Government and telecommunications sectors in Southeast Asia have become the target of a “sophisticated” campaign undertaken by a new advanced persistent threat (APT) group called Earth Kurma since June 2024.
The attacks, per Trend Micro, have leveraged custom malware, rootkits, and cloud storage services for data exfiltration. The Philippines, Vietnam, Thailand, and Malaysia are among the
from The Hacker News https://ift.tt/10suTnv
via IFTTT
As businesses and individuals increasingly rely on cloud services for storage, collaboration, and computing power, the importance of securing cloud environments has never been more critical. Cloud computing offers numerous advantages, including scalability, accessibility, and cost-efficiency. However, with these benefits come significant security risks, such as data breaches, unauthorized access, and potential cyberattacks. To safeguard sensitive information and ensure secure operations, it’s essential to follow best practices in cloud security.
Whether you’re a business leader, an IT professional, or an individual user, understanding and implementing these essential cloud security practices can significantly reduce the risks associated with cloud computing.
1. Use Strong and Unique Passwords
One of the most basic yet crucial security practices is ensuring that you use strong, unique passwords for your cloud accounts. Many users make the mistake of reusing passwords or opting for simple combinations, which can be easily guessed or cracked by attackers.
• Tips for creating strong passwords:
o Use a mix of upper and lowercase letters, numbers, and special characters.
o Avoid common phrases or predictable sequences (e.g., “123456” or “password”).
o Consider using a passphrase—a sequence of random words that are easy to remember but difficult to guess.
Additionally, make use of password managers to store and manage your passwords securely. These tools help generate strong passwords and reduce the risk of using weak or repeated ones across multiple platforms.
2. Enable Multi-Factor Authentication (MFA)
Even the strongest password can be compromised. That’s why Multi-Factor Authentication (MFA) is a critical layer of security that every user should enable. MFA requires users to provide two or more verification factors before gaining access to their accounts. This typically includes something you know (a password), something you have (a mobile device or security token), or something you are (biometric authentication like fingerprints or face recognition).
• Why MFA is essential:
o Even if an attacker manages to steal your password, they will still need the second factor to access your account.
o MFA drastically reduces the chances of unauthorized access, especially in cases of data breaches or phishing attacks.
3. Regularly Update and Patch Cloud Systems
Cloud service providers (CSPs) are responsible for securing the underlying infrastructure, but users must also maintain their own security by keeping applications and software up to date. This includes cloud-based applications, third-party integrations, and any software you may be using in conjunction with your cloud services.
• Why updates matter:
o Security patches and updates fix vulnerabilities that hackers can exploit.
o Regular updates prevent malicious actors from taking advantage of outdated systems that may have known weaknesses.
If your cloud service allows for automatic updates, enable this feature. For critical systems and applications, ensure that security patches are applied as soon as they become available.
4. Encrypt Sensitive Data
Data encryption is one of the most effective ways to protect your sensitive information, both during transmission and when stored in the cloud. Even if an attacker gains access to your cloud storage, encrypted data will be unreadable without the corresponding decryption key.
• Best practices for encryption:
o Use end-to-end encryption to ensure data is protected at all stages—whether it’s being uploaded, downloaded, or stored.
o If your cloud provider doesn’t offer built-in encryption, consider using third-party encryption tools to protect sensitive files.
o Always encrypt data before sending it over unsecured networks.
Remember, not all data needs to be encrypted, but any personal, financial, or business-critical information should be safeguarded with encryption.
5. Limit Access and Permissions
One of the easiest ways to reduce security risks is to control who has access to your cloud resources. Implement the principle of least privilege, meaning users should only have access to the data and tools necessary for their specific tasks. Regularly review and update user roles and permissions to ensure that they align with current needs.
• Key strategies for limiting access:
o Assign different levels of access based on user roles (e.g., administrator, user, guest).
o Regularly audit access logs to detect any suspicious activity or unauthorized access attempts.
o Use identity and access management (IAM) tools to help enforce strict access policies.
By limiting unnecessary access, you can minimize the potential for data leaks, malicious insider actions, and unauthorized modifications to your cloud systems.
6. Back Up Your Data Regularly
Data loss can occur for a variety of reasons, including accidental deletion, system failures, or cyberattacks. To ensure that your data is safe, you should implement regular backup practices. Cloud services often offer automated backup features, but it’s essential to verify that backups are happening on schedule and that the data is recoverable in case of emergencies.
• Best practices for backups:
o Set up automated, regular backups (daily, weekly, or monthly, depending on the criticality of the data).
o Use a multi-cloud strategy by backing up your data in more than one cloud environment to avoid vendor-specific risks.
o Regularly test your backups to ensure you can restore data quickly if needed.
Having secure, up-to-date backups will provide peace of mind in case of data loss or corruption.
7. Monitor and Log Cloud Activity
Continuous monitoring is crucial for identifying potential security threats early. Cloud service providers often offer activity logging features that record every action taken within the environment, including user logins, file access, and administrative changes.
• Why monitoring is important:
o Logs can help detect suspicious activities like unauthorized access attempts or unusual file transfers.
o Regularly reviewing logs can help you spot vulnerabilities before they are exploited by attackers.
o Automated alerting systems can notify you of potential security incidents in real-time.
By setting up monitoring tools and reviewing logs regularly, you can catch security issues before they escalate into major problems.
8. Educate and Train Users on Security Best Practices
Even with the best security technologies in place, human error is often the weakest link in cloud security. Phishing attacks, weak password practices, and inadequate understanding of security policies can all lead to significant vulnerabilities.
• Security training for employees and users:
o Conduct regular security awareness training for all users, teaching them about common threats like phishing, social engineering, and password hygiene.
o Create clear security guidelines and encourage users to follow them consistently.
o Ensure that employees understand the potential impact of security breaches on the organization.
Training is a proactive measure that helps to instill a security-first mindset and reduce the chances of breaches caused by avoidable mistakes.
Conclusion
The cloud is an indispensable part of modern computing, offering businesses and individuals a wide range of benefits. However, with its many advantages come significant security risks. By adopting these essential cloud security practices, users can better protect their data, minimize the risks of cyberattacks, and ensure the safety of their cloud environments. Strong passwords, multi-factor authentication, data encryption, and proper access control are just a few of the critical practices every user must follow to secure their cloud-based resources.
As the digital landscape evolves, so too must our approach to cloud security. Staying informed and vigilant is the key to maintaining a secure and trustworthy cloud environment.
The post Essential Cloud Security Practices Every User Must Follow first appeared on Cybersecurity Insiders.
The post Essential Cloud Security Practices Every User Must Follow appeared first on Cybersecurity Insiders.
from Cybersecurity Insiders https://ift.tt/RmhwZcI
via IFTTT
Microsoft has revealed that a threat actor it tracks as Storm-1977 has conducted password spraying attacks against cloud tenants in the education sector over the past year.
“The attack involves the use of AzureChecker.exe, a Command Line Interface (CLI) tool that is being used by a wide range of threat actors,” the Microsoft Threat Intelligence team said in an analysis.
The tech giant noted that
from The Hacker News https://ift.tt/jqtzQoy
via IFTTT
The evolving ransomware landscape and the growing threat of data exfiltration.
Ransomware is more than just a cyberthreat—in recent years it has evolved into a major societal crisis. A single successful attack can disrupt essential services, destabilize local economies, and cause cascading effects across entire communities. A notable example was the 2021 attack on Colonial Pipeline, where a single ransomware incident triggered panic buying, widespread fuel shortages, and a spike in gas prices across the East Coast of the United States. This incident made ransomware mainstream news and, what was once viewed as an IT issue, suddenly became a national emergency—proving that cybercrime can touch every corner of society.
Since that wake-up call, ransomware attacks have not only increased in frequency and scale, but they’ve also become more strategically targeted. Hospitals have been forced to cancel surgeries and redirect ambulances, while school systems have been forced to shut down operations for days or even weeks, leaving parents scrambling for childcare and students without access to education. In some cases, local governments have been unable to issue pay checks, manage utilities, or provide emergency services—putting vulnerable populations at even greater risk. Even supermarket supply chains have been disrupted, leading to shortages of food, medicines, and essential goods.
In 2025, the threat is escalating further with experts predicting a sharp rise in attacks against critical infrastructure, including water treatment facilities, transportation systems, and energy providers. These sectors are not only essential for daily life—they are also historically under-protected and increasingly interconnected, making them prime targets for exploitation. Perhaps the biggest concern is that attackers are no longer simply locking systems and encrypting data—they are now focused on exfiltrating data and using extortion tactics to threaten public exposure, regulatory fines, and reputational ruin. Disturbingly, the rate of data exfiltration in publicized attacks is now 95%. For organisations to address this threat, a shift toward proactive threat prevention, especially around data exfiltration, is critical.
Introduction to BlackFog’s platform and its pioneering on-device ADX technology
BlackFog takes a revolutionary approach to the problem of ransomware and extortion with its innovative anti data exfiltration (ADX) technology—shifting the focus from perimeter defense to monitoring data movement to ensure no unauthorized data can be removed. Instead of just detecting intrusions, BlackFog’s AI-driven ADX technology prevents cybercriminals from exfiltrating data, effectively neutralizing threats in real-time.
This proactive, AI-based solution provides 24/7 protection without requiring human intervention, unlike most cybersecurity tools today. By blocking unauthorized data transfers, BlackFog ensures that ransomware attacks are stopped before they can cause any damage.
Key Features: A breakdown BlackFog’s standout capabilities in blocking data exfiltration
BlackFog’s multi-layered approach has been meticulously designed to minimize the impact of ransomware.
With these integrated capabilities, BlackFog offers enterprises a robust, proactive defense against ransomware, significantly reducing risks and ensuring business continuity.
Stopping Ransomware at the Source: BlackFog’s preventative approach
BlackFog prevents ransomware and safeguards data through a multi-layered, prevention-first cybersecurity approach that focuses on data exfiltration prevention. BlackFog’s ADX technology filters network traffic in real-time and operates on layer 3 of the OSI stack. Using advanced AI-based algorithms, it stops cyberattacks and prevents the exfiltration of data from a device, protecting trade secrets, personally identifiable information (PII), data theft, and extortion.
Competitive Advantage: How BlackFog’s ADX technology stands out in preventing data loss and extortion
While many cybersecurity solutions focus on detecting and responding to ransomware after an attack has begun, BlackFog takes a fundamentally different, and more effective, approach by stopping attacks at the point of data exfiltration. BlackFog uses behavioral profiling and outbound data monitoring to prevent cybercriminals from extracting data from devices in real-time. This means even if malware bypasses traditional defenses, it cannot achieve its objective—stealing data for ransom and extortion. With multiple layers of defense and zero reliance on cloud processing or third-party data sharing, BlackFog delivers lightweight, privacy-first protection that neutralizes the financial and operational incentives behind ransomware. By cutting off the attacker’s ability to profit, BlackFog effectively renders these threats powerless—a strategic advantage that sets it apart from reactive solutions on the market.
Conclusion: BlackFog delivers comprehensive ransomware defense with ADX and the future of data security
As pioneers of Anti Data Exfiltration (ADX), BlackFog distinguishes itself in the cybersecurity landscape by providing a new paradigm in the fight against ransomware. Rather than focusing on defense like most other cybersecurity products, BlackFog focuses on what really matters; the data itself. BlackFog’s innovative approach challenges the status quo. By focussing on preventing data exfiltration, cybercriminals have nothing to extort you with and nothing they can trade with third parties.
By using the latest AI based algorithms refined over many years BlackFog prevents more than 99% of all ransomware. More importantly, it protects organizations from the latest AI based attacks, and threats that are yet to be developed based around a zero trust and zero day strategy.
__
About BlackFog
Founded in 2015, BlackFog is a global AI based cybersecurity company that has pioneered on-device anti data exfiltration (ADX) technology to protect organizations from ransomware and data loss. With more than 94% of all attacks involving some form of data exfiltration, preventing this has become critical in the fight against extortion, the loss of customer data and trade secrets.
BlackFog recently won the “Best Threat Intelligence Technology” in the 2024 Teiss Awards, “AI-based Cybersecurity Innovation of the Year” award in the CyberSecurity Breakthrough Awards, as well as the 2024 Fortress Data Protection award for its pioneering ADX technology. BlackFog also won Gold at the Globee awards in 2024 for best Data Loss Prevention and the State of Ransomware report which recognizes outstanding contributions in securing the digital landscape.
Trusted by hundreds of organizations all over the world, BlackFog is redefining modern cybersecurity practices. For more information visit blackfog.com.
The post A Comprehensive Review of BlackFog’s ADX Platform for Ransomware Defense first appeared on Cybersecurity Insiders.
The post A Comprehensive Review of BlackFog’s ADX Platform for Ransomware Defense appeared first on Cybersecurity Insiders.
from Cybersecurity Insiders https://ift.tt/lExOCMQ
via IFTTT
Technology teams are under more pressure than ever to deliver measurable business success. In practice, this means supporting hybrid computing and fostering robust security controls across the entire infrastructure estate, reducing disruptions and downtime and establishing a backbone for autonomous IT.
The risks of not being protected are real. In 2024, the UK Government Cyber Security Breaches Survey revealed that 50% of UK businesses had suffered a cyberattack or security breach in the previous 12 months.
With the constantly growing need to access and share data, safe and secure data transfer has become essential to enterprise operations. Against this background, managed file transfer (MFT) couldn’t be more important. Yet far from being purely an agent for moving files, MFT plays a key role in enhancing security, supporting compliance, reducing disruptions and paving the way for autonomous IT operations—ultimately helping to keep an organisation’s data more secure.
However, as CISOs wear many hats in their role, staying abreast of data transfer strategies can be a challenge. For those with homegrown, open-source and outdated file transfer methods, this can lead to costly implications and potential non-compliance.
The Biggest Challenges for Organisations to Store and Share Data Securely
When it comes to data exchanges, the primary challenges are data security and compliance. While many organisations are legally required to safeguard their data to comply with Payment Card Industry (PCI-DSS) and General Data Protection Act (GDPR) regulations, others grasp the need to mitigate the risks associated with data transfer activities and implement measures to enhance their security strategy for protecting sensitive data.
With ever-changing risks and regulatory factors, vendor management as it relates to managed file transfer solutions is vital for data exchange activities to meet the requirements of the organisation. More countries and states are mandating data security measures to help protect personal information. And the consequences of non-compliance are costly—both financially and reputationally.
Aggregating needs for encryption, user access controls and integrating compliance-driven logging and reporting requirements can seem like complex tasks. In addition, CISOs must navigate file transfer complexities across cloud environments and microservices—IT architectures that continue to evolve as they search for that “perfect balance” of flexibility, scalability, cost efficiency and data sovereignty. A mix of on-premises and cloud infrastructure systems and edge devices has become the norm.
Without the right defences, disruptions to business continuity are almost inevitable. Both minor errors and major outages can harm relationships with customers, partners and the public.
The Essential Role MFT Plays in the Move to Autonomous IT Operations
Today, progressive IT leaders are looking for solutions beyond basic task automation; they are seeking file transfer orchestration to handle more complex scenarios without human intervention.
As tech leaders faced an increasing complexity of data transfers and security and compliance requirements, the vendor marketplace responded to the needs of organisations by introducing automation and cloud offerings. By leveraging managed file transfer automation capabilities, such as workflow automation and automatic file transfers along with cloud deployment options, organisations can now extend their digital transformation initiatives to their file transfer activities. Managed file transfer is essential for protecting an organisation’s data in IT transformation.
Self-sufficient workflows are vital for enterprises aiming to achieve new levels of operational efficiency. Automating manual processes, including file transfers, has been a function of MFT solutions for years. However, by building advanced, logic-based workflows, MFT solutions can respond to real-time triggers, maintain timely delivery and notify teams about transfer status and outcomes, enabling enterprises to embrace increasingly autonomous IT operations.
The Benefits of MFT
By simplifying file transfer automation, CIOs can reduce operational overhead and improve IT efficiency. Benefits include reducing disruption and outages, harnessing hybrid computing, elevating security posture and supporting compliance.
To mitigate the risk of disruptions, more enterprises will invest in redundancy for mission-critical workflows. Automated failover, disaster recovery and high availability/web farm deployments are essential to reduce single points of failure, allowing for more resilient file transfer operations.
MFT serves as the connective tissue in an enterprise’s ecosystem of disparate systems. With the rising popularity of hybrid cloud strategies, it is critical for organisations to be able to transfer files to internal and external stakeholders, irrespective of the platform stakeholders are using and through various desktop, mobile and web applications.
Depending on the environments involved, files could traverse Windows endpoints, Linux-based servers or mainframes running in their data centres or private and public cloud endpoints in AWS, Azure or Google cloud environments. Each organisation is unique and this complexity must be considered for file transfer workflows across departments and businesses.
For global enterprises or businesses handling personal health information (PHI), personal financial and other sensitive information, the security of data before, during and after an exchange can be bolstered with the right file transfer solution. MFT’s strong authentication, encryption and access controls align with zero-trust security models and compliance standards.
As organisations continue to bolster their data governance frameworks, there is likely to be a significant rise in the importance of audit trails and reporting capabilities. This could lead to more rigorous limitations on data storage practices, ultimately phasing out non-archive systems for sensitive data management.
Key Considerations for Choosing an Effective MFT Solution
There are some key features of an MFT solution that enable CISOs to prioritise their optimisation of data security and workflow efficiency:
The post Why Managed File Transfer (MFT) Is Essential for Autonomous IT Operations first appeared on Cybersecurity Insiders.
The post Why Managed File Transfer (MFT) Is Essential for Autonomous IT Operations appeared first on Cybersecurity Insiders.
from Cybersecurity Insiders https://ift.tt/rw6mgYQ
via IFTTT
Blue Shield of California, a nonprofit health insurance provider, is making headlines this week after revealing that its members’ personal data was compromised in a breach that may have been caused by a misconfiguration or insider threat. Over 4.7 million members are affected, with sensitive data fraudulently accessed by the Google Ads platform.
According to records obtained by Cybersecurity Insiders, Blue Shield was originally meant to share only anonymized data with Google Analytics for research and development purposes. This arrangement was designed to help the company gain insights into its services and improve user experience. However, an unexpected error—whether from a technical misconfiguration or an insider threat—resulted in Google’s advertising platform gaining unauthorized access to private member data. This could have allowed the internet giant to target affected individuals with highly specific, personalized ads.
The breach exposed a range of sensitive information, but fortunately, the situation could have been much worse. Initial investigations by Blue Shield confirm that while some personal data was accessed, critical personal identifiable information (PII), such as social security numbers, driver’s license details, banking information, and credit card numbers, were not compromised. This is because these types of data were securely stored on a separate server and were not part of the breach.
However, the data that was accessed still contains enough sensitive details to raise concerns. The compromised information includes:
A.) Insurance details, such as insurance numbers and types of coverage,
B.) Demographic data, including the member’s city, zip code, and family size,
C.) Medical history, which could be used for profiling or even discriminatory purposes.
These details, while not as dangerous as full PII data, can still be used in ways that violate the privacy of Blue Shield’s members. The organization has since warned members to stay vigilant against possible identity theft attempts and to be cautious of phishing schemes or fraud that may arise from this breach.
Interestingly, this is not the first time Blue Shield has faced a major cybersecurity incident. Exactly one year ago, the company was targeted by a BlackSuit Ransomware attack, which was linked to Connexure (formerly Young Consulting), a company that provides software and services to healthcare providers, including Blue Shield. The nature of the attacks—along with the similarity in timing—raises questions about whether these events are part of a larger, coordinated effort to exploit vulnerabilities in the healthcare sector.
Despite the severity of the breach and the potential risks for its members, Blue Shield has yet to offer any identity theft protection services to those affected. This decision has drawn criticism from privacy advocates, as such protection is often considered a necessary measure following data breaches of this scale.
For now, Blue Shield is urging its members to remain alert and to monitor their financial accounts and healthcare records for any signs of misuse. However, the company has yet to explain why it has chosen not to extend further protective measures, leaving many members to question the adequacy of its response.
As cybersecurity incidents continue to rise across various industries, this breach serves as a stark reminder of the importance of safeguarding sensitive data, particularly in the highly regulated healthcare space. With the growing reliance on cloud services, analytics, and advertising platforms, organizations like Blue Shield must invest in robust security measures to ensure their data handling practices are both secure and compliant.
The post Blue Shield of California Faces Data Breach Amid Misconfigured Access to Google Ads Platform first appeared on Cybersecurity Insiders.
The post Blue Shield of California Faces Data Breach Amid Misconfigured Access to Google Ads Platform appeared first on Cybersecurity Insiders.
from Cybersecurity Insiders https://ift.tt/uGiaIzj
via IFTTT
Recently added artificial intelligence capabilities on the Chinese-language Darcula phishing-as-a-service platform make phishing attacks easy for even the least technical hackers.
from darkreading https://ift.tt/NrgJmS5
via IFTTT
The US East (Northern Virginia) Region was the first Region launched by Amazon Web Services (AWS), and it has seen tremendous growth and customer adoption over the past several years. Now hosting active customers ranging from startups to large enterprises, AWS has steadily expanded the US East (Northern Virginia) Region infrastructure and capacity. The US East (Northern Virginia) Region consists of six Availability Zones, providing customers with enhanced redundancy and the ability to architect highly available applications.
Today, we’re announcing that a new Availability Zone located in Maryland will be added to the US East (Northern Virginia) Region, which is expected to open in 2026. This new Availability Zone will be connected to other Availability Zones by high-bandwidth, low-latency network connections over dedicated, fully redundant fiber. The upcoming Availability Zone in Maryland will also be instrumental in supporting the rapid growth of generative AI and advanced computing workloads in the US East (Northern Virginia) Region.
All Availability Zones are physically separated in a Region by a meaningful distance, many kilometers (km) from any other Availability Zone, although all are within 100 km (60 miles) of each other. The network performance is sufficient to accomplish synchronous replication between Availability Zones in Maryland and Virginia within the US East (Northern Virginia) Region. If your application is partitioned across multiple Availability Zones, your workloads are better isolated and protected from issues such as power outages, lightning strikes, tornadoes, earthquakes, and more.
With this announcement, AWS now has four new Regions in the works—New Zealand, Kingdom of Saudi Arabia, Taiwan, and the AWS European Sovereign Cloud—and 13 upcoming new Availability Zones.
Geographic information for the new Availability Zone
In March, we provided more granular visibility into the geographic location information of all AWS Regions and Availability Zones. We have updated the AWS Regions and Availability Zones page to reflect the new geographic information for this upcoming Availability Zone in Maryland. As shown in the following screenshot, the infrastructure for the upcoming Availability Zone will be located in Maryland, United States of America, for the US East (Northern Virginia) us-east-1 Region.
You can continue to use this geographic information to choose Availability Zones that align with your regulatory, compliance, and operational requirements.
After the new Availability Zone is launched, it will be available along with other Availability Zones in the US East (Northern Virginia) Region through the AWS Management Console, AWS Command Line Interface (AWS CLI), and AWS SDKs.
Stay tuned
We plan to make this new Availability Zone in the US East (Northern Virginia) Region generally available in 2026. As usual, check out the Regional news of the AWS News Blog so that you’ll be among the first to know when the new Availability Zone is open!
To learn more, visit the AWS Global Infrastructure Regions and Availability Zones page or AWS Regions and Availability Zones in the AWS documentation and send feedback to AWS re:Post or through your usual AWS Support contacts.
— Channy
How is the News Blog doing? Take this 1 minute survey!
(This survey is hosted by an external company. AWS handles your information as described in the AWS Privacy Notice. AWS will own the data gathered via this survey and will not share the information collected with survey respondents.)
from AWS News Blog https://ift.tt/vPRCq07
via IFTTT
Today, we are announcing that AWS AppSync Events now supports data source integrations for channel namespaces, enabling developers to create more sophisticated real-time applications. With this new capability you can associate AWS Lambda functions, Amazon DynamoDB tables, Amazon Aurora databases, and other data sources with channel namespace handlers. With AWS AppSync Events, you can build rich, real-time applications with features like data validation, event transformation, and persistent storage of events.
With these new capabilities, developers can create sophisticated event processing workflows by transforming and filtering events using Lambda functions or save batches of events to DynamoDB using the new AppSync_JS batch utilities. The integration enables complex interactive flows while reducing development time and operational overhead. For example, you can now automatically persist events to a database without writing complex integration code.
First look at data source integrations
Let’s walk through how to set up data source integrations using the AWS Management Console. First, I’ll navigate to AWS AppSync in the console and select my Event API (or create a new one).
Persisting event data directly to DynamoDB
There are multiple kinds of data source integrations to choose from. For this first example, I’ll create a DynamoDB table as a data source. I’m going to need a DynamoDB table first, so I head over to DynamoDB in the console and create a new table called event-messages. For this example, all I need to do is create the table with a Partition Key called id. From here, I can click Create table and accept the default table configuration before I head back to AppSync in the console.
Back in the AppSync console, I return to the Event API I set up previously, select Data Sources from the tabbed navigation panel and click the Create data source button.
After giving my Data Source a name, I select Amazon DynamoDB from the Data source drop down menu. This will reveal configuration options for DynamoDB.
Once my data source is configured, I can implement the handler logic. Here’s an example of a Publish handler that persists events to DynamoDB:
import * as ddb from '@aws-appsync/utils/dynamodb'
import { util } from '@aws-appsync/utils'
const TABLE = 'events-messages'
export const onPublish = {
request(ctx) {
const channel = ctx.info.channel.path
const timestamp = util.time.nowISO8601()
return ddb.batchPut({
tables: {
[TABLE]: ctx.events.map(({id, payload}) => ({
channel, id, timestamp, ...payload,
})),
},
})
},
response(ctx) {
return ctx.result.data[TABLE].map(({ id, ...payload }) => ({ id, payload }))
},
}To add the handler code, I go the tabbed navigation for Namespaces where I find a new default namespace already created for me. If I click to open the default namespace, I find the button that allows me to add an Event handler just below the configuration details.
Clicking on Create event handlers brings me to a new dialog where I choose Code with data source as my configuration, and then select the DynamoDB data source as my publish configuration.
After saving the handler, I can test the integration using the built-in testing tools in the console. The default values here should work, and as you can see below, I’ve successfully written two events to my DynamoDB table.
Here’s all my messages captured in DynamoDB!
Error handling and security
The new data source integrations include comprehensive error handling capabilities. For synchronous operations, you can return specific error messages that will be logged to Amazon CloudWatch, while maintaining security by not exposing sensitive backend information to clients. For authorization scenarios, you can implement custom validation logic using Lambda functions to control access to specific channels or message types.
Available now
AWS AppSync Events data source integrations are available today in all AWS Regions where AWS AppSync is available. You can start using these new features through the AWS AppSync console, AWS command line interface (CLI), or AWS SDKs. There is no additional cost for using data source integrations – you pay only for the underlying resources you use (such as Lambda invocations or DynamoDB operations) and your existing AppSync Events usage.
To learn more about AWS AppSync Events and data source integrations, visit the AWS AppSync Events documentation and get started building more powerful real-time applications today.
How is the News Blog doing? Take this 1 minute survey!
(This survey is hosted by an external company. AWS handles your information as described in the AWS Privacy Notice. AWS will own the data gathered via this survey and will not share the information collected with survey respondents.)
from AWS News Blog https://ift.tt/UuhHxTO
via IFTTT
By proactively embracing emerging trends around encryption, AI security, and platform consolidation, organizations can turn compliance burdens into competitive advantage.
from darkreading https://ift.tt/ry1RT0N
via IFTTT