All news with #aws tag

🔒 Amazon Threat Intelligence disrupted active operations attributed to GRU-linked hackers who targeted customer cloud infrastructure by abusing misconfigured edge devices. The multi-year campaign, observed since 2021 and focused on Western critical infrastructure and the energy sector, shifted in 2025 from zero-day exploitation to targeting exposed management interfaces on routers, VPN gateways, and network management appliances. Amazon isolated compromised EC2 instances, shared indicators, and advised audits, credential monitoring, and AWS controls like isolating management interfaces, restricting security groups, and enabling CloudTrail, GuardDuty, and VPC Flow Logs.

🔧 AWS IoT Device Management commands now support dynamic payloads and parameter validation, allowing developers to create reusable command templates with placeholders that are populated at execution time. Parameter validation rules verify values before execution to reduce errors and enforce expected formats or ranges. This makes it easier to send similar commands with variable settings—such as different thermostat temperatures—while streamlining command management across device fleets.

🔔 Amazon Connect real-time metric alerts now report the specific agents, queues, contact flows, or routing profiles that exceeded thresholds, eliminating the need for manual investigation. For example, alerts on elevated queue wait times will include the exact queues affected so managers can reassign staff promptly. These enriched notifications can be delivered via email, Tasks, and Amazon EventBridge, and the capability is available in all regions where Amazon Connect is offered. The change is designed to accelerate operational response and improve customer experience.

🔌 AWS opened a new AWS Direct Connect location at the CMC Tower in Hanoi, Vietnam, enabling private, dedicated network access to all public AWS Regions (except China), AWS GovCloud Regions, and AWS Local Zones. The site offers dedicated 1 Gbps, 10 Gbps, and 100 Gbps connections, with MACsec encryption available for 10 Gbps and 100 Gbps links. This is the first Direct Connect location in Vietnam and is designed to deliver a more consistent network experience than internet-based connections. Organizations can use this location to establish private, physical connections between AWS and their data centers, offices, or colocation environments.

🚨 Amazon detected a campaign on Nov 2, 2025 that used compromised IAM credentials to rapidly deploy cryptocurrency miners across ECS Fargate and EC2, with miners running within ten minutes of initial access. The adversary used DryRun-based discovery to validate permissions, created service-linked roles and dozens of ECS clusters, and registered a malicious DockerHub image to launch mining with the RandomVIREL algorithm. Attackers also set disableApiTermination=True on EC2 instances to hinder remediation; Amazon recommends enforcing MFA, least privilege, temporary credentials, container scanning, CloudTrail logging and enabling GuardDuty.

📁 AWS Artifact now provides self-service access to previous versions of compliance reports, eliminating the need to contact AWS Support or account representatives. Customers with the IAM permission artifact:ListReportVersions—included in the managed policy AWSArtifactReportsReadOnlyAccess—can view prior SOC, ISO, and C5 report versions directly in the console by selecting available versions. Availability of historical coverage varies by compliance program, and the feature is generally available in US East (N. Virginia) and AWS GovCloud (US-West).

🚀Amazon announced that SageMaker AI is now available in the Asia Pacific (New Zealand) AWS Region. Starting today, developers and data scientists in New Zealand can build, train, and deploy machine learning models locally using the fully managed SageMaker AI platform. The service removes much of the operational overhead across the ML lifecycle, helping teams move from experimentation to production more quickly and consistently. Customers should review AWS documentation and pricing to get started.

🔗 AWS Security Incident Response now integrates with Slack, enabling bidirectional case creation and automatic data replication so teams can create and update cases from either the Security Incident Response console or Slack. Each case is mapped to a dedicated Slack channel with comments and attachments syncing instantly, and responders are added automatically to accelerate engagement. The open-source solution on GitHub leverages EventBridge and a modular architecture and includes guidance for using AI assistants such as Amazon Q Developer or Kiro to extend integration targets beyond Slack.

🌿 AWS now publishes customer carbon footprint data within 21 days of usage, reducing the previous reporting lag of up to three months. Estimates are published between the 15th and 21st of the month following usage and are available via the Customer Carbon Footprint Tool (CCFT) in the AWS Billing and Cost Management console. The CCFT dashboard retains 38 months of historical data to support trend analysis and faster emissions and cost-reduction decisions.

🚀 Amazon Web Services has expanded availability of EC2 M8i instances to Asia Pacific (Seoul, Tokyo, Sydney, Singapore) and Canada (Central). Powered by AWS-exclusive Intel Xeon 6 processors, M8i offers up to 15% better price-performance and 2.5x memory bandwidth versus prior Intel-based instances, and up to 20% higher performance than M7i. These SAP-certified general purpose instances include 13 sizes, two bare-metal options, and a new 96xlarge for the largest workloads.

🛡️ Amazon's threat intelligence team disclosed a years-long campaign tied with high confidence to the GRU-affiliated APT44 (also tracked as FROZENBARENTS/Sandworm), which targeted Western critical infrastructure from 2021–2025. The actor shifted from zero-day exploitation to abusing misconfigured customer network edge devices and exposed management interfaces on AWS-hosted instances, enabling packet capture, credential harvesting, and credential replay against energy, telecom, and cloud providers. Amazon observed exploitation of WatchGuard (CVE-2022-26318), Atlassian Confluence (CVE-2021-26084, CVE-2023-22518), and Veeam (CVE-2023-27532), notified affected customers, disrupted active operations, and recommended audits, stronger authentication, and monitoring for unexpected access and credential replay.

🔒 Amazon Threat Intelligence has attributed with high confidence a years‑long campaign to Russia’s GRU, noting a shift in 2025 from exploiting software flaws to compromising misconfigured customer network edge devices. The actor has targeted enterprise routers, VPN concentrators, network management appliances and cloud-hosted edge instances, including some hosted on AWS, to gain initial access. This tactic supports credential harvesting, replay attacks and lateral movement while reducing attacker exposure and resource expenditure.

🧠 Amazon Quick Suite now adds memory to its chat agents, enabling personalized responses based on prior conversations and stated preferences. The feature stores inferred user preferences—such as response format, acronyms, dashboards, and integrations—and lets users view and remove any remembered items. Users may also choose Private Mode, in which chats are not used to infer memories. Memory is currently available in US East (N. Virginia) and US West (Oregon).

🔁 The Amazon Quick Suite browser extension now supports Amazon Quick Flows, enabling users to run workflows directly in their web browser without manually extracting page data. You can invoke flows you created or that were shared with you and pass web page content as input while staying on the site. This supports routine tasks like contract analysis and dashboard report generation. The capability is available in select regions with no extra extension fees beyond standard Quick Flows usage.

🔔 AWS Clean Rooms now publishes events to Amazon EventBridge to signal new member invitations and table readiness. Invited collaborators receive immediate EventBridge notifications when added to a collaboration, and members are alerted when AWS Entity Resolution resources (ID mapping tables and namespaces) are associated. This enables automated, near-real-time workflows, reduces manual polling, and shortens time-to-action from hours to minutes. Organizations can more quickly start analyses and increase transparency between collaborators.

📊 You can now enable CloudWatch metrics for Route 53 Resolver endpoints to monitor per-endpoint DNS performance and the health of target name servers. The metrics include query response latency plus counts of SERVFAIL, NXDOMAIN, REFUSED and FORMERR responses, and timeouts for outbound target servers. These details make it easier to troubleshoot hybrid DNS resolution issues and build alerts and dashboards; standard CloudWatch and Resolver endpoint charges apply.

🔒AWS Security details its incident response to multiple high-scale npm supply chain campaigns, including the compromised Nx package, the Shai-Hulud worm, and a token-farming operation detected by Amazon Inspector. Teams enacted rapid containment (repository blocklisting, OpenSSF registration), performed deep analysis using AI-assisted detonation in sandboxes, and automated disclosures to protect customers. The effort produced improved behavioral detections, GenAI prompt guardrails for Amazon Q, and strengthened collaboration with the security community to reduce future exposure.

🚀Amazon Elastic VMware Service (Amazon EVS) is now available in all availability zones within six additional AWS Regions, expanding options for running VMware workloads on AWS Nitro-powered EC2 bare-metal. You can deploy a complete VMware Cloud Foundation environment in hours using the guided workflow or CLI automation, accelerating migrations and data center exits. This expansion improves latency, supports data residency requirements, and adds redundancy choices for high availability.

📣 Amazon Connect now supports two new evaluation question types to capture deeper insights on human and AI agent performance. Managers can add multiple-selection questions to record several items—such as products a customer was interested in—and date fields to log events like when an application was submitted and approved. These features are available in all regions where Amazon Connect is offered.

🚀 Starting today, Amazon Managed Service for Apache Flink is available in the AWS Asia Pacific (Auckland) Region to help customers build and operate real-time stream processing applications with lower latency and simpler operations. The managed service reduces the complexity of deploying and maintaining Apache Flink applications and integrates with Amazon MSK, Amazon Kinesis Data Streams, Amazon OpenSearch Service, DynamoDB Streams, Amazon S3 and custom connectors. This regional launch enables local teams to accelerate streaming analytics, continuous ETL, monitoring, and event-driven processing while avoiding direct cluster management.