysia

🔁 Amazon Web Services has expanded MSK Replicator to the Asia Pacific (Hyderabad) and Asia Pacific (Malaysia) Regions, enabling customers to replicate streaming data between Amazon MSK clusters. MSK Replicator automates asynchronous replication and preserves Kafka metadata such as topic configurations, ACLs, and consumer offsets, while automatically scaling underlying resources. The feature simplifies failover and regional resilience and is available from the MSK console or CLI.

Amazon Redshift JIT ANALYZE for Apache Iceberg tables

📈 Amazon Redshift now supports Just‑In‑Time (JIT) ANALYZE for Apache Iceberg tables, automatically collecting table‑ and column‑level statistics during query execution. The feature uses intelligent heuristics and lightweight sketch data structures to determine when runtime statistics will improve optimizer decisions and to build high‑quality statistics on the fly. JIT ANALYZE is generally available in all AWS regions with Redshift and requires no configuration changes to begin improving query plans and performance.

Amazon Redshift Adds SUPER Type for Case-Insensitive DBs

🧩 Amazon Redshift now supports the SUPER data type in databases configured with case-insensitive collation, enabling analytics on semi-structured and nested data alongside structured SQL types. Using PartiQL, users can query JSON and mixed data without additional normalization. The COLLATE function lets you explicitly control case sensitivity for SUPER columns. This capability is available in all AWS Regions, including AWS GovCloud (US).

CloudFormation adds pre-deploy validation and operation IDs

🔎 AWS CloudFormation now validates change sets for three common template errors—invalid property syntax, resource name conflicts with existing account resources, and S3 bucket emptiness constraints on delete—before provisioning begins. If validation fails, the change set status is marked 'FAILED' and includes detailed failure messages and property paths to pinpoint issues. Runtime failures can still occur during execution, so CloudFormation also groups stack events by a unique operation ID that you can view in the Console or via the describe-operation API to filter and diagnose failures quickly. Together these capabilities are intended to shorten deployment cycles and cut troubleshooting time from minutes to seconds.

AWS Builder Center Adds Searchable Workshops Catalog

📚 AWS Builder Center now hosts the Workshops Catalog, offering step-by-step, expert-authored tutorials that guide users through deploying and using AWS services in their own accounts. The catalog includes hundreds of workshops across categories like Machine Learning, Security, and Serverless, with filters for service, complexity (100–400), and duration. Content is localized to the Builder Center language preference and accessible with a free Builder ID for hands-on learning.

Amazon FSx for Lustre: Up to 5× Faster Directory Listing

🚀 Amazon FSx for Lustre now delivers up to 5× faster directory listing performance, reducing the time it takes to run ls and inspect file system contents. The improvement benefits interactive use cases such as home directories and source code repositories commonly used by ML researchers, data scientists, and developers. These gains are provided via the Lustre 2.15 client in all FSx regions; upgrade to 2.15 and apply the recommended client tunings to realize the speedups.

Active Threat Defense Now Default in AWS Network Firewall

🔒 Starting today, AWS Network Firewall enables active threat defense by default in alert mode when you create new firewall policies in the AWS Management Console. The feature provides automated, intelligence-driven visibility into ongoing threat activities and the indicator groups, types, and names you are protected against. You can switch to block mode to automatically prevent suspicious traffic or disable the feature entirely. AWS verifies threat indicators to reduce false positives and the capability is available in all Regions, including AWS GovCloud (US) and China.

AWS offers flat-rate CloudFront plans with built-in security

🔒 AWS is introducing flat-rate pricing plans for CloudFront that bundle global CDN delivery with built-in security (WAF, DDoS protection), Route 53 DNS, CloudWatch Logs ingestion, serverless edge compute, and monthly S3 storage credits. Plans eliminate overage charges so traffic spikes or attacks won’t trigger surprise fees. Tiers include Free, Pro ($15), Business ($200) and Premium ($1,000), and pay-as-you-go remains an option.

Cloudflare outage (18 Nov 2025): feature file duplication

⚠️ On 18 November 2025, Cloudflare experienced a major outage after a permissions change in a ClickHouse database caused duplicated metadata to be emitted into a Bot Management feature file, doubling its size. The oversized file exceeded a preallocated feature limit in the core proxy, triggering a Rust panic and widespread HTTP 5xx errors. Cloudflare halted propagation, restored a known-good file, and restarted the proxy; services were largely restored by 14:30 UTC and fully recovered by 17:06 UTC. The company apologized and pledged architectural and process hardening to prevent recurrence.

AWS Adds ML-DSA Post-Quantum Code Signing to Private CA

🔐 AWS announced support for post-quantum ML-DSA code signing in AWS Private CA, integrated with AWS KMS. The integration lets customers create ML-DSA X.509 certificate chains and generate KMS-held ML-DSA key pairs to sign binaries, enabling quantum-resistant code-signing, device authentication, and private-PKI workflows such as mTLS or IKEv2/IPsec. A provided Java Runner demonstrates CA creation, CSR issuance, CMS detached signing with SHAKE256, and signature verification against customer-managed roots.