All news with #cloud security tag

🌐 Amazon MSK now supports dual-stack IPv4 and IPv6 connectivity for existing MSK Provisioned and MSK Serverless clusters. Customers can enable dual-stack via the Amazon MSK Console, AWS CLI, SDKs, or CloudFormation by changing the cluster Network Type; MSK provisions IPv6-enabled interfaces while preserving IPv4 to avoid service disruption. For Provisioned clusters, use the GetBootstrapBrokers API to retrieve new IPv6 bootstrap broker strings. Dual-stack is available in all Regions where MSK is offered and incurs no additional cost.

🔐 Check Point has been named a Leader in the GigaOm Radar for Cloud Network Security for the third consecutive year. CloudGuard Network Security delivers an open-garden, cloud-agnostic architecture with integrations across 22 public and private cloud vendors, enabling consistent policy enforcement and centralized controls. The solution is positioned for budget-minded IT teams seeking to reduce multi-cloud complexity, maintain geographic compliance, and mitigate AI-powered cyber threats by foreign actors through consolidated visibility and automation.

📈 AWS HealthImaging now provides additional Amazon CloudWatch metrics to monitor storage at both the account and individual data store levels. Customers can track storage volume, the number of image sets, and counts of DICOM studies, series, and instances to understand growth trends. These granular metrics support management of single-tenant and multi-tenant workloads at petabyte scale and are available in select AWS Regions.

🔒 This weekly recap shows how small, trusted gaps are becoming major entry points — from a hijacked Outlook add-in (AgreeTo) turned into a phishing kit that stole over 4,000 Microsoft credentials to multiple actively exploited zero-days in Chrome and Apple platforms. It also covers a critical BeyondTrust RCE under active exploitation, new Linux botnet activity abusing SSH, and cloud-focused campaigns targeting exposed Docker, Kubernetes, and Redis instances. Attackers are combining legacy techniques, cloud misconfigurations, and AI assistance to scale access and persistence.

🔒 A strategic partnership between the Federal Office for Information Security (BSI) and Schwarz Digits, the IT arm of the Schwarz Group, was announced at the Munich Security Conference to develop sovereign cloud solutions for German public administration. The organizations said they will jointly build control layers and secure systems to protect critical data and enhance cybersecurity situational awareness. The collaboration aims to strengthen technological independence and improve resilience against hybrid threats. Both parties framed the effort as part of a broader push for digital sovereignty in Germany and Europe.

🔒 Amazon Bedrock now supports AWS PrivateLink for the bedrock-mantle endpoint, enabling private network access to OpenAI API-compatible service endpoints. The bedrock-mantle endpoint is powered by Project Mantle, a distributed inference engine that simplifies model onboarding and delivers serverless, high-performance inference with QoS controls and higher default quotas. This expansion gives enterprises a private connectivity option across multiple AWS Regions for building and scaling generative AI applications.

🔐 AWS has added Amazon DynamoDB to the set of services supported by Resource Control Policies (RCPs), enabling organizations to centrally constrain the maximum permissions available to resources. Administrators can now use RCPs to block identities outside their AWS Organization from accessing DynamoDB, helping enforce a data perimeter and baseline security standards. RCPs are available in all AWS commercial Regions and AWS GovCloud (US) Regions.

🔒 Check Point outlines a strategy to help security teams regain control as AI accelerates attacks and transforms workflows. Rather than piling on tools, organizations must revalidate foundational controls across network, endpoint, email, SASE and cloud, and adopt prevention-first architectures. Check Point offers integrated visibility, unified policy management, threat intelligence and AI-aware controls to harden environments and streamline operations.

🔒 Modern cloud environments create vast numbers of short-lived machine identities that outnumber humans and often remain unmanaged. The author argues that traditional, ticket-driven identity governance is inadequate for ephemeral workloads and supply-chain tooling, exposing organizations to “zombie” service accounts and credential theft. The recommended response is a shift to cryptographic workload identity (e.g., SPIFFE and workload attestation), elimination of long-lived static credentials via short-lived tokens and OIDC Federation, and automated entitlement pruning using CIEM to restore least-privilege without slowing engineering velocity.

⚙️ AWS Lake Formation now supports enhanced cross-account sharing, enabling centralized permission management for catalogs, databases, tables, and columns across multi-account analytics environments. The update removes prior per-resource association limits by using a single AWS Resource Access Manager resource share with wildcard patterns; administrators should upgrade to cross-account version 5 to adopt the new behavior. Existing shares and Lake Formation APIs remain compatible.

🔓 Pentera Labs identified nearly 2,000 intentionally vulnerable training and demo applications exposed on public cloud infrastructure, many linked to active cloud identities and overly permissive roles. Tools such as OWASP Juice Shop and DVWA were frequently deployed with default settings and minimal isolation, allowing attackers to install crypto-miners, webshells, and persistence tooling. The findings warn that labeling environments as training does not remove their real-world risk when they are publicly accessible and integrated with privileged cloud accounts.

🔒 The European Commission has given unconditional approval for Google's $32 billion acquisition of cloud security vendor Wiz, removing a major regulatory hurdle. The clearance lets Google Cloud fold Wiz's multi‑cloud security capabilities into its stack while regulators found no meaningful competition harm. Analysts warn the tie-up could accelerate hyperscaler-led security consolidation, raise long-term lock-in risks, and shift incentives away from cloud neutrality.

🔒 Amazon Bedrock AgentCore Browser now accepts customer-provided proxy configurations, allowing organizations to route browser sessions through corporate or regional proxy infrastructure for geo-targeting, compliance, and stable egress addresses. The feature supports both HTTP and HTTPS protocols and integrates with AWS Secrets Manager for secure credential management. It is available in all 14 regions where AgentCore Browser is offered.

🔒 Google Distributed Cloud (GDC) air-gapped 1.15 introduces networking updates that give regulated environments more control, visibility, and scalability while preserving isolation. Preview features include Cloud NAT for configurable egress IPs and timeouts, enhanced connectivity enabling standard clusters to reach organizational workloads securely, and HTTP/HTTPS load balancer health checks for application-level monitoring. IPAM's subnet group capability (GA) simplifies subnet scaling by letting child subnets reference multiple parent subnets.

📥 Amazon Elastic Kubernetes Service (EKS) Auto Mode can now deliver logs via Amazon CloudWatch Vended Logs. Customers can configure each managed capability—compute autoscaling, block storage, load balancing, and pod networking—as a vended log source using the CloudWatch APIs or the AWS Console. Logs can be routed to CloudWatch Logs, Amazon S3, or Amazon Kinesis Data Firehose. This option uses built‑in AWS authentication and authorization and can reduce delivery cost versus standard CloudWatch Logs.

⚙️ Amazon Redshift now lets administrators allocate extra compute specifically for its automatic optimization features, or autonomics, so tasks such as Automatic Table Optimization (ATO), Automatic Table Sorting (ATS), Auto Vacuum, and Auto Analyze can run reliably during peak user activity. This avoids the need to pause or schedule manual maintenance windows. A cost-control setting limits resources for autonomics on provisioned clusters, and the new SYS_AUTOMATIC_OPTIMIZATION system table improves observability for both provisioned clusters and serverless workgroups.

💡 As healthcare organizations layer AI-driven analytics, clinical decision support and automation onto complex IT environments, cloud costs are becoming harder to predict and control. Experts advise combining disciplined FinOps practices with clear cloud cost governance that aligns technical choices with clinical, operational and financial priorities. Key steps include centralized visibility, automation to detect waste, and risk-based workload placement across cloud, on-premises and edge.

🔎 Unit 42 demonstrates a practical method to map cloud alert events to MITRE ATT&CK tactics and techniques and use the resulting alert patterns as operational fingerprints for known threat actors. The study examined alerts from cloud providers, containers, cloud-hosted applications, and SaaS across 22 industries between June 2024 and June 2025. Comparing cybercrime actor Muddled Libra and nation-state group Silk Typhoon, researchers found distinct, identifiable alert fingerprints and recommend proactive monitoring and mitigation, including Cortex Cloud runtime detection.

🛡️ Google Cloud outlines its expanded Sovereign Cloud portfolio—Google Cloud Data Boundary, Google Cloud Dedicated, and Google Cloud Air‑Gapped—to help governments and organizations retain control of unencrypted data, comply with local law, and sustain critical services. The announcement details regional infrastructure and workforce investments worldwide and legal, technical, and operational controls to limit or challenge external data access. It emphasizes open-source compatibility, client-side encryption options, and flexible deployment models that enable third‑party operators and avoid vendor lock‑in.

⚠️ Researchers at Sysdig uncovered an attack that fully compromised an AWS environment in under eight minutes by exploiting a cloud misconfiguration and using LLMs to accelerate reconnaissance and exploitation. Attackers reused credentials found in public S3 buckets, modified a Lambda function to escalate privileges, moved laterally across numerous principals, and disabled model-call logging in Amazon Bedrock. Security experts warn that AI-enabled automation compresses attack timelines and reduces defenders' reaction windows.