All news with #infrastructure security tag

⚡ Customers can now create Amazon FSx for Lustre file systems in the AWS US West (Phoenix) Local Zone, bringing managed high-performance shared storage closer to compute and end users. The service supports demanding workloads such as machine learning, high performance computing (HPC), video processing, financial modeling, and electronic design automation. This local-zone availability reduces latency, improves throughput for data-intensive workloads, and can lower cross-zone or cross-region transfer overhead for applications that require fast, parallel I/O.

🚀 AWS has released ParallelCluster 3.14, adding support for the new P6e-GB200 and P6-B200 instance types and introducing prioritized allocation strategies to improve instance placement. The update also adds NICE DCV support for Amazon Linux 2023 and brings kernel 6.12. Administrators gain chef-client log visibility in the instance system console. The release enhances ParallelCluster’s ability to provision and manage HPC clusters on AWS.

⚡ Cloudflare is leveraging telemetry from its vast Free Plan and global edge to refine congestion control and improve routing across its network. By combining passive connection logs, Real User Measurement (RUM) and cross-network models, the team evaluates multiple algorithms beyond classic loss-based and BBR approaches. A migration to a Rust-based stack enables faster experimentation and parameter tuning; early QUIC tests show up to 10% performance gains. Cloudflare plans staged rollouts through 2026 and offers enterprise early access.

🔍 Cloudflare explains how it leverages the world’s largest performance dataset, combining passive transport logs with Real User Measurement (RUM), to refine congestion control across its global network. Using a new Rust-based stack and experimentation framework, the company evaluates multiple algorithms (including BBR) to predict user experience from passive signals and validate with RUM. Early tests on free-tier QUIC traffic show roughly 10% average improvement versus the prior baseline, with staged rollouts and an early-access program planned for enterprises.

🚀 Amazon EC2 R8gb instances are now generally available as EBS-optimized compute powered by AWS Graviton4. AWS reports up to 30% better compute performance versus Graviton3 and up to 150 Gbps of EBS bandwidth, delivering higher block storage throughput than same-sized Graviton4 counterparts. Sizes scale to 24xlarge (including a metal option) with up to 768 GiB memory and 200 Gbps networking; select large sizes support EFA. Initially available in US East (N. Virginia) and US West (Oregon).

🚀 Microsoft unveiled Fairwater, a purpose-built AI datacenter in Wisconsin and sister sites in Norway and the UK, designed to operate as a single, global-scale supercomputer. The facility deploys interconnected racks of NVIDIA GB200 servers (72 GPUs per rack) and claims 10× the performance of the world’s fastest supercomputer. It combines closed-loop liquid cooling, exabyte-scale storage and an AI WAN to enable distributed training and large-scale inference across Azure.

⚙️ AWS Step Functions now expands Distributed Map input sources and adds visibility metrics. Distributed Map can now iterate S3 objects via S3ListObjectsV2, read AWS Athena data manifests and Parquet files directly, and extract arrays from JSON stored in S3 or passed as state input. New observability metrics — Approximate Open Map Runs Count, Open Map Run Limit, and Approximate Map Runs Backlog Size — provide operational insight. These features are available in all commercial AWS Regions; enable Distributed Map mode in the Step Functions console and consult the developer guide for examples.

🚀 Amazon EC2 I8ge storage-optimized instances are now available in AWS Europe (Frankfurt). Powered by AWS Graviton4 processors, I8ge delivers up to 60% better compute performance versus prior Graviton2-based storage-optimized instances and uses third-generation AWS Nitro SSDs for up to 55% better real-time storage performance per TB with substantially lower latency and variability. Instances scale to 48xlarge (including metal), provide up to 1,536 GiB RAM, 120 TB local NVMe, and up to 300 Gbps networking, making them well suited for relational and non-relational databases, streaming databases, search and data analytics.

🌍 AWS now ships second-generation Outposts racks to a broad list of countries, enabling customers to deploy AWS infrastructure and services directly in on‑premises data centers and colocation sites. These racks support the latest x86 Amazon EC2 families — C7i, M7i, and R7i — delivering up to 40% better performance versus prior racks, simplified network scaling, and a new class of accelerated networking instances for ultra-low latency and high throughput. They also help address local data residency and low-latency processing requirements while remaining connected to the nearest AWS Region for management.

🩺 Amazon announces general availability of the SageMaker HyperPod health monitoring agent for Slurm clusters. The agent runs continuously on GPU- and Trainium-based nodes to perform passive background checks, detect hardware faults (for example, unresponsive GPUs and NVLink errors), and mark and replace unhealthy nodes automatically. It supports automatic reboots and coordinates with Slurm job auto-resume so training can continue from the last checkpoint, reducing manual intervention and downtime.

🛡️ Google Cloud's Network Connectivity Center provides a centralized, hub-and-spoke model to simplify and scale enterprise connectivity across VPCs, on-premises data centers, and other clouds. Architected with distinct management, control, and data planes, it employs a fail-static design so existing traffic continues during control-plane issues. The service supports up to 250 VPC spokes per hub and reduces operational overhead by automating full-mesh connectivity.

🔒 AWS now offers VPC endpoints for Amazon CloudWatch Observability Access Manager (OAM), enabling private, in-region connectivity between your VPCs and CloudWatch OAM without traversing the public internet. The endpoints support both IPv4 and IPv6 and leverage AWS PrivateLink controls such as security groups and VPC endpoint policies. Available in all commercial regions, AWS GovCloud (US), and China Regions, this lets teams manage cross-account observability links and sinks from VPCs that have no internet access.

🔒 Open-source tools can provide a cost-effective, flexible foundation for operational technology (OT) security in industrial environments. By combining passive asset discovery, protocol-aware inspection, IDS/IPS, centralized logging and vulnerability management, organizations can approximate many capabilities of expensive commercial offerings. Recommended components include Malcolm (with Zeek), Security Onion, ELK, Wazuh and OpenVAS, augmented by asset sources like NetBox. Successful deployment requires experienced OT/IT teams or external consultants to configure, tune and maintain the stack, and is not a plug-and-play substitute for vendor support.

🔁 The AWS Cloud Development Kit (CDK) CLI introduces cdk refactor (Preview), a new command that enables safe renaming, moving, and reorganization of constructs while preserving the state of deployed resources. It leverages CloudFormation refactor capabilities and automated mapping computation to prevent unintended resource replacement during code changes. Typical use cases include breaking up monolithic stacks, moving resources between stacks, and upgrading to higher-level constructs. The feature is available in all regions where AWS CDK is supported.

🏭 Tata Steel implemented a unified manufacturing data foundation on Google Cloud, centralizing OT and IT sources into a Manufacturing Data Engine built on BigQuery. The multi-path ingestion architecture leverages partners such as Litmus and ClearBlade to collect real-time PLC telemetry, while SAP, APIs, and in-house sensors feed batch and staging pipelines. The design emphasizes secure upstaging, partitioned storage with archival to Cloud Storage, and enables predictive maintenance, environmental KPI reporting, and reduced human presence in hazardous areas.

🔍 Silent Push uncovered an extensive IPTV piracy operation spanning more than 1,100 domains and over 10,000 IP addresses that has reportedly operated for several years. The investigation links the network to hosting firms XuiOne and Tiyansoft and identifies Nabi Neamati as a central operator. The infrastructure served unlicensed streams for major brands and sports leagues, and users face risks including fraud, identity theft and malware. Silent Push will present detailed findings in a webinar on 23 September 2025.

🚀 Amazon Web Services announced general availability of Amazon EC2 I8ge instances, storage-optimized instances powered by AWS Graviton4 processors. They deliver up to 60% better compute and up to 55% better real-time storage performance per TB compared with previous Graviton2/Im4gn generations. I8ge offers up to 120 TB local NVMe instance storage, 1,536 GiB memory, sizes up to 48xlarge plus two metal options, and up to 300 Gbps networking, making them suitable for real-time databases, analytics, search, and streaming workloads. Instances are available in US East (Ohio), US East (N. Virginia), and US West (Oregon).

🚀 Amazon Web Services announced the Amazon EMR S3A connector, an AWS-optimized S3 interface for Apache Hadoop, Spark, and Hive on EMR. It extends open-source S3A with AWS-specific enhancements including MagicCommitter V2, improved credentials resolution, accelerated prefix listing, and Spark fine-grained access control. The connector is pre-configured in EMR release 7.10 and later and is available in all Regions where EMR runs.

🔐 Microsoft describes a hardware-to-cloud security approach that embeds verification, isolation, and transparency across Azure infrastructure. The piece highlights purpose-built technologies such as Azure Boost for control-plane isolation, Azure Integrated HSM for server-local key protection, and a spectrum of confidential computing guarantees for workloads. It also emphasizes open-source and ecosystem efforts—Caliptra, OCP SAFE, and a Code Transparency Service—to enable verifiable supply-chain attestations and immutable firmware provenance.

📡AWS announced a new AWS Direct Connect location at the Equinix BA1 data center near Barcelona, Spain, enabling private, direct connectivity to all public AWS Regions (excluding China), AWS GovCloud Regions, and AWS Local Zones. This is the first Direct Connect site in Barcelona and the third in Spain, offering dedicated 10 Gbps and 100 Gbps circuits with MACsec encryption available. Direct Connect enables private physical connections between AWS and customer data centers or colocation facilities, delivering a more consistent network experience than the public internet.