All news with #aws tag

🔔 Kaspersky reports an increase in phishing campaigns that abuse Amazon Simple Email Service (SES) to send authenticated-looking malicious messages that can bypass reputation-based filters. Attackers are harvesting exposed AWS access keys from public repositories and assets, automating secret discovery, permission checks, and mass email distribution. Because messages originate from a trusted service, SPF, DKIM, and DMARC checks and IP blocks are often ineffective, prompting Kaspersky to recommend stricter IAM controls, MFA, key rotation, and IP restrictions.

🔒 This AWS Security Blog post explains how to identify and secure open proxies in your AWS environment to prevent abuse, protect IP reputation, and control costs. It describes common proxy types—HTTP, SOCKS, transparent, and reverse—and the risks they introduce when misconfigured on EC2 instances, containers, and serverless functions. The guidance recommends strict access controls and authentication, deploying proxies in private subnets or via AWS PrivateLink, and restricting security groups and load balancers. It also emphasizes monitoring with VPC Flow Logs, CloudTrail, and GuardDuty, automated remediation, regular assessments with Amazon Inspector, and keeping incident response runbooks current.

📱 AWS has added expanded CloudWatch Alarm investigation tools to the AWS Console Mobile App. The update consolidates interactive metric graphs, AI-generated log summaries, and natural-language log search into a single alarm view to reduce time from notification to root cause. Engineers can zoom into specific time windows, adjust time zones, run voice or typed queries, and select pre-saved Logs Insights queries. Related metrics and resources are shown alongside alarms; the app is available in all AWS Commercial Regions at no additional cost.

🔄 AWS announces General Availability of AWS Entity Resolution incremental ML-based matching workflows. Customers can now process only newly added records rather than reprocessing entire datasets, cutting latency and infrastructure costs. The feature supports up to 50M incremental records against 1B historical records and processes 1M incremental records in under one hour.

🚀 Amazon FSx is now available in the AWS Asia Pacific (New Zealand) Region, offering fully managed, high-performance file systems for cloud workloads. The service supports NetApp ONTAP, Windows File Server, Lustre, and OpenZFS, and handles hardware provisioning, patching, and backups. Built on current AWS compute, networking, and disk technologies, FSx aims to deliver improved performance and lower TCO while supporting reliability, security, and scalability.

✨Amazon Quick now creates dashboards from natural language prompts using Generate Analysis. You describe the dashboard you want, select up to three datasets, and review an editable plan before generation. The feature produces organized sheets with visuals, filter controls, and calculated fields such as year-over-year and month-over-month comparisons, reducing creation time from hours to minutes. At launch, Generate Analysis is available to Enterprise subscription and Author Pro users, with promotional access for Authors through December 2026.

🆕 Aurora DSQL now supports the PostgreSQL JSON data type, enabling applications and tools that depend on PostgreSQL's native JSON type to work with Aurora DSQL without code changes. You can create or modify tables to store semi-structured data such as API payloads, configuration objects, or event logs alongside relational data. PostgreSQL compression is available and enabled by default for larger JSON payloads, helping reduce storage costs and improve storage efficiency.

🚀 Amazon Web Services has expanded availability of I8ge Amazon EC2 instances to Europe (Paris) and multiple Asia Pacific regions including Thailand, Hong Kong, Seoul, and Tokyo. Powered by Graviton4 processors and third-generation AWS Nitro SSDs, these storage-optimized instances deliver notable compute and storage gains and provide up to 120 TB of local NVMe. Offered in eleven sizes (including two metal options), I8ge instances also support high network and EBS bandwidth for data-intensive workloads.

🔒 AWS updated VPC Lattice to allow resource configurations to reference domain-name targets that are private to your VPC. You can share a resource configuration for a private FQDN across accounts by setting the Resource Config DNS Resolution property to IN_VPC, causing VPC Lattice to use the VPC's DNS to resolve targets. This enables secure cross-account access to privately hosted backends without public DNS entries. The capability is available via Console, CLI, SDKs and APIs at no additional cost in all regions where VPC Lattice is offered.

📊 Amazon Quick now supports Dataset Q&A, a conversational analytics feature that lets users ask natural language questions directly against enterprise datasets while enforcing governance such as Row Level and Column Level Security. Powered by a text-to-SQL agent, it identifies relevant data and generates engine- and dialect-aware SQL for SPICE and AWS data assets like Amazon Redshift, Amazon Athena, Aurora PostgreSQL, and Apache Iceberg. Dataset owners can add custom instructions and semantic metadata to a knowledge graph, and an Explain capability lets users inspect the generated SQL and reasoning before acting on results.

🔍 Amazon Quick now supports Amazon S3 table buckets as a direct data source, enabling dashboards, conversational analytics, and exploration of Apache Iceberg tables stored in S3 without intermediate warehouses or OLAP layers. Paired with Zero-ETL ingestion from systems like Salesforce, SAP, and Amazon Kinesis Data Firehose, organizations can access near real-time insights with reduced pipeline complexity. Admins configure S3 table bucket permissions once, and authors can immediately create datasets and use Dataset Q&A to query the lakehouse in natural language.

🔒 Amazon EventBridge now supports logging data plane APIs to AWS CloudTrail, giving customers greater visibility into event bus activity. The update adds capture of the PutEvents API and records requester identity, IP address, timestamps, and request details. You can opt in per event bus via the CloudTrail console or APIs; the capability is available in commercial, GovCloud (US), and AWS China regions.

📧 The Amazon Quick extension for Microsoft Outlook is now available in preview, embedding generative AI directly into email and calendar workflows. Using natural-language prompts, users can summarize unread messages, prioritize and organize mail, find specific discussions, schedule meetings, and draft contextual replies without leaving Outlook. The extension pulls relevant content from Amazon Quick spaces and knowledge bases and can trigger actions in external apps via configured integrations. Preview is available in several AWS regions; sign-up and documentation are provided on the Quick site.

🤖 Amazon SageMaker AI introduces an agentic experience that dramatically shortens model customization from months to days or hours. Using SageMaker AI model customization agent skills, developers interact via natural language coding agents to prepare data, fine-tune models, evaluate quality with LLM-as-a-judge metrics, and generate reusable code artifacts. Skills can be installed into IDEs via the sagemaker-ai agent plugin or used pre-installed in SageMaker Studio Notebooks, and support deployment to Amazon Bedrock or SageMaker AI endpoints.

🔐 AWS announced support for cross-account key sharing in AWS Payment Cryptography using resource-based policies (RBP). Organizations can now maintain a single authoritative copy of cryptographic keys and grant per-resource access to other AWS accounts—internal or external—without import/export workflows. This reduces duplication, simplifies key lineage and access control, and helps teams scale cryptography operations in cloud-hosted payment applications. The feature is available in all Regions where the service runs; consult the user guide to get started.

⚡ Amazon RDS for SQL Server now supports the M8i and R8i instance families, powered by custom Intel Xeon 6 processors exclusive to AWS. These instances deliver up to 15% better price-performance and up to 2.5x more memory bandwidth versus equivalent 7th-generation Intel instances. You can modify existing RDS SQL Server instances or create new ones via the RDS Console, AWS SDK, or CLI. Review Amazon RDS for SQL Server Pricing for regional availability before migrating.

🚀 Amazon Bedrock AgentCore is now available in the AWS South America (São Paulo) Region. AgentCore provides a platform to build, connect, and optimize agents with runtime, identity, gateway, policy, observability, code interpreter, and browser tools available at launch. Customers can deploy agents closer to end users to reduce latency and meet data residency requirements, with security enforced at the infrastructure layer that agents cannot bypass.

🎥 Amazon Web Services announced CloudWatch RUM Session Replay, a video-like playback feature that records clicks, scrolls, page changes, and client-side errors for web applications. It extends CloudWatch RUM's client-side performance and error telemetry by letting developers visually diagnose broken navigation flows, unresponsive UI elements, and silent UX failures. Session Replay is opt-in, supports sensitive field masking, is included at no additional cost, and is available in all AWS Regions where CloudWatch RUM is supported.

🔒 AWS outlines the Security Health Improvement Program (SHIP) as a no-cost, data-driven engagement to assess and prioritize fixes across 10 core cloud security use cases. The program uses actual environment data and AWS guidance to establish baselines needed for safe AI adoption and faster response to AI-accelerated vulnerability discovery. Customers can start via their account team or hands-on Activation Days.

🌐 Amazon OpenSearch Service now supports cross-region data access in OpenSearch UI, letting a single OpenSearch UI application query domains hosted in different AWS Regions without switching endpoints or replicating data. The capability works for domains in both public and VPC configurations and complements earlier cross-account data access so teams can combine accounts and Regions flexibly. It supports queries across primary and replica domains and uses both IAM and IAM Identity Center for authentication.