< ciso
brief />
Tag Banner

All news with #data security tag

99 articles · page 3 of 5

AWS Pricing for VPC Encryption Controls Moves to Paid

🔒 AWS is introducing pricing for VPC Encryption Controls, a regional capability that audits and enforces encryption-in-transit for traffic within and across Virtual Private Clouds. The feature supports Monitor mode to detect unencrypted flows and Enforce mode to prevent the creation or operation of resources that allow unencrypted traffic. Beginning March 1, 2026, AWS will apply a fixed hourly charge to every non-empty VPC with Encryption Controls enabled; empty VPCs enabled with the feature are not charged. When encryption is enabled on a Transit Gateway, standard VPC Encryption Controls charges apply to all VPCs attached to that Transit Gateway regardless of each VPC's mode or whether they are empty.
read more →

Manual Data Transfers Threaten National Security Readiness

🔒 More than half of national security organizations still rely on manual processes to transfer sensitive data, the CYBER360 report warns. The article highlights how human-dependent transfers introduce delays, audit gaps, and exploitable seams that adversaries can weaponize. It urges adoption of automated, policy-driven controls—centered on Zero Trust, data-centric protection, and cross-domain solutions—to restore speed, accountability, and mission resilience.
read more →

AWS Clean Rooms Adds Remote Apache Iceberg Catalog Support

🔒 AWS Clean Rooms now supports catalog federation for remote Apache Iceberg REST catalogs, enabling direct, secure access to Iceberg tables stored in Amazon S3 without replicating table metadata. Using AWS Glue catalog federation, organizations can include remote Iceberg catalogs in Clean Rooms collaborations so partners can jointly analyze combined datasets while keeping underlying data private. This reduces the need for ETL pipelines and simplifies cross‑party analytics between organizations such as publishers and advertisers.
read more →

Study Finds Multiple Cloud Password Managers Vulnerable

🔒 A new study from ETH Zurich and Università della Svizzera italiana shows that cloud-based password managers, including Bitwarden, Dashlane, and LastPass, can be vulnerable to password recovery and integrity attacks under a malicious-server model. Researchers identified 25 distinct attack variants ranging from metadata leakage and item swapping to full organizational vault compromise. Vendors have issued patches or mitigation roadmaps and say there is no evidence of in-the-wild exploitation.
read more →

Researchers Find Multiple Flaws in Cloud Password Managers

🔐 A team of researchers from ETH Zurich and USI disclosed 27 successful attack scenarios against cloud-based password managers from Bitwarden, LastPass, Dashlane and 1Password, challenging vendors' zero-knowledge claims. The attacks exploit design and cryptographic flaws — including unauthenticated public keys, missing ciphertext integrity and KDF downgrades — enabling vault compromise, password recovery and mass takeover. Vendors report remediation is underway; users should verify fixes and follow advisories.
read more →

AWS Backup adds PrivateLink support for SAP HANA on EC2

🔒 AWS Backup now supports AWS PrivateLink for SAP HANA systems running on Amazon EC2. This lets customers route backup traffic over private VPC endpoints instead of the public internet, helping meet security and compliance requirements for regulated workloads. Organizations subject to HIPAA, PCI DSS and privacy frameworks can maintain end-to-end private connectivity for both application and backup data. The feature is available in all AWS Regions that support SAP HANA on EC2; to enable it, update the Backint agent and add the backup-storage VPCE to your VPC.
read more →

Bitwarden launches Cupid Vault for secure account sharing

🔐 Bitwarden has introduced Cupid Vault, a free feature that lets users create a two-person shared Organization to securely share login credentials with a trusted email address. Owners assign credentials to the second member, can verify enrollments using a fingerprint phrase to prevent man‑in‑the‑middle attacks, and can revoke access at any time; the Organization vault is isolated from personal vaults. Cupid Vault is limited to two users and two collections and is distinct from Bitwarden's paid Family, Teams, and Enterprise plans that provide broader sharing and role-based controls.
read more →

AWS Data Transfer Terminal Expands to Six Cities Globally

📦 AWS announced that AWS Data Transfer Terminal is now available in six additional locations: Seattle and Phoenix (US), London (UK), Paris (France), Sydney (Australia), and Tokyo (Japan), expanding its footprint beyond San Francisco, Los Angeles, New York City, and Munich. These secure physical facilities let customers upload large datasets directly to Amazon S3, Amazon EFS, and other AWS services over high-throughput connections, accelerating ingestion and enabling immediate analytics and ML processing for media, automotive, financial, and industrial workloads.
read more →

Amazon OpenSearch Serverless Adds Collection Groups

🔐 Amazon OpenSearch Serverless now supports Collection Groups, enabling you to share OpenSearch Compute Units (OCUs) across collections that use different AWS KMS keys. This shared compute model reduces overall OCU costs while preserving collection-level security and access controls. Collection Groups also let you set minimum and maximum OCU allocations, allowing predictable startup capacity and eliminating cold-start latency for latency-sensitive workloads.
read more →

AWS HealthImaging Adds JPEG XL Support for DICOM Storage

🏥 AWS HealthImaging now supports storing and retrieving lossy compressed medical images using the JPEG XL DICOM transfer syntax (1.2.840.10008.1.2.4.112). This enables applications such as digital pathology whole slide imaging systems to consume native JPEG XL-encoded frames without on-the-fly transcoding. HealthImaging preserves image fidelity, reduces storage costs, and avoids retrieval latency caused by transcoding. JPEG XL support is available in all Regions where the service is generally available.
read more →

Half of Employees Use Unsanctioned AI; Leaders Complicit

🔒 A BlackFog survey reports that 49% of workers use AI tools at work without employer approval, often relying on free versions that may retain and use corporate data. Senior leaders appear surprisingly tolerant—69% of presidents and C-suite members and 66% of directors and senior VPs prioritize speed and efficiency over privacy. The study highlights risks to intellectual property and sensitive employee and financial data when unsanctioned tools are connected to corporate systems. It recommends audits, clear policies, vendor verification, and employee education to regain visibility and control.
read more →

2026 Data Security Index: Securing AI and Sensitive Data

🔒 The 2026 Microsoft Data Security Index explores how organizations can harness generative AI while protecting sensitive information and maintaining productivity. Based on responses from more than 1,700 security leaders, the report highlights three priorities: consolidating fragmented tools into unified platforms, managing AI-driven workflows securely, and leveraging generative AI to strengthen security operations. It recommends practical approaches using Microsoft Purview for continuous discovery and governance and Microsoft Security Copilot for automated investigation with human oversight.
read more →

Amazon S3 Storage Lens Now in AWS GovCloud (US) Regions

🔍 Amazon S3 Storage Lens is now available in AWS GovCloud (US) Regions, providing organization-wide visibility into object storage usage and activity. S3 Storage Lens delivers cost, data protection, and performance metrics to identify inefficient access patterns, incomplete multipart uploads, and buckets with non-current object versions. Free basic metrics include 14 days of history while advanced metrics offer extended retention and greater detail.
read more →

Google's Personal Intelligence Links Data to Gemini

🔐 Google is rolling out a new Personal Intelligence capability in Gemini that can access information from Gmail, Google Photos, Search, YouTube and other Google products to generate more personalized responses. The feature is opt-in, off by default, and users can choose which apps to connect, disconnect them, or turn the feature off at any time. Google illustrates uses such as pulling tire specifications from photos and emails or extracting a license plate from an image to confirm vehicle details. The functionality is launching as a U.S. beta for eligible subscribers, and Google warns that the model can still produce inaccuracies or over-personalization, inviting users to provide feedback.
read more →

Comments to SQL in BigQuery: Natural-Language Querying

🔎 Comments to SQL in BigQuery introduces an AI-driven way to write queries by placing natural-language expressions inside SQL comments. The system analyzes surrounding SQL context and translates plain English prompts into executable BigQuery SQL across SELECT, FROM, WHERE, GROUP BY and other clauses. It supports iterative refinement and aims to help both non-SQL users and experienced analysts move faster.
read more →

64% of Third-Party Apps Access Sensitive Data in 2026

🔒 New 2026 analysis of 4,700 leading websites finds 64% of third-party applications access sensitive data without demonstrable business justification, rising from 51% in 2024. The report identifies recurring causes such as over-permissioned scripts, shadow deployments via tag managers, and persistent trackers. Specific tools flagged include Google Tag Manager, Shopify apps, and the Facebook Pixel, while government and education sites show marked increases in compromise. The study cautions that governance gaps and limited mitigation adoption leave organizations exposed.
read more →

AWS Glue Zero-ETL Expands to Seven Additional Regions

🔁 AWS Glue zero-ETL now supports ongoing replication from self-managed Oracle, SQL Server, MySQL, and PostgreSQL databases into Amazon Redshift in seven additional AWS Regions. The no-code integration automatically creates and manages an ongoing replication pipeline, removing much of the setup and configuration complexity. This capability reduces operational burden and can save weeks of engineering effort for teams migrating or consolidating data into Redshift. Newly added regions include Hong Kong, Tokyo, Singapore, Sydney, London, São Paulo, and US (Virginia).
read more →

AWS Clean Rooms: Change Requests for Collaborations

🔒 AWS Clean Rooms now supports change requests for existing collaborations, enabling participants to propose updates such as adding new members, adjusting member abilities, and modifying auto-approval behavior. All members must approve change requests before updates take effect, and every request is recorded in the collaboration change history for member review. This preserves existing privacy controls while reducing onboarding time and speeding time-to-insight—for example, a publisher can add an advertiser’s marketing agency to receive analysis results directly.
read more →

Amazon OpenSearch adds writable warm tier on OI2 instances

🔁 Amazon OpenSearch Service introduces a multi-tier storage option using OpenSearch Optimized (OI2) instances that combine local instance storage with Amazon S3 to enhance durability and performance. The architecture provides a hot tier for frequently accessed data and a writeable warm tier on OI2 (sizes large–8xlarge) that supports writes and automated age-based rotation via Index State Management. Warm capacity is addressable up to five times the local cache, and standard Managed Storage charges apply.
read more →

AWS DataSync Enhanced Mode Adds On‑Premises File Transfers

🚀 AWS DataSync Enhanced mode now supports direct transfers between on‑premises NFS/SMB file servers and Amazon S3, removing file count limits and using parallel processing to boost throughput and scalability. The mode delivers detailed transfer metrics for improved monitoring and management and accelerates use cases such as generative AI dataset movement, data lake synchronization, and large‑scale migrations. This capability is available in all AWS Regions where DataSync is offered.
read more →