All news with #aws tag

AWS Managed Microsoft AD Adds LDAPS and Smart Card CA

🔐 AWS Managed Microsoft AD now supports certificate auto-enrollment for LDAPS and Smart Card authentication by integrating with AWS Private CA through the AWS Private CA Connector for AD. The integration automates issuance, renewal, and lifecycle management of domain controller certificates, removing the need to maintain CA infrastructure on Amazon EC2. This capability is available in all Regions offering the connector and can be configured via the console or API.

Tor-based Cryptojacking Campaign Shows Botnet Potential

🔒 Security researchers uncovered a variant of a campaign that abuses the TOR network and exposed Docker APIs to deploy cryptojacking and reconnaissance tooling. Akamai, which identified the activity last month, says attackers create Alpine containers, mount the host filesystem, and execute a Base64 payload that downloads a shell script from a .onion domain. The downloader alters SSH for persistence and installs utilities like masscan, torsocks and zstd while a Go-based dropper and compressed binary enable scanning and propagation.

Salesloft: GitHub Compromise Led to Drift OAuth Theft

🔒 Salesloft confirmed that a threat actor gained access to its GitHub account between March and June 2025, using that access to download repositories, add a guest user and create workflows. The attacker then moved into the Drift app environment, obtained OAuth tokens and used Drift integrations to access customers’ Salesforce instances and exfiltrate secrets. Affected customers include security vendors such as Tenable, Qualys, Palo Alto Networks, Cloudflare and Zscaler. Google Mandiant performed containment, rotated credentials and validated segmentation; the incident is now in forensic review.

Amazon EC2 R8g Instances Expand to Osaka and Canada

🚀 Amazon EC2 R8g instances are now available in AWS Asia Pacific (Osaka) and AWS Canada (Central). Powered by AWS Graviton4 processors and the AWS Nitro System, R8g delivers up to 30% better performance than Graviton3-based instances for memory‑intensive workloads. The family includes 12 sizes (two bare‑metal options), scales up to 48xlarge with 1.5 TB RAM, and offers up to 50 Gbps enhanced networking and 40 Gbps to Amazon EBS. AWS recommends the Graviton Fast Start program and Porting Advisor to help migrate workloads.

Amazon Q in Connect Lets Admins Select LLMs in UI Console

🤖Amazon Q in Connect now lets contact center administrators select different LLM model families directly from the Amazon Connect web UI. This no-code configuration enables quick switching between models to optimize for latency, cost, or complex reasoning. Administrators can choose Amazon Nova Pro for faster responses or Anthropic Claude Sonnet for complex reasoning, tailoring AI Agents to specific customer interaction types.

Amazon ElastiCache Adds Graviton3 M7g and R7g Node Families

🚀 Amazon Web Services has expanded Amazon ElastiCache to support Graviton3-based M7g and R7g node families across multiple regions including Canada (Calgary), Middle East & Africa, Europe, and Asia Pacific. Graviton3 nodes deliver improved price-performance over Graviton2, yielding up to 28% higher throughput, up to 21% better P99 latency, and up to 25% more networking bandwidth. To adopt the new instances, create a new cluster or upgrade existing clusters via the AWS Management Console and review the ElastiCache documentation for supported node types.

Amazon Redshift Serverless Available in Milan, Cape Town

🚀 Amazon Redshift Serverless is now generally available in the AWS Europe (Milan) and Africa (Cape Town) regions. With Redshift Serverless, users—data analysts, developers, and data scientists—can run analytics without provisioning or managing clusters, benefiting from automatic provisioning, intelligent scaling, and per-second compute billing. You can query data via Query Editor V2 or existing BI tools, load data from Amazon S3 (including Apache Parquet), use Redshift data shares, restore provisioned snapshots, and take advantage of unified billing for queries across these sources.

GhostAction GitHub Supply Chain Attack Exposes 3,325 Secrets

🚨 A GitHub supply chain campaign dubbed GhostAction has exposed 3,325 secrets across multiple package ecosystems and repositories. GitGuardian says attackers abused compromised maintainer accounts to insert malicious GitHub Actions workflows that trigger on push or manual dispatch, read repository secrets, and exfiltrate them via HTTP POST to an external domain. Compromised credentials include PyPI, npm, DockerHub, Cloudflare, AWS keys and database credentials; vendors were notified and many repositories reverted the changes.

AWS WAF Now Available in Asia Pacific (Taipei) Region

🛡️ AWS WAF is now available in the AWS Asia Pacific (Taipei) Region, allowing customers to deploy web application firewall protections closer to their users. The service helps protect web applications from common exploits and automated bots that can affect availability, security, or resource consumption. Note that AWS WAF Bot Control with targeted inspection and the Anti-DDoS managed rule group are not currently available in this region.

AWS WAF Adds Free Vended Logs Based on Request Volume

📣 AWS WAF now includes a free allocation of Vended Logs ingestion to CloudWatch: 500 MB for every 1 million WAF requests processed, provided at no additional cost. The allocation is applied automatically across WAF vended logs to CloudWatch, S3, and Firehose and is reconciled on your AWS bill at month end. Usage beyond the included allowance is charged at standard AWS WAF Vended Logs CloudWatch rates. This change helps reduce logging costs while preserving comprehensive security visibility and analytics.

GitHub Account Compromise Led to Salesloft Drift Breach

🔒 Salesloft says the breach tied to its Drift application began after a threat actor compromised its GitHub account. Google-owned Mandiant traced the actor, tracked as UNC6395, accessing the account from March through June 2025 and downloading repository content, adding a guest user and establishing workflows. Attackers then accessed Drift's AWS environment and obtained OAuth tokens used to reach customer data via integrations, prompting Salesloft to isolate Drift infrastructure and take the application offline on September 5, 2025. Salesloft recommends revoking API keys for third-party apps integrated with Drift, and Salesforce has restored most Salesloft integrations while keeping Drift disabled pending further remediation.

Managed Tiered Checkpointing for Amazon SageMaker HyperPod

⚡ Amazon Web Services has announced general availability of managed tiered checkpointing for Amazon SageMaker HyperPod, a hybrid checkpointing capability that caches frequent checkpoints in CPU memory and periodically persists them to Amazon S3 for durability. The approach reduces model recovery time and minimizes training progress loss on large-scale clusters. It integrates with PyTorch Distributed Checkpoint (DCP) and is enabled via a CreateCluster/UpdateCluster API parameter; customers can use the sagemaker-checkpointing Python library to adopt it with minimal code changes. Currently available for HyperPod clusters using the EKS orchestrator.

Amazon Neptune Analytics Now Supported in NetworkX

🚀 NetworkX now supports Amazon Neptune Analytics as a graph store, enabling developers to use familiar NetworkX APIs while transparently offloading heavy graph-algorithm workloads to Neptune’s scalable analytics engine. The integration provides Zero-ETL data handling, automatic provisioning and teardown for a serverless-like experience, and preserves existing Python workflows without refactoring code.

Amazon CloudFront Adds IPv6 Origin Connectivity Support

🌐 Amazon CloudFront now supports IPv6 connectivity to origin servers, enabling end-to-end IPv6 content delivery for web applications. Customers can configure custom origins as IPv4-only (default), IPv6-only, or dual-stack; in dual-stack mode CloudFront will automatically balance requests across IPv4 and IPv6 addresses. IPv6 origin support is available in all supported AWS Commercial Regions and excludes Amazon S3 and VPC origins. This capability can improve performance for native IPv6 users and reduce pressure from IPv4 address exhaustion for origin infrastructure.

Amazon Keyspaces supports now(), uuid(), and Duration types

🔧 Amazon Keyspaces (for Apache Cassandra) now supports the now() and uuid() functions in SELECT clauses, extending prior support in WHERE, INSERT, and UPDATE. It also introduces a native Duration data type to represent elapsed time between timestamps, removing the need to store intervals as strings or bytes. These updates improve Apache Cassandra compatibility and simplify time-based operations and identifier generation across AWS Commercial and GovCloud regions.

Amazon SageMaker Unified Studio Adds Custom Blueprints

🔧 AWS announced general availability of Custom Blueprints in Amazon SageMaker Unified Studio, enabling customers to supply their own managed IAM policies when creating project roles. Teams can replace or augment the default service-managed policies and use custom AWS CloudFormation templates to define infrastructure and parameters for resources such as Amazon EMR on EC2, AWS Glue Data Catalog, and Amazon Redshift. Sample templates are available in the SageMaker documentation, and the capability is offered in all AWS Commercial Regions where the next-generation SageMaker is available.

Improved AI Assistance in Amazon SageMaker Unified Studio

🤖 Amazon Web Services announced enhancements to the Amazon Q Developer chat experience within SageMaker Unified Studio Jupyter notebooks and added a command-line interface for use in notebooks and the Code Editor. By integrating with Model Context Protocol (MCP) servers, the assistant becomes aware of project resources—data, compute, and code—and provides personalized, context-aware help. These updates aim to speed tasks like code refactoring, file edits, and troubleshooting while preserving transparency around assistant actions. The capabilities are available at no additional cost via the Amazon Q Developer Free Tier where SageMaker Unified Studio is offered; customers can enable Amazon Q Developer Pro for expanded functionality.

Amazon RDS Adds Latest Microsoft SQL Server GDR Updates

🔒 Amazon Relational Database Service (RDS) for Microsoft SQL Server now supports the latest General Distribution Release (GDR) updates for SQL Server 2016 SP3, 2017 CU31, 2019 CU32, and 2022 CU20. The supported RDS engine versions map to KB5063762, KB5063759, KB5063757, and KB5063814 respectively. These GDRs address vulnerabilities tracked as CVE-2025-49758, CVE-2025-24999, CVE-2025-49759, CVE-2025-53727, and CVE-2025-47954. We recommend that customers upgrade their RDS instances via the RDS Management Console, AWS SDK, or AWS CLI and follow the RDS SQL Server upgrade guidance.

AWS MediaConvert Adds Time-Addressable Media Store

🎬 AWS Elemental MediaConvert now integrates with Time-Addressable Media Store (TAMS), enabling customers to reference and extract precise, time-bound media segments as inputs to encoding workflows. The integration requires customers to operate their own TAMS servers—MediaConvert does not host or manage TAMS—and supports quick-turnaround use cases like live-event highlight clipping, near-real-time social publishing, and archive repurposing. This capability is aimed at media operations teams modernizing archives, automating editorial workflows, and connecting broadcast infrastructure and CMS directly into high-performance encoding pipelines.

Amazon CloudFront Adds Post-Quantum and TLS1.3 Policy

🔐 Amazon CloudFront now supports hybrid post-quantum key establishment across all existing TLS security policies for client-to-edge connections, enabling quantum-resistant key exchange without customer configuration. CloudFront also introduces a new TLS1.3_2025 policy that enforces TLS 1.3 only. Both features are enabled by default at all edge locations and incur no additional charges. These updates help organizations strengthen long-term in-transit protection and simplify compliance planning.