< ciso
brief />
Tag Banner

All news with #network security tag

150 articles

Enterprises favor convenience, increasing lateral movement risk

🔒 Zero Networks’ 2026 report, analyzing 54 trillion activities across 312 enterprise environments, finds that most internal servers remain broadly reachable and rely on legacy protocols. The study highlights that >80% of servers are accessible from anywhere inside networks, with 87% accepting RDP/SSH and 78% reachable via SMB/WinRM, while 43% still use NTLM. Experts warn this widespread internal connectivity enables easy lateral movement for attackers and call for segmentation, identity controls, and containment strategies.
read more →

Top BGP Route Policy Uses by Customer Demand

🛡️ Cloud Router's BGP route policies give administrators programmatic control to filter, modify, and propagate routes using CEL expressions. Customers now use these policies to enforce strict route filtering, implement traffic steering via MED and AS-PATH prepending, and achieve stateful traffic symmetry through BGP community tagging. Policy named sets simplify managing large lists of prefixes and communities across multiple routers.
read more →

Secure container workloads with attribute-based rules

🛡️ AWS Network Firewall now supports container attribute-based rules for Amazon EKS and Amazon ECS, enabling firewall policies based on native container attributes (namespaces, pod names, labels, cluster names) instead of ephemeral IPs. This feature automatically discovers and tracks matching pods, dynamically updates IP-to-attribute mappings, and enriches alert logs with container context for easier troubleshooting and auditing. It integrates with Suricata-compatible rules, exports logs to CloudWatch Logs and S3, and can be configured via the AWS Console, CLI, or SDK with no additional feature charge.
read more →

Amazon Neptune adds dual‑stack IPv6 support

🔷 Amazon Neptune now supports dual‑stack mode, allowing database clusters to accept connections over IPv4, IPv6, or both simultaneously. This enables organizations to adopt IPv6 while preserving compatibility with existing IPv4 deployments. Dual‑stack offers Private mode for internal, non‑internet IPv6 endpoints and Public mode for internet‑accessible IPv6 endpoints to support hybrid and internet‑facing applications. The feature is available in all AWS Regions that support Amazon Neptune.
read more →

Amazon GameLift Servers adds DDoS protection SDKs

🛡️ Amazon GameLift Servers now includes DDoS Protection client SDKs for C# and Unity, enabling developers to protect session-based multiplayer games from denial-of-service and distributed denial-of-service attacks. The service co-locates a relay network with game servers and uses access token-based authentication to allow only authorized client traffic. It enforces per-player UDP traffic limits, offers negligible latency, and is provided at no extra cost to GameLift Servers customers. The new SDKs complement existing C++ and Unreal Engine support and are available in multiple AWS regions.
read more →

AWS Network Firewall changes default stateful action

🚨 AWS Network Firewall now sets the default stateful action for newly created firewall policies to Application drop established (server-directed only), replacing the previous Application drop established (bidirectional). This safer default prevents silent drops of legitimate server-to-client TCP packets (for example, window updates, keep-alives, and resets) that caused intermittent connection issues. No action is required for new policies; existing environments that rely on bidirectional behavior for post-quantum cryptography (PQC) fragmented TLS handshakes should consult the documentation for guidance on switching or adding the to_server flag to TCP drop rules.
read more →

Amazon MQ for RabbitMQ adds private networking support

🔒 Amazon MQ for RabbitMQ now supports private networking connectivity, allowing brokers to connect to private resources in your VPC without exposing them publicly. This simplifies secure access to private identity providers (such as LDAP and OAuth 2.0), other Amazon MQ brokers, or self-hosted RabbitMQ brokers. AWS manages the underlying infrastructure using Amazon VPC Lattice, AWS RAM, and AWS PrivateLink, replacing prior NLB and NAT Gateway workarounds. Private networking is available in Regions where VPC Lattice is supported.
read more →

Cloud Network Insights: Cross-Cloud Network Observability

🔍 Cloud Network Insights is now generally available as a Google Cloud-native solution, delivered in partnership with Broadcom AppNeta, to provide end-to-end visibility across multi-cloud and hybrid networks. It uses lightweight Monitoring Points and active synthetic probes to measure RTT, packet loss, jitter, and application-level metrics like DNS and page-load times. The service integrates with Cloud Monitoring, Cloud Logging, and supports OpenTelemetry, enabling proactive alerting, SLA validation, and rapid root-cause analysis.
read more →

VPC Flow Logs Adds EC2 Tags and Next-Hop Metadata

🔍 Amazon VPC Flow Logs now supports EC2 resource tag embedding and next-hop interface metadata to simplify network monitoring and troubleshooting. With tag support you can include values from network interfaces, EC2 instances, and Auto Scaling groups, removing the need to join log data with external tag metadata. Next-hop metadata captures interface ID, subnet, AZ, VPC, and interface type to clarify traffic paths through NAT Gateways, NLBs, and Transit Gateways.
read more →

AWS May 2026 Security Digest and Updates

🛡️ This monthly AWS Security Blog digest highlights May 2026 posts on AI security, network protection, identity management, compliance guides, and supply chain defense. It summarizes new capabilities, hands-on samples, and workshops that demonstrate practical controls — from Cedar-based policy for agentic AI to URL category filtering in Network Firewall and post-quantum readiness checks.
read more →

Research shows free apps turn smart TVs into proxies

🔍 A reverse-engineered iOS SDK from Bright Data reveals free apps can turn devices, including always-on smart TVs, into exit nodes that relay web-scraping traffic. The SDK, embedded behind opt-in screens, uses peer channels with weak authentication and can bypass VPNs on iOS, allowing background relays that consume home bandwidth. Blocking a handful of SDK domains at the router or scanning apps on managed devices can stop the behavior.
read more →

AI and Evasion Force Rethink of Network Prevention

🔍 For years network security relied on content inspection and static threat intelligence, but the rise of agentic AI and evasive techniques has upended that model. Unit 42 research shows attackers exploit the IP layer and use anonymizers, rapid infrastructure rotation, and AI-enabled stealth to bypass legacy controls. Security strategies must augment deep inspection with real-time IP-layer monitoring and continuous verification to defend at machine speed.
read more →

Enforce First AS to Prevent BGP Path Forgery

🔍 Recent route hijacks exploited unused ASNs and forged AS_PATHs to misdirect traffic and conceal attackers. Cloudflare analyzed incidents reported by Spamhaus and found implausible AS relationships indicating path fabrication, including forged paths that inserted Cloudflare’s ASN. The post explains how enforcing the First AS in an AS_PATH, per RFC 4271 and RFC 7606 guidance, would block such manipulations. Cloudflare also conducted safe tests against Tier 1 peers to measure First AS enforcement and observed variation in vendor and operator behavior.
read more →

Assessment of public Wi‑Fi security in Mexico

🔍 Kaspersky analyzed public Wi‑Fi across Mexico City, Guadalajara, and Monterrey ahead of the 2026 World Cup. The team wardrove to log 84,500 signals and 69,500 unique SSIDs, finding about 82% use WPA2/WPA3 but over 10% are unsecured. WPS was enabled on roughly 45% of access points, often even when WPA2/WPA3 was in use, increasing attack risk. The report also warns of other travel threats like malicious QR codes, public USB chargers, NFC/Bluetooth exploits, and evil‑twin networks. Kaspersky recommends using cellular data or an eSIM and a VPN to stay safe when connecting to public networks.
read more →

AWS Direct Connect adds VIF Rate Limiters

🛡️ AWS Direct Connect now supports Virtual Interface (VIF) Rate Limiters on dedicated connections to prevent a single VIF from consuming all bandwidth and causing congestion. You can cap bandwidth for up to 10 VIFs per dedicated connection with increments from 50 Mbps to 1.6 Tbps when using a link aggregation group. Rate limiting applies to both ingress and egress, and excess packets are dropped. New CloudWatch metrics include utilization as a percentage of configured capacity and dropped packet counts, and the feature is available in all supported commercial and China Regions via console, API, or SDK.
read more →

Migrating to Transit Gateway‑Attached AWS Network Firewall

🔐 This post explains AWS Network Firewall's new native attachment to Transit Gateway and how it replaces the traditional inspection VPC model. It outlines benefits such as simplified architecture, centralized control, and flexible cost allocation via Transit Gateway metering policies. The article summarizes preparation steps, two common centralized architectures, a phased migration approach, and best practices for testing, rollback, and preserving NAT Elastic IPs.
read more →

AWS Network Firewall: URL and Domain Category Filtering

🔒 AWS Network Firewall adds URL and domain category filtering to simplify policy management by using AWS-managed categories instead of manual allowlists and blocklists. This reduces administrative overhead and keeps policies current as new domains appear. The feature supports domain category filtering via SNI without decryption and URL filtering with TLS inspection, and includes options for exceptions, Suricata rule support, and integrated logging for monitoring and compliance.
read more →

Azure enables seamless cross-cluster networking for AKS

🚀 Microsoft announces the public preview of cross-cluster networking for Azure Kubernetes Fleet Manager, bringing transparent east‑west multi-cluster connectivity powered by Advanced Container Networking Services. Built on Cilium and Kubefleet, this managed capability extends the Kubernetes networking model across clusters to enable direct pod-to-pod communication, policy enforcement, and observability while preserving cluster isolation. The managed approach reduces operational overhead for multi-cluster fleets and supports resilient, global, and shared‑services architectures.
read more →

ENA Express Extends High-Bandwidth Cross-AZ Traffic

ENA Express now supports high-bandwidth traffic between Amazon EC2 instances in different Availability Zones within a Region, delivering up to 25 Gbps single-flow performance. The feature uses the AWS Scalable Reliable Datagram (SRD) protocol with multi-pathing and advanced congestion control to reduce head-of-line blocking. ENA Express establishes SRD connections automatically when both instances are enabled and supports TCP and UDP transparently. The capability is available at no additional cost across a broad set of Regions and instance types.
read more →

Route 53 Resolver Adds DNS64 and IPv6 Outbound Support

🌐 Amazon Web Services announced that Route 53 Resolver endpoints now support DNS64 on inbound endpoints and IPv6 forwarding through the internet gateway (IGW) on outbound endpoints. DNS64 lets IPv6-only on-premises clients reach IPv4-only services in VPCs by synthesizing AAAA records from existing A records, removing the need to modify those services. Outbound IPv6 forwarding enables Resolver outbound endpoints to forward queries to public IPv6 name servers via the IGW. These capabilities are available at no additional cost in Regions that support Route 53 Resolver endpoints.
read more →