< ciso
brief />
Tag Banner

All news with #backup security tag

76 articles

AWS Backup adds air-gapped vaults in six regions

πŸ”’ AWS Backup now offers logically air-gapped vaults in six additional Regions: Asia Pacific (Taipei), Asia Pacific (Malaysia), Asia Pacific (New Zealand), Asia Pacific (Thailand), Mexico (Central), and Canada West (Calgary). These vaults provide immutable, isolated backups that are locked by default and encrypted with AWS-owned or customer-managed keys. You can back up directly to these vaults, copy backups across accounts and Regions, share via AWS Resource Access Manager, and use Multi-party approval to protect access during account compromise. Use the AWS Backup console, CLI, or SDKs to get started and consult the documentation for region and feature details.
read more β†’

AWS Backup restore testing expands to six regions

πŸ›‘οΈ AWS Backup restore testing is now available in six additional Regions: Asia Pacific (Taipei), Asia Pacific (Malaysia), Asia Pacific (New Zealand), Asia Pacific (Thailand), Mexico (Central), and Canada West (Calgary). The capability automates periodic restore tests for supported storage, compute, and database resources, letting you create plans that select recovery points, run scheduled restores, and measure completion against recovery time objectives. This helps organisations evaluate recovery readiness and meet regulatory and business continuity requirements. To start, use the AWS Backup console, CLI, or SDKs and consult the documentation for supported Regions and pricing.
read more β†’

AWS DRS adds EBS volume initialization rate support

πŸ”§ AWS Elastic Disaster Recovery (AWS DRS) now supports the Amazon EBS volume initialization rate to accelerate restored volume performance during drills and recoveries. When DRS creates volumes from snapshots, data loads from Amazon S3 in the background and uninitialized blocks can show slower I/O; setting a volume initialization rate on your DRS-managed EC2 launch template lets DRS apply that rate automatically at recovery. This preserves performance for I/O-intensive workloads and is retained across template updates; if the rate cannot be applied, DRS still completes the recovery to avoid blocking operations. Support is available in all Regions where the EBS initialization rate is offered, and charges apply per GB based on snapshot size and your chosen rate.
read more β†’

Redshift Serverless preserves integrations on restore

πŸ”„ Amazon Redshift Serverless now preserves zero-ETL and Amazon S3 event integrations automatically when restoring a namespace from a snapshot or recovery point to the same serverless namespace. Previously, restores marked integrations as failed and required manual recreation, causing reconfiguration delays and potential ingestion gaps. With this improvement, integrations resume operating after restore completion, simplifying disaster recovery and testing workflows and reducing administrative overhead. This behavior applies only to restores within the same serverless namespace and is available in all regions where Redshift Serverless is offered.
read more β†’

Amazon RDS cross-region automated backups expand

πŸ” This update announces availability of Cross-Region Automated Backup replication for Amazon RDS in four additional AWS Regions, enabling automated backup replication between specified region pairs. The feature replicates snapshots and transaction logs to a destination Region to support point-in-time restores and near-real-time recovery. It supports multiple RDS engines and can be configured via the RDS Console, AWS SDK, or CLI. Organizations can achieve Recovery Point Objectives within minutes by using this replication.
read more β†’

UK Firms Face Rising Ransomware Incidents in 2025–26

πŸ”’ Report Fraud received 323 ransomware reports from UK organisations between April 2025 and March 2026, with SMEs accounting for over half of victims. Financial losses rose about 50% year-on-year to approximately Β£270,000 per incident, though police warned this likely understates the true cost. Authorities and experts urge firms to adopt proactive measures like regular backups and strong access controls to reduce risk and impact.
read more β†’

AWS Backup boosts Amazon S3 copy performance

πŸš€ AWS Backup now performs S3 backup copy operations up to 8x faster for buckets with millions of objects and low change rates by using enhanced change tracking. This removes the need to scan all objects in the destination account or Region, reducing copy time across accounts and AWS Regions. The improvement records object events as they occur and applies automatically to new cross-account and cross-Region copy jobs at no additional cost in supported Regions.
read more β†’

Google Cloud adds cross-region backups for DR

πŸ”’ Google Cloud announces general availability of cross-region backups for its Backup and DR Service. This release decouples backup destinations from source regions, enabling backups to be stored in distinct geographic regions to improve resilience and meet data residency requirements. The capability is available now for Compute Engine instances, Disks, and Filestore, with Cloud SQL and AlloyDB support coming soon.
read more β†’

Windows 11 KB5095093 preview adds Point-in-Time

πŸ›ˆ Microsoft released optional preview update KB5095093 for Windows 11 24H2 and 25H2, installing build 26100.8737 and introducing new features and bug fixes. The update offers a new Point-in-Time restore capability that captures VSS-based restore points for up to 72 hours and simplifies rollback of the OS, apps, and files. It also fixes a Recycle Bin filename confirmation bug and brings improvements across Secure Boot, Netlogon, File Explorer, Bluetooth, Widgets, accessibility, and networking.
read more β†’

Amazon FSx adds cross-region replication to opt-in Regions

πŸ” Amazon FSx for OpenZFS now supports on-demand replication to and from AWS opt-in Regions, enabling incremental point-in-time snapshot transfers beyond default-enabled Regions. This feature simplifies disaster recovery, cross-account replication, and lower-latency global access while leveraging FSx for OpenZFS’s snapshots, cloning, and high throughput. Available wherever FSx for OpenZFS is offered, replication carries no extra FSx charge; standard inter-Region data transfer fees apply.
read more β†’

AWS Backup for Amazon EKS in Germany Region

πŸ”’ AWS Backup now supports Amazon EKS in the AWS European Sovereign Cloud (Germany) Region, providing fully managed, policy-driven data protection and recovery for EKS clusters. The service includes automated scheduling, retention management, immutable vaults, and cross-Region and cross-account copies. Customers can protect entire clusters, namespaces, or individual persistent volumes without agents, replacing custom scripts or third-party tools.
read more β†’

Amazon Redshift lowers manual snapshot storage costs

πŸ“£ Amazon Redshift now charges manual snapshot storage based on unique data blocks stored across snapshots rather than the full size of each snapshot. This change applies to Amazon Redshift Serverless and Amazon Redshift RG instances and reduces costs for customers who keep multiple manual snapshots. The billing model automatically applies to both existing and new manual snapshots in all AWS commercial and AWS GovCloud (US) Regions where these services are available. Customers can take more frequent snapshots to improve RPOs without incurring proportional cost increases.
read more β†’

GuardDuty malware scanning for S3 continuous backups

πŸ›‘οΈ Amazon GuardDuty Malware Protection for AWS Backup now supports Amazon S3 continuous backups, enabling malware scanning across your continuous backup timeline. You can enable full or incremental scans within your backup plan and run on-demand scans up to any restorable point in time. The new GetPITRMalwareScanResults API lets you query scan status at a specific point in time to confirm a clean recovery point. Support is available in all Regions where GuardDuty Malware Protection for AWS Backup is offered, and you can enable it via the AWS Backup console, API, or CLI.
read more β†’

Why Ransomware Succeeds Even When Backups Exist: Fixes

πŸ”’ Modern ransomware campaigns routinely target backup infrastructure before launching encryption, leaving organizations without viable recovery despite having backups. The article details an attack sequence β€” initial access, credential theft, lateral movement, backup discovery and destruction, then encryption β€” and identifies recurring failures like weak isolation, overprivileged credentials, lack of immutability, and untested restores. It recommends identity separation, network segmentation, immutable storage, continuous monitoring, and regular recovery testing, and highlights Acronis Cyber Platform as an integrated example that combines backup, immutability, and threat detection to reduce complexity and improve resilience.
read more β†’

AWS Backup speeds Amazon EKS cluster backups up to 10x

πŸš€ AWS Backup now completes Amazon EKS cluster state backups up to 10x faster. This improvement reduces backup windows for clusters with large numbers of namespaces and Kubernetes resources from days to hours and is automatically enabled at no additional cost in supported Regions. AWS Backup is a policy-based, fully managed solution to centralize and automate protection across compute, storage, and databases.
read more β†’

RDS for SQL Server: Cross-Account Snapshot Sharing

πŸ” Amazon RDS for SQL Server now supports cross-account snapshot sharing for instances configured with additional storage volumes, allowing snapshots to preserve the original storage layout when shared, copied, or restored across accounts. This capability helps teams create isolated backup environments for compliance and to perform diagnostics by restoring snapshots in separate accounts. The feature is available today in all AWS commercial Regions via the Console, CLI, and SDKs.
read more β†’

RDS for SQL Server: Read Replicas Support ASV Storage

πŸ” Amazon RDS for SQL Server now supports creating read replicas for database instances that use additional storage volumes. Additional volumes let customers scale database storage up to 256 TiB by attaching up to three additional volumes of up to 64 TiB each, and replicas preserve the source instance's storage layout on creation. After the initial copy, administrators can manage additional volume configurations independently on source and replica instances. The feature is available in all AWS commercial Regions and AWS GovCloud (US) and can be accessed via the AWS Management Console, AWS CLI, or AWS SDKs.
read more β†’

AWS Backup Adds Aurora PITR Support in Six Regions

πŸ”” AWS Backup now supports Amazon Aurora point-in-time recovery (PITR) in six additional AWS Regions: Malaysia, Thailand, Taipei, New Zealand, Canada West (Calgary) and Mexico (Central). The expansion enables policy-based data protection and time-based recovery for Aurora clusters via backup plans. To protect clusters, add them to an existing or new backup plan and ensure continuous backups or PITR are enabled on the relevant backup rule. Management is available via the AWS Backup console, CLI, or SDKs.
read more β†’

AWS Backup Adds Aurora DSQL and Redshift Serverless

πŸ›‘οΈ AWS Backup now supports including Amazon Redshift Serverless namespaces and Amazon Aurora DSQL clusters directly as resource types in AWS Organizations backup policies. Organization administrators can create policy rules that explicitly target these resource types across member accounts rather than relying on tag-based selections or backing up all resources. The capability is available in all AWS Commercial and GovCloud Regions where AWS Backup and the services are offered. For implementation, consult the AWS Organizations backup policies documentation or use the AWS Backup console.
read more β†’

Cloning AWS CloudHSM Clusters Across Regions Securely

πŸ›‘οΈ This AWS Security Blog post demonstrates how to clone an AWS CloudHSM cluster across Regions using the copy-backup-to-region workflow and Client SDK 5 (recommended version 5.17 or later). It walks through creating and initializing a source cluster, generating a backup, copying that backup to a destination Region, and launching a new cluster from the copied backup, including certificate transfer and security group adjustments. The guide emphasizes that non-exportable keys can only be synchronized to cloned clusters, that users and passwords must be maintained manually after the initial backup, and that Client SDK 3 reached end-of-support on January 1, 2025, so migration to SDK 5 is required.
read more β†’