All news with #aws tag

🔒 The Zeroday Cloud competition in London, hosted by Wiz Research with support from AWS, Microsoft, and Google Cloud, awarded $320,000 to teams that demonstrated 11 zero-day remote code execution vulnerabilities. Exploits affected critical cloud components including Redis, PostgreSQL, MariaDB, Grafana, and a Linux-kernel container escape that broke tenant isolation. Team Xint Code earned the top prize of $90,000. Attempts against AI tooling such as vLLM and Ollama were made but failed due to time exhaustion.

⚠️ Amazon's GuardDuty team is tracking an ongoing cryptomining campaign that uses compromised Identity and Access Management (IAM) credentials to abuse EC2 and ECS resources. The attacker deployed an yenik65958/secret Docker Hub image containing the SBRMiner-MULTI miner and configured large ECS tasks and auto-scaling EC2 groups to maximize mining. The actor also enabled instance termination protection to hinder remediation; Amazon has removed the malicious image, alerted affected customers, and recommends rotating compromised IAM credentials while following GuardDuty mitigation guidance.

🔁 This post explains a Python-based solution to migrate automation rules from Security Hub CSPM (ASFF) to the new Security Hub that adopts the open OCSF schema. The toolkit discovers rules across specified Regions, evaluates each rule against predefined ASFF→OCSF field mappings, and converts compatible rules into a CloudFormation template preserving order and Regional context. Actions or criteria without OCSF equivalents are flagged or partially migrated; migrated rules are created in a DISABLED state by default to allow review and testing. The package includes discovery, transformation, and template-generation scripts plus a migration report to guide manual adjustments.

🚀 AWS Databases including Amazon Aurora PostgreSQL, Amazon Aurora DSQL, and Amazon DynamoDB are now generally available on the Vercel Marketplace, allowing developers to create and connect to managed databases directly from Vercel in seconds. You can provision a new AWS account from Vercel that includes access to these databases and $100 USD in credits usable for up to six months, and manage billing and usage via the AWS settings portal in the Vercel dashboard. Serverless options support scale-to-zero economics and are available in multiple Regions including US East, US West, Europe, and Asia Pacific.

📊 Administrators and support teams can now monitor the health and performance of Amazon WorkSpaces Applications fleets, sessions, instances, and users through a new set of Amazon CloudWatch metrics. These metrics can be enabled across fleets from the CloudWatch console and dynamically update to reflect current state, simplifying troubleshooting of end-user streaming sessions and performance investigations. To receive the metrics, fleets must use a WorkSpaces Applications image with the agent released on or after December 06, 2025, or be updated via Managed WorkSpaces Applications image updates released on or after December 05, 2025; metrics are available in AWS commercial and AWS GovCloud (US) Regions where the service operates.

📄 AWS Billing Conductor now supports service-specific custom line items scoped to a single AWS service or a selected set of services. Customers can control whether these line items appear itemized or consolidated in pro forma billing artifacts such as the Bills Page, Cost Explorer, and Cost and Usage Records. The enhancement enables more precise charge-back and re-billing workflows, including applying discounts to Saving Plans fees or allocating shared support charges. This capability is available now across AWS commercial Regions, excluding China.

🔒 Amazon Elastic Container Registry (ECR) Public now supports PrivateLink for the US East (N. Virginia) SDK endpoint. This enables private, secure connectivity from an Amazon VPC to the ECR Public SDK endpoint, reducing exposure to the public internet. Organizations can maintain network privacy, meet stricter security requirements, and simplify access patterns when creating and managing ECR Public repositories. Use cases include protecting sensitive image pulls and streamlining CI/CD network architecture.

🚀 Amazon Web Services has introduced OI2 instances for Amazon OpenSearch Service, expanding the OpenSearch Optimized Instance family with sizes from large to 24xlarge and up to 22.5 TB of storage. The OI2 instances use the same architecture as OR2, pairing compute and 3rd-generation AWS Nitro SSDs for caching with remote S3-based managed storage, delivering up to 9% higher indexing throughput versus OR2 and up to 33% versus I8g in AWS internal benchmarks. OI2 is offered with pay-as-you-go and reserved pricing and is available in 12 AWS regions globally.

🚀 Starting today, Amazon EC2 R8g instances powered by AWS Graviton4 are available in AWS Europe (Paris) and Asia Pacific (Hyderabad). These memory-optimized instances deliver up to 30% better performance compared to Graviton3-based R7g instances and offer larger sizes—up to 48xlarge and 1.5 TB of memory. R8g provides up to 50 Gbps enhanced networking and up to 40 Gbps EBS bandwidth, and is built on the AWS Nitro System to improve performance and platform-level security; it is ideal for databases, in-memory caches, and real-time big data analytics.

🌐 Amazon Redshift Serverless is now generally available in a dual-stack mode that supports IPv6 alongside IPv4. Administrators can create new workgroups or modify existing workgroups to enable IPv6 addressing or choose IPv4-only configurations within AWS VPCs. This capability allows Redshift warehouses to be deployed in IPv6-enabled subnets and lets applications communicate using either protocol. The feature is available in all AWS commercial regions.

🚀 Amazon EC2 M8g instances are now available in Asia Pacific (Thailand, Jakarta, Melbourne) and AWS Middle East (UAE) regions. Powered by AWS Graviton4, they deliver up to 30% better performance compared to Graviton3-based instances and offer larger sizes with up to 3× more vCPUs and memory than M7g. M8g provides up to 50 Gbps enhanced networking and up to 40 Gbps EBS bandwidth across 12 instance sizes, including two bare metal options. Built on the AWS Nitro System, these general-purpose instances target application servers, microservices, gaming servers, midsize data stores, and caching fleets.

🔐 AWS Payment Cryptography is now available in Asia Pacific (Hyderabad) and Europe (Paris), enabling customers with latency-sensitive payment applications to deploy or migrate cryptographic operations closer to their workloads. The fully managed service simplifies payment-specific cryptographic operations and key management, scales elastically, and is assessed for PCI PIN and PCI P2PE compliance. Organizations can reduce dependence on dedicated payment HSMs and use these regions for additional multi-region high availability.

🔒 Administrators can now require buyers to provide purchase orders when subscribing to products through AWS Marketplace, with requirements enforceable for both public and private offers and across multiple pricing models. Administrators may also add a custom message on the procurement page to communicate policy guidance, approval steps, and support contacts. These capabilities integrate with Private Marketplace, enabling curated catalogs and centralized governance without blocking purchasing agility. The controls help finance, procurement, and software-asset teams improve cost allocation, ensure compliance at point of sale, and streamline procurement-to-pay.

🔐 AWS Payment Cryptography is now available in the Australia (Sydney) Region and adds AS2805 functionality. The update enables migration of node-to-node payment workloads to an elastic, AWS-managed service that uses PCI-certified HSMs, removing the need for standalone hardware appliances. The service integrates with AWS IAM and AWS CloudTrail and supports standard AWS CLI/SDK tooling to simplify deployment and compliance verification.

🔔 AWS has expanded IAM Identity Center to 37 AWS Regions with official availability in Asia Pacific (Taipei). The service is the recommended way to manage workforce access, offering single sign-on, centralized multi-account access, and integration with existing identity sources. It powers personalized experiences in AWS applications such as Amazon Q and supports user-aware data access controls for services like Amazon Redshift. IAM Identity Center is available at no additional cost in supported regions.

🔁 Amazon OpenSearch Service introduces a multi-tier storage option using OpenSearch Optimized (OI2) instances that combine local instance storage with Amazon S3 to enhance durability and performance. The architecture provides a hot tier for frequently accessed data and a writeable warm tier on OI2 (sizes large–8xlarge) that supports writes and automated age-based rotation via Index State Management. Warm capacity is addressable up to five times the local cache, and standard Managed Storage charges apply.

🔒 AWS Security Incident Response is now available in ten additional opt-in AWS Regions across Africa, Asia Pacific, Europe, and the Middle East. The service streamlines the incident response lifecycle through automated security finding monitoring and triage, AI-powered investigation, and containment capabilities. Customers also receive 24/7 direct access to a dedicated AWS security team that responds within minutes, helping scale operations, accelerate recovery, and reduce operational overhead.

🚀 Amazon EC2 C8i and C8i-flex instances are now available in the Asia Pacific (Singapore) region, powered by custom Intel Xeon 6 processors built exclusively for AWS. These instances provide up to 15% better price-performance and 2.5x the memory bandwidth compared with previous Intel-based EC2 generations, and up to 20% higher performance versus C7i instances. AWS highlights workload-specific improvements — up to 60% faster for NGINX, 40% for deep learning recommendation models, and 35% for Memcached — and positions C8i-flex for many compute-intensive, partially utilized workloads while C8i targets memory-intensive, sustained-CPU use with sizes up to a new 96xlarge and two bare-metal variants. Instances can be purchased On-Demand, via Savings Plans, or Spot.

🔽 AWS reduced AWS Payment Cryptography API request prices by up to 63% and introduced a fourth pricing tier to better accommodate high-volume workloads. The update also moves key billing from a flat-rate model to tiered key pricing and unifies pricing across all Regions. Changes are effective December 15, 2025 and are applied automatically to all customers. The managed service supports PCI-aligned cryptographic operations, helping organizations reduce reliance on dedicated payment HSMs and scale key management and payment processing more cost-effectively.

⚠️ Amazon GuardDuty and AWS automated monitoring identified a coordinated crypto‑mining campaign beginning November 2, 2025, that used compromised IAM credentials to deploy miners on Amazon EC2 and Amazon ECS. Attackers enumerated quotas and permissions, launched large EC2 fleets and ECS Fargate tasks from a malicious Docker Hub image, and used persistence techniques such as disabling API termination and creating public Lambda URLs. GuardDuty Extended Threat Detection correlated signals to surface critical attack sequences and AWS provides IoCs and mitigation guidance including strong identity controls, CloudTrail logging, Runtime Monitoring, and remediation playbooks.