< ciso
brief />
Tag Banner

All news with #cloud security tag

605 articles · page 4 of 31

Amazon Cognito modernizes infrastructure for scale

🔒 Amazon Cognito migrated hundreds of millions of user profiles to a next-generation storage infrastructure to enable higher throughput, customer-managed encryption keys, and multi-Region replication while preserving backward compatibility and zero downtime. The architecture focuses on identity-first design, independent datasets, and reversible changes to support rapid feature iteration. Migration used shadow mode, dual-write, data backfill, anti-entropy validation, and incremental rollouts with rollback to ensure data integrity and preserve application behavior.
read more →

AWS databases now available via Vercel in more Regions

📣 Amazon Aurora PostgreSQL, Amazon Aurora DSQL, and Amazon DynamoDB serverless are now accessible through the Vercel Marketplace and v0 by Vercel in additional AWS Regions. Vercel’s flow generates spec-driven apps from natural language, provisions databases, and can create new AWS accounts with access to all three databases plus $100 USD in credits for six months. You can manage plans and view usage from the Vercel dashboard.
read more →

Amazon MQ for RabbitMQ in EU Sovereign Cloud

🔔 Amazon MQ for RabbitMQ is now available in the AWS European Sovereign Cloud (Germany) Region, an independent cloud located fully within the EU to help regulated and public sector customers meet sovereignty requirements. Amazon MQ is a managed message broker service that handles provisioning, patching, and maintenance so you can focus on applications. This launch supports RabbitMQ engine 4.2 and Graviton3-based m7g instance types from m7g.medium to m7g.16xlarge for high-performance messaging.
read more →

Compute Optimizer adds 32-day lookback for rightsizing

🛠️ AWS Compute Optimizer now supports extending the default 14-day lookback period to 32 days for Amazon EBS volume and Amazon ECS service rightsizing recommendations at no extra cost. The longer lookback captures monthly utilization patterns such as month-end processing to improve optimization decisions for cost and performance. The 32-day option is available for EC2 instance, EC2 Auto Scaling group, RDS database, EBS volume, and ECS service recommendations. You can set the lookback at organization, account, or resource level via the console, AWS SDK, or AWS CLI, and it’s available in all AWS Regions where Compute Optimizer is offered except GovCloud (US) and China.
read more →

Google Cloud Serverless Spark Runtime 3.0 Features

🚀 Managed Service for Apache Spark runtime 3.0 reduces setup and startup friction for Spark workloads. It automates IAM, networking, and API provisioning to shorten the time to first job and cuts startup latency by 75% for standard and premium tiers. The runtime adds support for GPU obtainability via Dynamic Workload Scheduler Flex Start, enhanced multi-zonal execution with no cross-zone network charges, and compatibility with upcoming Spark 4.x features like Spark Connect.
read more →

AWS Config Adds Nine New Supported Resource Types

🔔 AWS Config now supports nine additional AWS resource types across Amazon Bedrock, Amazon Bedrock AgentCore, and Amazon SageMaker. This update expands visibility and governance, allowing you to discover, assess, audit, and remediate a broader set of resources. If you record all resource types, AWS Config will automatically begin tracking these additions, and they are available for use in Config rules and Config aggregators. The newly supported resource types are listed for monitoring in all Regions where the services are available.
read more →

AWS KMS GetKeyLastUsage improves key audits

🔐 AWS KMS introduced the GetKeyLastUsage API to report the date, time, operation type, CloudTrail event ID, and KMS request ID for the most recent cryptographic operation on a key. The feature works for customer-managed and AWS-managed keys across specs and origins and is visible in the AWS Management Console and AWS CLI. Tracking of last usage began on April 23, 2026 for most Regions, so historical gaps before tracking began should be considered. Use DisableKey, monitoring, and the kms:TrailingDaysWithoutKeyUsage condition to prevent accidental deletions.
read more →

AWS Config adds internal service linked rules support

🔒 AWS Config now supports internal service linked rules, allowing AWS services to evaluate resource configurations using AWS Config managed rules. These rules let AWS services like AWS Security Hub CSPM deploy and manage service-specific evaluations, with results sent directly to the deploying service. Evaluations occur at no charge from AWS Config and run independently of customer-managed recorders and rules, preserving existing inventory and compliance workflows. The feature is available in commercial, GovCloud, and China Regions.
read more →

Microsoft Build 2026: Agentic Apps with Fabric

🧭 Microsoft highlights how AI-driven agentic workflows demand a shared data context. Microsoft Fabric is presented as a unified data and AI platform that enables developers and agents to build production-ready apps by providing consistent organizational context. New announcements include the open-source Rayfin SDK/CLI for rapid backend deployment and Azure HorizonDB (PostgreSQL-compatible) in public preview, optimized for AI workloads.
read more →

Azure Cobalt 200 VMs Boost Arm AI Workload Performance

🚀 Microsoft announced early access preview of Azure Cobalt 200 Arm-based VMs at Build 2026, delivering up to 50% generational performance improvements over Cobalt 100 for agentic AI and cloud-native Linux workloads. The Cobalt 200 SoC, built on Arm Neoverse V3 and TSMC 3nm, features chiplets, custom accelerators, and enhanced memory and security capabilities. New VM families (including high-memory and dense local storage) expand deployment choices and are available in selected preview regions.
read more →

gcs-analytics-core boosts GCS analytics performance

🚀 The post announces gcs-analytics-core, an open-source Java library that centralizes performance optimizations for Google Cloud Storage (GCS) across analytics engines like Apache Iceberg and Spark. Integrated natively in Apache Iceberg 1.11.0+, the library provides vectored I/O and smart Parquet footer prefetching to reduce I/O latency and improve throughput. Benchmarks using TPC-DS demonstrate sizable scan and execution time improvements across dataset sizes, and the project is available on GitHub for contributions and review.
read more →

Amazon RDS for SQL Server adds BYOM support

🔔 Amazon RDS for SQL Server now supports Bring Your Own Media (BYOM), enabling customers to migrate SQL Server workloads to a managed AWS service while reusing existing Microsoft SQL Server licenses and Software Assurance via Microsoft's License Mobility program. The capability integrates with AWS License Manager to help track license usage and maintain compliance. BYOM reduces the need to purchase additional SQL Server licenses or wait for existing agreements to expire when moving to RDS. It aims to simplify migrations from on‑premises, other clouds, or self‑managed EC2 deployments.
read more →

Amazon Quick adds VPC support for MCP servers

🔒 Amazon Quick now supports connecting privately hosted Model Context Protocol (MCP) servers via Amazon Virtual Private Cloud (VPC). This enables organizations to integrate proprietary MCP servers running on Amazon EC2, AWS Fargate, AWS Agentcore, or other private compute without exposing them to the public internet. During connector creation, choose your VPC and provide your MCP server URL so teams can interact with private MCPs in Quick while traffic remains routed securely through the VPC.
read more →

AWS PCS launches PCS‑ready Deep Learning AMI

🔧 AWS Parallel Computing Service (AWS PCS) now offers a PCS‑ready Deep Learning AMI, an AWS‑maintained Amazon Machine Image based on the Deep Learning Base GPU AMI (Ubuntu 24.04). It provides a production‑quality foundation for AI/ML training and HPC with preinstalled, compatibility‑tested infrastructure components such as NVIDIA drivers, CUDA, EFA, Lustre client, PCS Agent, Slurm for PCS, and EFS utilities. Multiple Slurm versions are supported and activate automatically based on cluster configuration, and AWS will regularly update the AMIs for security patches and driver updates. The AMI is available at no additional cost for x86_64 and arm64 in all Regions where AWS PCS is offered.
read more →

GKE standby buffers lower autoscaling latency and cost

🚀 Google announces GKE standby buffers to complement active buffers, providing low-cost suspended node capacity that resumes faster than cold node provisioning. Standby buffers store node state to disk, releasing compute and memory costs while keeping persistent disk and IP charges, enabling near-instant scheduling with only a small single-digit percent overhead. Together, active and standby buffers reduce pod scheduling latency, replace manual balloon-pod workarounds, and help balance performance and cost for spiky workloads.
read more →

Microsoft investigates Office and Teams file access outage

📂 Microsoft is investigating an ongoing incident that prevents some users from opening files in Office for the web and Microsoft Teams. Impacted apps include Excel and PowerPoint for the web, with affected users seeing an error stating "Office Online services aren't available right now." The company is analyzing service telemetry and has identified a potential cross-service issue while it works toward remediation.
read more →

Amazon Bedrock adds CloudWatch metrics for Mantle

🟦 Amazon Bedrock customers can now monitor inference traffic to the bedrock-mantle endpoint using Amazon CloudWatch metrics, matching existing support for the bedrock-runtime endpoint and other AWS services. The bedrock-mantle endpoint supports OpenAI Responses and Chat Completions APIs as well as the Anthropic Messages API, enabling easy migration of OpenAI- or Anthropic-based applications to Bedrock. Metrics are published under the AWS/BedrockMantle namespace and include inference counts, token totals, and client error counts across account, project, model, and project-and-model granularities. These metrics are available in all Regions where the bedrock-mantle endpoint is offered and can be used to monitor production inference, set alarms, and plan capacity.
read more →

Amazon Inspector improves EC2 agent scanning

🛡️ Amazon Inspector introduces the new Inspector VM Scanner for agent-based EC2 scanning, increasing detection coverage while lowering CPU usage on instances. The updated scanner expands findings to include software such as WordPress, Apache HTTP Server, Python packages, and Ruby gems, bringing agent-based coverage closer to agentless parity. Customers can enable the VM Scanner via the Inspector console or API, including organization-wide enablement for delegated administrators, with no additional IAM instance profile roles required.
read more →

AWS adds Budgets widgets to BCM Dashboards

📊 AWS Billing and Cost Management (BCM) now supports Budgets widgets in BCM Dashboards, allowing teams to monitor budgets alongside Cost Explorer and Savings Plans reports. Budgets widgets show budget name, budgeted amount, actual spend, and forecasted amount, with filters for name, threshold, and budget type. Widgets can be added to any dashboard, included in exports, and are available in all AWS commercial Regions at no additional charge.
read more →

ThreatsDay bulletin: emerging cloud, supply chain risks

📰 This ThreatsDay roundup highlights widespread C2 infrastructure, supply-chain trojanization, exploitation trends, and emerging AI security features. It covers a large regional C2 footprint in the Middle East, an AKS privilege escalation fix, a DAEMON Tools supply-chain compromise added to CISA's KEV, and Apple’s PQC code disclosures. The bulletin also details law firm targeting by SRG, fake installers spreading a Deno RAT, PureLogs phishing, and a spike in DACH cyberattacks.
read more →