All news with #cloud security tag

🔍 Cloud migrations have introduced dynamic infrastructure, container sprawl, and multi‑cloud complexity that often create blind spots and make cloud-native logs inconsistent. Network-layer telemetry and Network Detection and Response (NDR) offer a consistent, provider-agnostic signal that analysts already know how to read. Combining mirrored traffic, flow logs, TLS metadata, DNS, and container context helps detect exfiltration, C2, cryptomining, and suspicious admin activity. Operationalizing these signals—baseline tuning, egress monitoring, and continuous validation—improves cloud defense.

🔍 AWS is rolling out the Related resources tab for security groups in the Amazon EC2 and VPC consoles, now generally available. The tab consolidates all resources that depend on a specific security group — such as EC2 instances, ENIs, RDS, and ElastiCache — into a single view, reducing the need to check services individually. This streamlines impact assessment before modifying or deleting security groups and is available in all AWS commercial regions at no additional cost.

🔁 Amazon now enables replication of DynamoDB global tables across multiple AWS accounts and Regions, allowing automatic, multi-Region, multi-account table synchronization. This supports stronger fault tolerance and higher availability during account-level disruptions while enabling workload isolation and distinct security and governance controls. The feature is available in all AWS Regions and follows existing global tables pricing.

🔍 The financial sector saw cyber incidents more than double in 2025 (864 → 1,858), driven by three dominant trends: surging DDoS campaigns, a sharp rise in data breaches and leaks, and the commercialization of cybercrime-as-a-service. These threats exploited weaknesses in cloud security, identity governance, and third-party risk. Banks and fintechs must accelerate adoption of layered defenses, continuous monitoring, and stronger vendor controls to maintain resilience.

🔐 Recent large-scale cloud outages affecting providers like AWS, Azure, and Cloudflare have shown how failures in shared infrastructure can incapacitate identity flows and halt business-critical systems. Even when an identity provider remains operational, failures in datastores, DNS, control planes, or load balancers can block authentication and authorization. Organizations should deliberately design resilience—using multi-cloud or controlled on-prem options and predictable degraded modes such as cached attributes or precomputed decisions—to avoid total access collapse.

💰 AWS Network Firewall now supports flexible cost allocation via AWS Transit Gateway native attachments in AWS GovCloud (US) Regions, enabling centralized inspection charges to be distributed automatically across accounts. Administrators can create metering policies to allocate data processing costs to application teams based on actual usage instead of consolidating expenses in the firewall owner account. The feature is available in GovCloud (US-East) and GovCloud (US-West) and can be enabled through the AWS Management Console, CLI, or SDK. There are no additional fees beyond standard Network Firewall and Transit Gateway pricing.

🔒 The CrowdStrike Falcon platform delivers unified protection for AI across endpoints, cloud workloads, identities, and data flows, extending proven security principles to machine‑speed operations. By combining a single lightweight sensor with integrated modules, Falcon provides visibility, identity governance, data protection, and continuous monitoring for models and AI agents. Customers use these capabilities to detect misconfigurations early, govern non‑human identities, and prevent sensitive data exfiltration while preserving developer velocity and operational scale.

🌐Amazon RDS now supports IPv6 for VPC endpoints of the RDS Service APIs, enabling dual‑stack (IPv4 and IPv6) connectivity directly within your VPC without traversing the internet. This change expands address capacity, lets you assign contiguous IPv6 ranges to microservices, and provides a safer, phased migration path from IPv4. The feature is available in all commercial AWS regions and AWS GovCloud (US).

🔒 Amazon SageMaker Unified Studio can now be accessed through AWS PrivateLink, enabling customers to route traffic between their VPC and Unified Studio without traversing the public internet. Network administrators can onboard SageMaker service endpoints to a VPC and combine them with IAM policies to enforce that customer data remains on the AWS network. The capability is available in all Regions that support Unified Studio, giving customers a built-in option for stronger network isolation.

📈 AWS announced Partner Revenue Measurement, a capability that gives AWS Partners visibility into how their solutions drive AWS service consumption across partner-managed and customer-managed accounts. Partners tag resources with aws-apn-id and values like pc: to attribute service usage to a Marketplace listing. The feature is generally available in all commercial regions and AWS provides an onboarding guide with implementation and tagging best practices.

🚀 Amazon RDS for Oracle now supports cross-Region replicas configured with additional storage volumes, enabling customers to attach up to three extra volumes of up to 64 TiB each alongside the primary storage. When you create a cross-Region replica, RDS automatically mirrors the same storage layout on the replica, and you can modify volumes on primary and replica via the AWS Management Console, AWS CLI, or AWS SDK without application downtime. This enhancement lets organizations scale database capacity up to 256 TiB and supports promotion or switchover of replicas to meet low RPO and RTO for business-critical workloads.

🔒 Marquis Software Solutions says a ransomware attack in August 2025 that disrupted systems serving dozens of U.S. banks and credit unions was enabled by a breach at SonicWall's cloud backup service. Rather than exploiting an unpatched firewall, attackers used configuration data taken from backup files accessed after unauthorized access to the MySonicWall portal, according to Marquis and a third-party investigation. Marquis is evaluating options including seeking recoupment of response costs for itself and affected customers. SonicWall has acknowledged the MySonicWall breach and said a Mandiant probe linked the incident to state-sponsored actors.

🔒 Fortinet's Accelerate 2026 returns to Las Vegas March 9–13, bringing customers, partners, and industry leaders together at the Mandalay Bay Convention Center for keynotes, technical sessions, and an expansive Tech Expo. The event emphasizes an integrated platform approach to secure networking, unified SASE, cloud and OT protection, and AI-enhanced detection and automation. Customer-led sessions from organizations such as Lowe’s, TJX, and ExxonMobil will share practical implementations, while attendees can pursue certifications, hands-on workshops, and the Fortinet Ultimate Fabric Challenge to translate strategy into operational outcomes.

🚀 Amazon Keyspaces (for Apache Cassandra) now supports pre-warming of tables so customers can proactively prepare new and existing tables for anticipated traffic peaks. The capability works for both provisioned and on-demand capacity modes, including multi-Region replicated tables, and is applied during create or update operations. Pre-warming runs non-disruptively and asynchronously, incurs a one-time charge based on the difference from baseline capacity, and is available in all AWS Commercial and AWS GovCloud (US) Regions where Keyspaces is offered.

🛡️ In 2026, CISOs must combine business acumen, AI literacy, and culture-building to enable growth and resilience rather than acting as technical gatekeepers. They need to translate complex AI and model risks into clear financial, operational, and reputational terms for boards while prioritizing cloud-native security and secure use of LLMs. Recommended credentials include (ISC)² CISSP, CCSP, and leadership programs, but practical experience, cross-functional influence, and low-cost learning tactics like peer communities and internal learning loops are often decisive.

🔐 Palo Alto Networks announced Quantum-Safe Security, a continuous solution to discover, assess and remediate enterprise cryptographic risk as organizations migrate to post-quantum standards. The offering ingests telemetry from PAN-OS NGFW, Prisma Access and third-party systems to build a real-time Cryptographic Bill of Materials (CBOM), prioritize harvest-now, decrypt-later exposure, and automate remediation—including cipher translation at the network edge. General availability is expected on January 30, 2026.

🔒 This CNAPP buying guide outlines the cloud-native application protection category, its core components and expanded coverage areas. It explains the four foundational elements—CIEM, CWPP, CASB and CSPM—and highlights extensions such as IaC, container, API and supply-chain security. The guide compares major vendors, their focal points, notable integrations and pricing models, and concludes with five practical questions organizations should ask before buying.

🔒 AWS Transfer Family now enables access to Amazon FSx for NetApp ONTAP file systems over SFTP, FTPS, and FTP by routing transfers through S3 Access Points. This complements native NFS/SMB access so you can preserve existing internal workflows while offering industry-standard secure transfer protocols to partners and users. Access control is enforced using IAM policies and S3 Access Point configurations, and the capability is available in select AWS Regions.

🔍 Florida-based Cyber Centaurs discovered that the INC ransomware group left behind Restic backup artifacts that exposed an S3-style cloud repository used to hold stolen files. By performing forensic, non-destructive enumeration with Restic semantics, investigators were able to locate and decrypt datasets belonging to 12 US firms. The team reported findings to law enforcement and highlighted practical remediation steps: audit backups, monitor for encrypted egress, and patch backup software promptly.

🔒 AWS announced 13 new managed Config rules to help govern security, durability, and operations across AWS environments. You can discover, enable, and manage these rules directly from AWS Config, and apply them at the account or organization level. Use Conformance Packs to group and deploy these controls across multiple accounts for consistent governance.