All news with #cloud security tag

📬 Amazon Simple Email Service (SES) now exposes the exact IP addresses used by Dedicated IP Addresses - Managed (DIP-M) pools. Customers can view these IPs via the console, CLI, or SES API and access Microsoft SNDS metrics for each address. SES also creates CloudWatch metrics for SNDS data to aid reputation monitoring. This gives customers greater transparency into sending activity and helps diagnose deliverability and reputation issues with mailbox providers.

🚀 AWS has launched the U7i-6tb High Memory instance in the Europe (London) Region, offering 6TB of DDR5 memory and 448 vCPUs for large in-memory workloads. Powered by custom fourth-generation Intel Xeon Scalable (Sapphire Rapids) processors, these 7th-generation instances support up to 100 Gbps for EBS and network and include ENA Express for lower latency. They are aimed at mission-critical in-memory databases such as SAP HANA, Oracle, and SQL Server, enabling higher transaction throughput and faster data loading and backups.

🔍 At Fal.Con 2025, CrowdStrike introduced a dynamic, persona-aware user experience for Falcon Cloud Security and Falcon Exposure Management, now available in public preview. Built on CrowdStrike Enterprise Graph and Charlotte AI, the console unifies hybrid and multi-cloud asset and risk visibility into customizable workspaces. It offers AI-assisted dashboard creation and executive-ready reporting to accelerate investigations and remediation without switching tools.

🔍 The Oklahoma Employment Security Commission modernized its 40‑year mainframe data architecture with a cloud-first data platform built on BigQuery and analytics delivered via Looker. Partnering with Google Public Sector and Phase2, OESC reorganized opaque, mainframe-mimicking schemas into a performant, intuitive model and enabled point-in-time snapshots previously impossible. Critical reporting moved from months to hours, stakeholders gained self-service access, and the agency unlocked employer insights that supported tax analysis, improved auditability, and accelerated fraud detection.

⚠️ AWS experienced a widespread outage affecting multiple services in the US-EAST-1 region, causing elevated error rates and latencies across key APIs. The disruption, tied to a DNS resolution issue for the DynamoDB API endpoint and subsequent network load balancer problems, interrupted login and content services for platforms such as Amazon, Prime Video, Fortnite, Canva and Perplexity. AWS reported mitigation steps and later declared services restored after extended recovery efforts.

🚨 An AWS outage in the US-EAST-1 region caused widespread disruptions across multiple consumer services, producing elevated error rates and higher latencies. Major platforms including Amazon, PrimeVideo, Fortnite, Perplexity, and Canva reported failures ranging from login and chat outages to impaired editing functionality. AWS acknowledged the incident on its Health page and said engineers were investigating and mitigating the issue. After roughly 45 minutes some services began recovering, though many users still experienced intermittent problems.

🔐 Amazon CloudWatch Database Insights now supports tag-based access control for database-level and per-query metrics powered by RDS Performance Insights. Instance tags defined on RDS and Aurora are now automatically evaluated to authorize Performance Insights metrics, enabling IAM policies to use tag-based access conditions across logical groups of databases. This reduces manual, resource-level permission management and improves governance and security consistency. The feature is available in all AWS regions where Database Insights is offered.

📊 Amazon today announced general availability of Amazon EC2 Capacity Manager, a console and API capability that centralizes monitoring, analysis, and management of EC2 capacity across accounts and Regions. The tool provides dashboards and drilldowns for On-Demand, Spot, and Capacity Reservations, historical trends, optimization recommendations, and exportable data for integration. Available in all commercial AWS Regions at no additional cost.

🔍 Azure Storage Discovery is now generally available as a fully managed service that provides enterprise-wide visibility across Azure Blob Storage and Azure Data Lake Storage. It delivers out-of-the-box dashboards, advanced visualizations, and multi-dimensional reports for capacity, activity, security, configuration, and error trends to help optimize costs and operations. Integrated Copilot in Azure allows users to ask natural-language questions and receive rich charts and tables without coding skills.

🌐 Amazon DocumentDB now supports IPv6 addressing for new and existing clusters, enabling dual-stack (IPv4/IPv6) deployments within VPCs. Customers can enable IPv6 with a few clicks in the AWS Management Console or programmatically via the AWS CLI to reduce address overlap and simplify networking. The change helps teams standardize applications on IPv6 and is generally available on versions 4.0 and 5.0 in supported Regions. Amazon DocumentDB remains a fully managed, native JSON database designed for scale and operational simplicity.

🚀 AWS Global Accelerator now supports application endpoints in two additional AWS Regions — Asia Pacific (Thailand) and Asia Pacific (Taipei) — bringing total coverage to thirty-three Regions. The service offers static IP addresses, congestion-free AWS network routing, edge DDoS protections, and continuous health monitoring to enable deterministic multi-region failover without DNS dependencies. To use the new Regions, configure endpoints such as Application Load Balancers, Network Load Balancers, Amazon EC2 instances, or Elastic IPs and review the Global Accelerator documentation.

🔐 Amazon Bedrock now automatically enables serverless foundation models in each AWS Region, removing the prior per-model enablement step and retiring the Model Access page and PutFoundationModelEntitlement IAM permission. Access is managed through standard AWS controls—IAM and Service Control Policies (SCPs)—so account- and organization-level governance remains intact. Existing model restrictions enforced by IAM or SCPs continue to apply, and previously enabled models are unaffected. Administrators should transition to scoped IAM/SCP policies and patterns such as wildcards and NotResource denies to maintain least-privilege control.

🚀 Microsoft and Oracle have expanded Oracle Database@Azure with broader regional coverage and support for Oracle Database 19c and 23ai, plus full support for Base Database, Exadata (Dedicated and Exascale), and Autonomous Database. The update introduces continuous zero-ETL mirroring into OneLake via Oracle GoldenGate and native integrations with Microsoft Fabric, enabling real-time analytics with Copilot Studio, Azure AI Foundry, and Power BI. Security and operational management are strengthened through Microsoft Defender, Microsoft Sentinel, Entra ID, and Azure Arc, while Azure Accelerate for Oracle and marketplace programs streamline migrations and partner engagement.

🔒 Amazon Route 53 Profiles now supports AWS PrivateLink, allowing customers to access and manage their Profiles privately over the Amazon network instead of the public internet. When accessed via PrivateLink, management operations such as creating, editing, listing, and deleting Profiles occur over private connectivity between VPCs, AWS services, and on‑premises applications. This capability reduces control‑plane exposure and supports hybrid and regulated deployments.

🔒 AWS Transfer Family SFTP connectors can now route connections through your Amazon VPC, enabling secure file transfers between Amazon S3 and remote SFTP servers whether privately or publicly hosted. Connectors can present VPC CIDR IP addresses for compatibility with IP allowlists and leverage NAT Gateway bandwidth for higher-throughput internet transfers. All traffic is routed through existing VPC networking and security controls, including Transit Gateway and centralized firewalls to help meet data security mandates.

🚀 Amazon MSK Connect is now available in ten additional AWS Regions — Jakarta, Hong Kong, Osaka, Melbourne, Milan, Zurich, Bahrain, UAE, Cape Town, and Tel Aviv. MSK Connect provides fully managed Kafka Connect clusters for deploying, monitoring, and scaling connectors to move data between Apache Kafka/Amazon MSK and external systems without provisioning infrastructure. The service supports both managed and self-managed Kafka clusters and is accessible via the MSK console and CLI.

🚀 Google outlines designs for agile, fungible data centers to meet explosive AI demand, advocating modular, interoperable architectures and late-binding of facility resources. It highlights Project Deschutes liquid cooling, +/-400Vdc power proposals with Mt. Diablo side-car designs, and open efforts like Caliptra 2.0 and OCP L.O.C.K.. The post calls for community standards across power, cooling, telemetry, networking, and security to improve resilience, sustainability, and operational flexibility.

🔍 AWS Resource Explorer now provides immediate access to resource search within each AWS Region without requiring prior activation. To start searching you need, at minimum, permissions granted by the AWS Resource Explorer Read Only Access or AWS Read Only Access managed policies, and you can discover resources via the Resource Explorer console, Unified Search, or AWS CLI/SDKs. To index the full inventory, including historical backfill and automatic updates, complete Resource Explorer setup so it can create a service-linked role. You can also enable cross-Region search with a single console click or the new CreateResourceExplorerSetup API, and the feature is available at no additional cost in supported Regions.

📣 AWS Config now supports three additional resource types—AWS::ApiGatewayV2::Integration, AWS::CloudTrail::EventDataStore, and AWS::Config::StoredQuery—providing broader visibility across AWS environments. If you have recording enabled for all resource types, AWS Config will automatically begin tracking these new types. They are available for use in Config rules and Config aggregators in all Regions where the resources exist. This expansion enhances your ability to discover, assess, audit, and remediate a wider range of resources.

🔒 SonicWall has confirmed that threat actors stole backup files configured for the MySonicWall cloud backup service, and that the incident affects all customers using the feature. The company says the files contain encrypted credentials and configuration data, which could raise the risk of targeted attacks despite encryption. SonicWall has published an urgency-classified device list and a detailed admin playbook; customers are urged to check devices and apply updates promptly.