AI is increasingly embedded into threat detection and response tools, but hallucinations can lead to false positive and inaccurate guidance. The AI-associated risk can’t be completely eradicated, but SecOps teams can take steps to at least limit the effects.
from darkreading https://ift.tt/y4jDb6X
via IFTTT
Today, we’re announcing a new publicly available source of API models for Amazon Web Services (AWS). We are now publishing AWS API models on a daily basis to Maven Central and providing open source access to a new repository on GitHub. This repository includes a definitive, up-to-date source of Smithy API models that define AWS public interface definitions and behaviors.
These Smithy models can be used to better understand AWS services and build developer tools like custom software development kits (SDK) and command line interfaces (CLIs) for connecting to AWS or testing tools for validating your application integrations on AWS.
Since 2018, we have been generating SDK clients and CLI tools using Smithy models. All AWS services are modeled in Smithy to thoroughly document the API contract including operations and behaviors like protocols, authentication, request and response types, and errors.
With this public resource, you can build and test your own applications that can integrate directly with AWS services with confidence such as:
Learn about AWS API models
You can browse the AWS service models directly on GitHub by accessing the api-models-aws repository. This repository contains Smithy models with the JSON AST format for all public AWS API services. All Smithy models consist of shapes and traits. Shapes are instances of types and traits are used to add more information to shapes that might be useful for clients, servers, or documentation.
The AWS models repository contains:
<sdk-id> of the service, where <sdk-id> is the value of the model’s sdkId, lowercased and with spaces converted to hyphens<version> of the service, where <version> is the value of the service shape’s version property.sdk-id>-<version>.json will be presentFor example, when you want to define a RunInstances API in Amazon EC2 service, the model uses service type, an entry point of an API that aggregates resources and operations together. The shape referenced by a member is called its target.
com.amazonaws.ec2#AmazonEC2": {
"type": "service",
"version": "2016-11-15",
"operations": [
....
{
"target": "com.amazonaws.ec2#RunInstances"
},
....
]The operation type represents the input, output, traits, and possible errors of an API operation. Operation shapes are bound to resource shapes and service shapes. An operation is defined in the IDL using an operation_statement. In the traits, you can find detailed API information such as documentation, examples, and so on.
"com.amazonaws.ec2#RunInstances": {
"type": "operation",
"input": {
"target": "com.amazonaws.ec2#RunInstancesRequest"
},
"output": {
"target": "com.amazonaws.ec2#Reservation"
},
"traits": {
"smithy.api#documentation": "<p>Launches the specified number of instances using an AMI for which you have....",
smithy.api#examples": [
{
"title": "To launch an instance",
"documentation": "This example launches an instance using the specified AMI, instance type, security group, subnet, block device mapping, and tags.",
"input": {
"BlockDeviceMappings": [
{
"DeviceName": "/dev/sdh",
"Ebs": {
"VolumeSize": 100
}
}
],
"ImageId": "ami-abc12345",
"InstanceType": "t2.micro",
"KeyName": "my-key-pair",
"MaxCount": 1,
"MinCount": 1,
"SecurityGroupIds": [
"sg-1a2b3c4d"
],
"SubnetId": "subnet-6e7f829e",
"TagSpecifications": [
{
"ResourceType": "instance",
"Tags": [
{
"Key": "Purpose",
"Value": "test"
}
]
}
]
},
"output": {}
}
]
}
},We use Smithy extensively to model our service APIs and provide the daily releases of the AWS SDKs and AWS CLI. AWS API models can be helpful for implementing server stubs to interact with AWS services.
How to build with AWS API models
Smithy API models provide building resources such as build tools, client or server code generators, IDE support, and implementations. For example, with Smithy CLI, you can easily build your models, run ad-hoc validation, compare models for differences, query models, and more. The Smithy CLI makes it easy to get started working with Smithy without setting up Java or using the Smithy Gradle Plugins.
I want to show two examples how to build your own applications with AWS API models and Smithy build tools.
StdIO server using the Smithy CLI. You can find MCPServerExample to build an MCP server by modeling tools as Smithy APIs and ProxyMCPExample to create a proxy MCP Server for any Smithy service. To learn more, visit the GitHub repository.Now available
You can now access AWS API models on a daily basis providing open-source access on the AWS API models repository and service model packages available on Maven Central. You can import models and add dependencies using the maven package of their choice.
To learn more about the AWS preferred API modeling language, visit Smithy.io and its code generation guide. To learn more each AWS SDKs, visit Tools to Build on AWS and its respective repository for SDK specific support or through your usual AWS Support contacts.
— Channy
from AWS News Blog https://ift.tt/KGY2p7a
via IFTTT
Customers across industries are harnessing the power of generative AI on AWS to boost employee productivity, deliver exceptional customer experiences, and streamline business processes. However, the growth in demand for GPU capacity has outpaced industry-wide supply, making GPUs a scarce resource and increasing the cost of securing them.
As Amazon Web Services (AWS) grows, we work hard to lower our costs so that we can pass those savings back to our customers. Regular price reductions on AWS services have been a standard way for AWS to pass on the economic efficiencies gained from our scale back to our customers.
Today, we’re announcing up to 45 percent price reduction for Amazon Elastic Compute Cloud (Amazon EC2) NVIDIA GPU-accelerated instances: P4 (P4d and P4de) and P5 (P5 and P5en) instance types. This price reduction to On-Demand and Savings Plan pricing applies to all Regions where these instances are available. The pricing reduction applies to On-Demand purchases beginning June 1 and to Savings Plan purchases effective after June 4.
Here is a table of price reductions percentage (%) from May 31, 2025 baseline prices by instance types and pricing plans:
| Instance type | NVIDIA GPUs | On-Demand | EC2 Instance Savings Plans | Compute Savings Plans |
||
| 1 year | 3 years | 1 year | 3 years | |||
| P4d | A100 | 33% | 31% | 25% | 31% | – |
| P4de | A100 | 33% | 31% | 25% | 31% | – |
| P5 | H100 | 44% | – | 45% | 44% | 25% |
| P5en | H200 | 25% | – | 26% | 25% | – |
Savings Plans are a flexible pricing model that offer low prices on compute usage, in exchange for a commitment to a consistent amount of usage (measured in $/hour) for a 1- or 3- year term. We offers two types of Savings Plans:
To provide increased accessibility to reduced pricing, we are making at-scale On-Demand capacity available for:
We are also now delivering Amazon EC2 P6-B200 instances through Savings Plan to support large scale deployments, which became available on May 15, 2025 at launch only through EC2 Capacity Blocks for ML. EC2 P6-B200 instances, powered by NVIDIA Blackwell GPUs, accelerate a broad range of GPU-enabled workloads but are especially well-suited for large-scale distributed AI training and inferencing.
These pricing updates reflect the AWS commitment to making advanced GPU computing more accessible while passing cost savings directly to customers.
Give Amazon EC2 NVIDIA GPU-accelerated instances a try in the Amazon EC2 console. To learn more about these pricing updates, visit Amazon EC2 Pricing page and send feedback to AWS re:Post for EC2 or through your usual AWS Support contacts.
— Channy
from AWS News Blog https://ift.tt/cqIEgCv
via IFTTT
Security technology company Cellebrite has announced plans to acquire Florida-based mobile testing startup Corellium for $170 million in cash, with an additional $20 million converted to equity at closing and the potential for $30 million more based on performance milestones.
The Israel-headquartered Cellebrite, known for its forensic equipment that unlocks smartphones, said the acquisition would enhance its capabilities for the accelerated identification of mobile vulnerabilities and exploits. The company’s technology often leverages unknown vulnerabilities, including zero-day exploits, to access encrypted data stored on mobile devices.
Corellium provides virtual, cloud-based Android and iOS devices for application and security testing. This technology allows researchers and developers to test software without physical devices, creating virtual environments that simulate actual mobile operating systems.
A Cellebrite spokesperson indicated that the deal is expected to close later this year, pending review from the Committee on Foreign Investment in the United States (CFIUS), which evaluates corporate transactions that could affect national security.
The combined companies aim to offer enhanced solutions for customers across public safety, intelligence, defense, and private sectors. These solutions would include advanced tools for identifying mobile vulnerabilities, virtual device interaction, improved DevSecOps solutions, and mobile penetration testing capabilities.
Both companies have faced controversy in recent years. Cellebrite has drawn attention for its mobile forensic tools being used in spyware campaigns that exploit zero-day vulnerabilities. Meanwhile, Corellium was sued by Apple in 2019 for copyright infringement related to its product that replicates the company’s iOS operating system.
That legal battle concluded after a U.S. appeals court ruled in Corellium’s favor in May 2023, with the companies reaching a confidential settlement later that year. Documents revealed during the lawsuit showed that Corellium had engaged with controversial entities, including spyware developer NSO Group.
The acquisition represents a significant consolidation in the mobile security and forensics sector, bringing together two companies with complementary technologies that are used by government agencies and private organizations worldwide for data extraction, security research, and vulnerability testing.
Security experts note that such tools exist in a complex space between legitimate security research and potential surveillance capabilities, raising ongoing questions about the balance between security, privacy, and law enforcement’s access to encrypted data.
The post Cellebrite to acquire mobile testing firm Corellium in $200 million deal appeared first on CyberScoop.
from CyberScoop https://ift.tt/2GRbqys
via IFTTT
The US can’t afford to wait for political consensus to catch up to technological change.
from darkreading https://ift.tt/sBNgL8h
via IFTTT
Cisco has released security patches to address a critical security flaw impacting the Identity Services Engine (ISE) that, if successfully exploited, could allow unauthenticated actors to carry out malicious actions on susceptible systems.
The security defect, tracked as CVE-2025-20286, carries a CVSS score of 9.9 out of 10.0. It has been described as a static credential vulnerability.
“A
from The Hacker News https://ift.tt/SCAgqzJ
via IFTTT
A financially motivated threat group posing as IT support has intruded the systems of about 20 organizations by duping employees into installing a malicious, illegitimate version of Salesforce’s Data Loader and granting broader access to cloud-based environments, Google Threat Intelligence Group said in a threat report released Wednesday.
The attacks, which Google attributes to UNC6040, have hit organizations in hospitality, retail and education across the Americas and Europe, resulting in data theft and extortion.
“Our current assessment indicates that a limited number of organizations were affected as part of this campaign, approximately 20,” Austin Larsen, principal threat analyst at Google Threat Intelligence Group, told CyberScoop in an email. “We are tracking at least several extortion attempts, but we cannot comment on how many were successful.”
Organizations’ adoption of widespread integrations and privileged access to multiple cloud-based services in corporate environments — paired with support for single sign-on services such as Okta and authentication protocols like OAuth — amplifies the risk posed by identity-based attacks.
Attackers have gained access to victim networks by calling targeted employees on the phone and convincing them to install and approve the malicious Salesforce application, exposing sensitive credentials and multi-factor authentication codes, according to Google.
UNC6040 used this access to steal data from the victim organization’s Salesforce environment, and then initiate lateral movement to steal data from other connected platforms, including Okta, Microsoft 365 and Workplace, researchers said.
“Salesforce has enterprise-grade security built into every part of our platform, and there’s no indication the issue described stems from any vulnerability inherent to our services,” a spokesperson for Salesforce said in a statement. “Attacks like voice phishing are targeted social-engineering scams designed to exploit gaps in individual users’ cybersecurity awareness and best practices.”
Google said the threat group’s social-engineering tactics and initial focus on English-speaking users at multinational companies shares similarities with activities linked to members of “The Com,” suggesting some potential overlap and association with the global collective of loosely affiliated cybercriminals. Yet, researchers noted UNC6040 is unique in focusing on exfiltrating data from Salesforce environments.
Attackers set their phishing lures by calling targeted individuals, posing as IT administrators offering support for alleged general IT issues. UNC6040 claims the issue stems from a nonexistent open IT support ticket that the victim can’t access due to system differences, according to Google.
The victim is then directed to visit a phishing site or a fake “Salesforce Setup Connect” page, which requires an eight-digit code, to close the ticket, researchers said.
Upon entering and confirming the code on their mobile device or computer, victims unwittingly authenticate access to UNC6040 via OAuth and add the malicious application to their Salesforce instance.
Salesforce, which maintains that security is a shared responsibility, warned customers of threats posed by social-engineering attacks in guidance it released in a blog post earlier this year.
The post Salesforce customers duped by series of social-engineering attacks appeared first on CyberScoop.
from CyberScoop https://ift.tt/jOJve1q
via IFTTT
The AWS community is a vibrant network of innovators, problem-solvers, and thought leaders who drive cloud technology forward. Today, we’re excited to shine a spotlight on three exceptional individuals who embody the spirit of innovation, knowledge-sharing, and community building. From architecting scalable solutions for millions of users to fostering inclusive tech groups, these professionals are making notable contributions within the AWS community. Let’s give them a warm welcome!
DevTools Hero Christian Bonzelet is an AWS Solutions Architect at Bundesliga and creator of promptz.dev (a specialized prompt library for Amazon Q Developer). He brings over a decade of media and entertainment industry expertise to the AWS community. Since his first AWS project in 2013, architecting a high-scale voting system for a major German television broadcast, Christian has been passionate about AWS, serverless architecture, and AI/ML technologies. He excels at helping teams optimize their AWS implementations and develop business-aligned solutions, particularly when designing highly scalable systems serving millions of users. Known for his collaborative approach to system design and architecture, Christian actively shares his insights and experiences with the AWS community.
Community Hero David Victoria is a senior cloud architect at Caylent. He has a Master’s in Cybersecurity and a Computer Science degree, and nine AWS certifications. With over a decade of experience delivering secure, cost-effective, and scalable solutions, David leads the AWS User Group Monterrey and helps organize the AWS Community Day México, creating spaces where thousands of builders connect and grow. His commitment to mentoring the next generation of cloud professionals across Latin America reflects his belief that “your network is your net worth.” Beyond his technical expertise, David is dedicated to fostering meaningful relationships within the AWS community, whether through public speaking, community leadership, or technical consulting.
DevTools Hero Nora Schöner is a senior cloud engineer with diverse industry experience who specializes in cloud architecture and DevOps. Her expertise in site reliability engineering and infrastructure as code helps teams build robust, accessible systems for both developers and stakeholders. Nora has been actively involved with AWS User Groups since 2016, co-organizing the AWS User Group Nuremberg and contributing to the AWS Community DACH Support Association. She founded She ‘n IT Nuremberg to connect women in tech and shares her unique blend of cloud technology expertise and manga art passion through her blog at wolkencode.de.
Visit the AWS Heroes website if you’d like to learn more about the AWS Heroes program, or to connect with a Hero near you.
— Taylor
from AWS News Blog https://ift.tt/GE9N2wF
via IFTTT
Organizations need to implement these five essential security controls to safely harness the power of autonomous AI agents while still protecting enterprise assets.
from darkreading https://ift.tt/2gbIt17
via IFTTT
Edge computing and stricter regulations may usher in a new era of AI privacy.
from darkreading https://ift.tt/KtDpqjs
via IFTTT