All news with #cloud security tag

⚡ Amazon Aurora PostgreSQL now supports Graviton4-based R8g DB instances in AWS Canada (Central), Asia Pacific (Singapore), and Asia Pacific (Seoul). R8g offers larger sizes up to 48xlarge with an 8:1 memory-to-vCPU ratio and DDR5 memory, including new 24xlarge and 48xlarge options delivering up to 192 vCPUs, up to 50 Gbps networking, and up to 40 Gbps EBS bandwidth. AWS reports up to 40% performance and up to 29% price/performance improvements over Graviton3 equivalents, varying by engine, version, and workload. You can launch or upgrade instances through the Amazon RDS console or AWS CLI with a simple instance type modification.

🔒 The 2025 Unit 42 Global Incident Response Report shows that nearly a third of incidents investigated in 2024 were cloud-related, with 21% of cases directly impacting cloud assets. The article stresses the importance of the shared responsibility model and full, dynamic visibility to manage resource sprawl, misconfigurations and complex cloud-native architectures. It highlights identity misuse and overpermissioned accounts as frequent attack vectors and urges least privilege, credential rotation and robust logging. Palo Alto Networks recommends unified posture and response through Cortex Cloud and integration with Cortex XSIAM to reduce noise and automate remediation.

🔍 A majority of CISOs want full visibility into data flows across hybrid cloud environments but often lack suitable tooling. The Gigamon study CISO Insights: Recalibrating Risk in the Age of AI, surveying 1,021 security and IT leaders including 200 CISOs in early 2025, reports that network data volumes have nearly doubled due to AI and that 86% favor combining packet and metadata. However, 97% admit they must compromise on transparency, and many distrust public cloud security.

🔎 FortiCNAPP consolidates related cloud signals into composite alerts, reducing noise and prioritizing high-confidence incidents so SOC teams can focus on what matters. Its Observation Timeline sequences logins, API calls, commands, and network traffic into a single, evidence-backed storyline. An AI Alert Assistant supports natural-language queries and returns structured answers, visual relationships, and prioritized remediation steps to accelerate containment and help junior analysts act confidently.

🔍 Unit 42 outlines a structured approach to investigating and responding to cloud incidents, noting that 29% of 2024 incident investigations involved cloud or SaaS environments. The guidance emphasizes a shift from endpoint-centric forensics to focus on identities, misconfigurations and service interactions. It recommends enabling and centralizing logs, retaining them for at least 90 days, and preparing for rapid evidence collection and VM/container imaging. The article stresses identity forensics, behavioral baselining and surgical containment to avoid alerting adversaries.

🔐 The 2025 State of Cloud Security Report from Fortinet and Cybersecurity Insiders highlights how accelerating cloud adoption and a widespread cybersecurity skills shortage are expanding organizational risk across SaaS, APIs, and hybrid environments. Many incidents result from human error — misconfigurations, exposed APIs, and overprivileged accounts — rather than sophisticated targeted attacks. The post recommends five practical measures, including embracing shared responsibility, enforcing MFA and least privilege, integrating security into CI/CD, automating configuration management, and monitoring SaaS and APIs, and stresses that tools must be paired with user awareness and cultural change.

🔔 AWS has announced the general availability of AWS Service Quotas automatic quota management, a capability that monitors quota usage and notifies customers before they exhaust allocated limits. Customers can configure preferred notification channels such as email, SMS, or Slack via the Service Quotas console or API. Notifications are also surfaced in AWS Health, and related AWS CloudTrail events can be subscribed to for automation. This capability is available at no additional cost in all AWS commercial regions.

📞 Amazon Connect now supports Get Customer Input and Store Customer Input flow blocks for outbound voice whisper flows. The Get Customer Input block plays a prompt after a customer answers but before the agent connects, capturing responses via DTMF or an Amazon Lex bot. Use cases include obtaining consent for call recording and triggering Contact Lens recording and analytics. The capability is available in all AWS commercial regions and AWS GovCloud (US-West).

🔔 AWS has expanded AWS Config advanced queries and configuration aggregators to the Asia Pacific (New Zealand) region. Advanced queries provide a single query endpoint and a query language to retrieve current resource configuration and compliance state without issuing service-specific describe API calls. Aggregators enable centralized visibility by collecting configuration and compliance data from multiple accounts and Regions or across an AWS Organization. These capabilities are accessible from the AWS Console and AWS CLI and, with this expansion, are now available in all supported regions.

🔒 DZ BANK and Google Cloud present a blueprint for delivering trustworthy off‑chain data to smart contracts, addressing a key barrier to enterprise DLT adoption. The design pairs Google Cloud secure global infrastructure with DZ BANK’s deterministic financial protocols to guarantee data correctness at source, integrity in transit, and timely delivery. The Smart Derivative Contract (SDC) use case demonstrates deterministic valuation, automated margining, and cryptographic attestation of oracle outputs. Production controls such as Binary Authorization, Private Service Connect, Confidential Space (TEE), and TLS are used to mitigate software supply‑chain, transport, and runtime threats.

🌐 Amazon Keyspaces now supports IPv6 through new dual-stack endpoints that accept both IPv6 and IPv4 connections, expanding available address space while preserving compatibility with existing IPv4 applications. The enhancement enables gradual migration strategies for critical database services and reduces disruption during transition. IPv6 access is also supported via PrivateLink interface VPC endpoints for private connectivity without traversing the public internet. This capability is available now in all AWS Commercial and AWS GovCloud (US) Regions where Keyspaces is offered, at no additional cost.

🔒 This Special Report examines the distinct security challenges of cloud environments, the current threat landscape organizations face, and how rapid AI adoption is amplifying those risks. It highlights common hidden exposures across configurations, data stores, and APIs. The report also presents practical strategies and best practices for improving cloud posture, governance, and operational controls to reduce overall attack surface.

🔒 AWS DataSync now supports VPC endpoint policies, enabling administrators to control access to DataSync API operations through VPC service endpoints, including FIPS 140-3 enabled endpoints. You can restrict specific actions such as CreateTask, StartTaskExecution, or ListAgents and combine these controls with identity-based and resource-based policies. The capability is available in all AWS Regions and helps strengthen security posture and compliance when accessing DataSync via VPC endpoints.

🛰️ AWS has made AWS Cloud WAN available in AWS GovCloud (US-West) and AWS GovCloud (US-East) as of Oct 1, 2025. The service provides a central dashboard and policy-driven networking to create a global network that spans VPCs, Transit Gateways, and on-premises locations. It supports BGP-based global route exchange and connectivity via Site-to-Site VPN, Direct Connect, or third-party SD-WAN solutions. The dashboard offers consolidated visibility into network health, security, and performance to simplify operations.

🔒 Researchers at KU Leuven and the University of Birmingham disclosed Battering RAM, a low-cost DDR4 interposer attack that can undermine hardware memory encryption used in cloud environments. The $50 interposer sits transparently in the memory path, passes boot-time trust checks, and can be toggled to redirect physical addresses to attacker-controlled locations to corrupt or replay encrypted memory. The team says the technique can bypass protections such as SGX and SEV-SNP, and that meaningful mitigation would require architectural redesign of memory encryption.

🔒 Customers can now attach boot and data volumes backed by Dell PowerStore and HPE Alletra Storage MP B10000 arrays to Amazon EC2 instances on AWS Outposts, with support for authenticated and encrypted volumes. This extends external block volume support alongside NetApp and Pure Storage, enabling use of on‑premises enterprise arrays for OS boot volumes and high‑performance data volumes. AWS provides automation scripts via AWS Samples and access through the Console or CLI; third‑party integration is available on Outposts 2U servers and racks at no additional charge.

🔒 AWS Storage Gateway now supports VPC endpoint policies, allowing administrators to attach fine‑grained endpoint policies to VPC endpoints that control access to Storage Gateway direct APIs. Administrators can scope access by principal, action, and resource to reduce attack surface and enforce data protection controls. The capability is available in all Regions where Storage Gateway operates; review endpoint policies to align with your security and compliance requirements.

🚀Today AWS announced that Amazon Elastic VMware Service (Amazon EVS) is available in all availability zones in the Asia Pacific (Singapore) and Europe (London) Regions. Amazon EVS runs VMware Cloud Foundation directly within your Amazon VPC on EC2 bare-metal instances powered by AWS Nitro. You can deploy a complete VCF environment in hours using the guided configuration workflow or the AWS CLI with automated deployment, enabling faster migrations, lower latency for end users, and improved compliance and resiliency.

🔒 AWS now supports attaching VPC endpoint policies to Transfer Family interface VPC endpoints, enabling administrators to apply granular access controls to Transfer Family APIs. Administrators can restrict specific API actions, designate which principals may call them, and limit target resources. The capability integrates with existing IAM policies and organizational service control policies, and Transfer Family also supports FIPS 140-3 enabled VPC endpoints across all AWS Regions.

🔐 This post explains how to design defense-in-depth network architectures for generative AI workloads using AWS services. It outlines common external threats — including layer 4 and layer 7 DDoS, web request floods, application-specific exploits, and malicious bots — and maps mitigations to AWS capabilities. The guidance recommends private connectivity via Amazon Bedrock and AWS PrivateLink, edge protections with AWS WAF and AWS Shield, subnet-level controls using AWS Network Firewall, and continuous detection and response with GuardDuty, Inspector, and CloudWatch.