< ciso
brief />
Vendor and Hyperscaler Watch Banner

All news in category “Vendor and Hyperscaler Watch

4625 articles · page 96 of 232

Local KTAE On-Prem Deployment and IDA Pro Plugin Integration

🔒 Kaspersky outlines the on-premise Kaspersky Threat Attribution Engine (KTAE) and a free IDA Pro plugin that embeds attribution into the reverse-engineering workflow. The local KTAE keeps all analysis inside the customer perimeter, supports adding proprietary threat groups, and enriches attribution with internal research. The Python-based plugin requires IDA Pro (not IDA Free), a local KTAE URL and an API token, then highlights code fragments that triggered the attribution.
read more →

AWS Adds Bacs Direct Debit Payment Option for UK Customers

💳 AWS now lets UK customers pay via Bacs Direct Debit, enabling automated GBP-based bank payments for AWS services. Customers can connect personal or business accounts that support the Bacs standard and authenticate through their bank’s mobile app or online banking to verify ownership. New customers select Bacs Direct Debit during sign-up; existing customers add it in the Billing console’s Payment Preferences. The option is available in UK regions at no additional cost.
read more →

From Classroom to Cyber Career — Fortinet and UniSA

🔐 Fortinet's Academic Partner Program partners with the University of South Australia to expand access to cybersecurity careers by delivering NSE training, hands-on labs, and free exam vouchers that remove financial barriers. With more than 800 partner institutions worldwide and a goal to train 1 million individuals by 2026, the initiative readies students for internships and full-time roles. Industry networking events with distributors such as Wavelink translate certification into interviews and hires, while practical lab work builds technical confidence and employability.
read more →

Third-Party Patching: Securing the Common Business Footprint

🔒 Third-party utilities — PDF readers, archives, email clients, browsers, and remote-access tools — form a predictable business footprint attackers favor because of their ubiquity and users' routine behavior. These background applications often drift unpatched across endpoints, creating high-probability targets that scale across organizations. Continuous visibility and consistent third-party patching are presented as practical levers to reduce real-world exploit risk. Organizations should inventory required tools, remove unused defaults, and prioritize remediation to shrink the exposure window.
read more →

Amazon OpenSearch Adds Insights to Improve Cluster Stability

🔍 AWS has enhanced Amazon OpenSearch Service Cluster Insights with two new detections: Cluster Overload and Suboptimal Sharding Strategy. The updates surface shard imbalances and elevated resource utilization (CPU, memory, disk I/O, throughput, and disk utilization), identify affected resources, and provide clear mitigation and scale-up recommendations. These insights are available at no additional cost for OpenSearch 2.17+ in Regions where the OpenSearch UI is offered.
read more →

Oracle Database@AWS Launches in Dublin (EU-West-1) Region

🚀 Oracle Database@AWS is now available in the EU‑West‑1 (Dublin) AWS Region, initially deployed in a single Availability Zone. The service provides access to OCI managed Oracle Exadata systems hosted within AWS data centers and supports like‑for‑like migrations of on‑premises Exadata and Oracle RAC workloads. Integrations include AWS Key Management Service for encryption and AWS CloudWatch for monitoring, helping address regional data residency requirements.
read more →

Meta Sues Advertisers Over Celeb-Bait and Cloaking Scams

🛡️ Meta said it is suing deceptive advertisers in Brazil, China, and Vietnam, suspending their payment methods, disabling related accounts, and blocking domains used in scams. The company also issued cease-and-desist letters to eight marketing consultants accused of offering ways to evade ad-policy enforcement, including fake 'un-ban' services and renting access to trusted accounts. Meta highlighted targeted celeb‑bait schemes and cloaking tactics, and said its protections now cover more than 500,000 celebrity and public-figure images.
read more →

Toxic combinations: small signals leading to incidents

🔍 Cloudflare describes how dispersed, low‑severity signals can combine into a full security incident termed “toxic combinations.” Using network-wide telemetry, Cloudflare correlates bot indicators, sensitive paths, anomalies, and misconfigurations to detect multi-step reconnaissance and exploitation before a clear exploit appears. The post outlines concrete detection queries and practical mitigations — from WAF rules and Zero Trust controls to API authentication and debug flag hygiene.
read more →

Redesigning Turnstile and Challenge Pages at Cloudflare

🔐Cloudflare describes a comprehensive redesign of its Turnstile widget and full-page Challenge Pages, interfaces that are served billions of times per day. After a detailed audit and international user testing, the team consolidated inconsistent error states into a single information architecture and simplified messaging to reduce user friction. The refresh emphasizes AAA accessibility (WCAG 2.2 AAA), clearer in-widget troubleshooting, consistent localization across 40+ languages, and subtle visual cues that lower abandonment without weakening security.
read more →

A Better Streams API: Simpler, Faster Web Streaming

🔧 Cloudflare critiques the WHATWG Web Streams design and presents a proof-of-concept alternative built around async iterables. The post catalogs practical pain points — reader locking, BYOB complexity, fragile backpressure, and heavy promise overhead — that drive implementation complexity and runtime fragmentation. The proposed model favors pull-through transforms, explicit backpressure policies, batched byte chunks, and synchronous fast paths. Benchmarks in the write-up report 2x–120x improvements in some scenarios, and a reference implementation is published for exploration.
read more →

Cloudflare Radar: origin PQ, Key Transparency, ASPA

🔐 Cloudflare Radar is adding three security-focused datasets and tools: origin-facing post-quantum (PQ) monitoring, a Key Transparency dashboard for E2EE messaging logs, and enhanced RPKI ASPA adoption tracking. The origin feature reports support for X25519MLKEM768 using an automated TLS scanner and provides an on-demand hostname tester that performs real TLS handshakes via Cloudflare Containers. Key Transparency publishes auditor verification status and APIs for independent proof checks, while routing pages gain global, country, and per-AS ASPA views together with API access for integrations.
read more →

ASPA Deployment and Roadmap for More Secure Routing

🔒 ASPA (Autonomous System Provider Authorization) introduces cryptographic path validation to reduce route leaks by allowing networks to publish signed lists of authorized upstream providers in RPKI. Unlike ROAs, which verify prefix origins, ASPA validates the AS_PATH and detects routing "valleys" that indicate leaks. Cloudflare Radar now tracks ASPA adoption across RIRs and provides per‑AS visibility so operators can see whether observed upstreams are ASPA‑authorized and monitor changes over time.
read more →

AWS IAM Identity Center Adds IPv6 in Taipei and GovCloud

🌐 AWS IAM Identity Center now supports IPv6 through dual‑stack endpoints in the AWS Asia Pacific (Taipei) and AWS GovCloud (US) Regions, completing global availability wherever IAM Identity Center is offered. Clients and browsers will resolve either IPv4 or IPv6 addresses based on network and client protocol. Administrators can find the dual-stack portal URL in the IAM Identity Center console under Settings and share it with their workforce; GovCloud deployments should consult region-specific documentation.
read more →

Amazon Bedrock Adds OpenAI-Compatible Projects API

🚀 Amazon Bedrock now offers an OpenAI-compatible Projects API within the Mantle inference engine, enabling customers to create isolated projects for separate applications, environments, or teams. Each project supports distinct IAM-based access controls and tagging to improve security boundaries and cost visibility. The feature is available for OpenAI-compatible APIs, the Responses API, and Chat Completions through Mantle. There is no additional charge beyond model inference consumption.
read more →

Amazon SageMaker HyperPod: API-driven Slurm Management

🔧 Amazon SageMaker HyperPod now supports API-driven Slurm configuration, enabling you to define Slurm topology, instance group to partition mappings, and FSx filesystem mounts directly in the cluster CreateCluster and UpdateCluster APIs or via the AWS Console. The update lets you specify node roles such as Controller, Login, and Compute per instance group and mount FSx for Lustre or FSx for OpenZFS filesystems. A new SlurmConfigStrategy (Managed, Overwrite, Merge) detects partition-node drift and controls whether updates are paused, overwritten, or merged to preserve manual customizations.
read more →

AWS Completes First ISO/IEC 42001:2023 Surveillance Audit

🔒 In November 2025, AWS completed its first surveillance audit for ISO/IEC 42001:2023 — the Artificial Intelligence Management System standard — with no findings. This follows AWS’s November 2024 announcement that several AI services, including Amazon Bedrock, Amazon Q Business, Amazon Textract, and Amazon Transcribe, were accredited under the standard. The successful no-findings outcome provides independent validation of AWS’s ongoing commitment to responsible AI practices and gives customers added assurance when building and operating AI applications on AWS.
read more →

AWS Security Agent: Multi-Agent Penetration Testing

🔒 AWS describes a multi-agent penetration testing capability in AWS Security Agent that pairs LLM-driven reasoning with specialized scanners and browser-based sign-in to automate complex assessments. The design combines baseline scanning, managed static tests, and a guided explorer that dynamically generates contextual attack tasks. A swarm of risk-focused worker agents executes tests and submits structured findings, which are then validated via deterministic checks and LLM-assisted exploit attempts and scored with CVSS to produce actionable remediation reports.
read more →

ECS Managed Instances Now Support EC2 Capacity Reservations

🔔 Amazon Elastic Container Service (ECS) Managed Instances now integrate with Amazon EC2 Capacity Reservations, letting you apply reserved capacity to managed EC2 compute while ECS handles infrastructure. Configure capacity providers with capacityOptionType=reserved and choose reservation preferences — reservations-only, reservations-first, or reservations-excluded — to balance predictability and cost. Available in all regions and configurable via Console, CLI, CloudFormation, or SDKs.
read more →

AWS Marketplace Adds Concurrent Agreements for SaaS

🔁 AWS Marketplace now supports Concurrent Agreements for SaaS and Professional Services products, enabling multiple active purchases of the same product within a single AWS account. The change removes the prior one-agreement-per-product limitation and lets different business units procure independently with separate terms and pricing. Buyers gain flexibility for mid-term expansions and repeat purchases, while sellers can close multi-unit deals immediately and avoid operational workarounds.
read more →

Amazon Connect adds dynamic dialing mode switching

🔁 AWS announced general availability of dynamic dialing mode switching for Amazon Connect Outbound Campaigns, allowing administrators to change between preview and non-preview dialing modes while a campaign is running. Previously, campaigns were locked to their initial dialing mode and required stopping and restarting to change strategy. The new capability lets contact centers adapt dialing behavior in real time to improve agent productivity and campaign efficiency without interruptions. It is available at no additional cost in all supported AWS Regions.
read more →