Security News

Amazon Web Services announced three new analytics capabilities that dramatically improve the performance of Amazon Redshift data warehouses, make it significantly easier for customers to move and combine data across data stores, and make it much simpler for end-users to get more value from their business data using machine learning. AWS customers use a wide variety of analytics tools for different use cases, including Amazon Athena for serverless querying, Amazon Elasticsearch Service for searching and visualizing log data, Amazon Kinesis for processing real-time data streams, Amazon Redshift for data warehousing, and Amazon EMR for running Apache Spark, Hive, Presto, and other big data frameworks.

With just a few clicks in the Amazon DevOps Guru console, historical application and infrastructure metrics like latency, error rates, and request rates for all resources are automatically ingested and analyzed to establish normal operating bounds, and Amazon DevOps Guru then uses a pre-trained machine learning model to identify deviations from the established baseline. Together with Amazon CodeGuru - a developer tool powered by machine learning that provides intelligent recommendations for improving code quality and identifying an application's most expensive lines of code - Amazon DevOps Guru provides customers the automated benefits of machine learning for their operational data so that developers can more easily improve application availability and reliability.

Built on Mac mini computers, EC2 Mac instances enable customers to run on-demand macOS workloads in the AWS cloud for the first time ever, extending the flexibility, scalability, and cost benefits of AWS to all Apple developers. Similar to other Amazon EC2 instances, customers can easily use EC2 Mac instances together with AWS services and features like Amazon Virtual Private Cloud for network security, Amazon Elastic Block Storage for expandable storage, Amazon Elastic Load Balancer for distributing build queues, and Amazon Machine Images for OS image orchestration.

A rather complex phishing scheme for stealing Office 365 credentials from small and medium-sized businesses in the U.S. and Australia combines cloud services from Oracle and Amazon into its infrastructure. According to their research, the threat actor sends phishing messages from compromised email accounts and uses Amazon Web Services and Oracle Cloud in the redirect chain.

Amazon Web Services announced the general availability of Amazon Managed Workflows for Apache Airflow, a new managed service that makes it easy for data engineers to execute data processing workflows in the cloud. Amazon MWAA makes it easy for customers to build and execute Apache Airflow workflows in AWS. Amazon MWAA manages the provisioning and ongoing maintenance of Apache Airflow so customers no longer need to worry about patching, scaling, or securing self-managed Apache Airflow implementations.

Imagine someone hacking into an Amazon Alexa device using a laser beam and then doing some online shopping using that person account. The same team that last year mounted a signal-injection attack against a range of smart speakers merely by using a laser pointer are still unraveling the mystery of why the microelectro-mechanical systems microphones in the products turn the light signals into sound.

Matt Lewis, with NCC Group, talks to Threatpost about a slew of security and privacy issues found in smart doorbells that are being sold on Amazon and eBay. Researchers have found serious security and privacy issues in 11 different smart doorbells, distributed via online marketplaces like Amazon and eBay, which could be exploited by attackers to physically switch off the devices.

Tufin announced it will integrate with AWS Network Firewall, a new managed service that makes it easy to deploy essential network protections for all Amazon Virtual Private Clouds on Amazon Web Services, on-premise data centers and other cloud platforms for full visibility across the enterprise. "AWS is a very important cloud provider for our customers today and into the future, which is why we are excited to expand our collaboration and be a Launch Partner for AWS Network Firewall," said Pamela Cyr, Senior Vice President of Business and Corporate Development, Tufin.

Instagram and TikTok social-media influencers Kelly Fitzpatrick and Sabrina Kelly-Krejci are among 13 defendants in a lawsuit filed by Amazon, which alleges that they participated in an an online scam to sell counterfeit luxury goods. Counterfeit goods are strictly forbidden in the Amazon marketplace, but generic products - often called "Dupes" - are allowed.

Amazon Web Services announced the general availability of Amazon Elastic Compute Cloud P4d instances, the next generation of GPU-powered instances delivering 3x faster performance, up to 60% lower cost, and 2.5x more GPU memory for machine learning training and high-performance computing workloads when compared to previous generation P3 instances. Using P4d instances with AWS's Elastic Fabric Adapter and NVIDIA GPUDirect RDMA, customers are able to create P4d instances with EC2 UltraClusters capability.