New agentic AI capabilities in Microsoft Security Copilot will allow agents to triage threats and provide recommendations.
from darkreading https://ift.tt/msDrczh
via IFTTT
IFTTT
AWS Weekly Roundup: Omdia recognition, Amazon Bedrock RAG evaluation, International Women’s Day events, and more (March 24, 2025)
As we celebrate International Women’s Day (IWD) this March, I had the privilege of attending the ‘Women in Tech’ User Group meetup in Shenzhen last weekend. I was inspired to see over 100 women in tech from different industries come together to discuss AI ethics from a female perspective. Together, we explored strategies such as reducing gender bias in AI systems and promoting diverse representation in model training data. In the AWS Cloud Lab, participants used Amazon Bedrock with large language models (LLMs) to generate rose bloom videos, which was the most popular part of this meetup.
These gatherings are crucial to our efforts to engage more women in AI technology exploration and development, and to help make sure that the generative AI era evolves without gender bias. The collaborative spirit and technical curiosity displayed throughout the event is further proof that diverse teams truly build inclusive and effective solutions.
Speaking of vibrant community engagement, I also had the honor of presenting at Kubernetes Community Day (KCD) Beijing 2025 this weekend. The enthusiasm 
for container technologies was remarkable, with nearly 300 developers gathering to share experiences and best practices. During my keynote introducing the DoEKS project from Amazon Web Services (AWS), I was struck by the depth of interest in managed Kubernetes services. The audience’s questions revealed how widely adopted services such as Amazon Elastic Kubernetes Service (Amazon EKS) and Amazon Elastic Container Service (Amazon ECS) have become among Chinese developers building mission-critical applications.This strong community interest aligns perfectly with findings from the Omdia Universe: Cloud Container Management & Services 2024–25 report. In this comprehensive evaluation of container management solutions hosted on public clouds, AWS was recognized as a Leader. The report specifically highlights that AWS offers “widest range of options for working with Kubernetes or its own container management service, across cloud, edge, and on-premises environments.” You can read the full report about AWS offerings to learn more about our comprehensive container portfolio and how we’re helping builders deploy scalable, reliable containerized applications.
Last Week’s launches
In addition to the inspiring community events, here are some AWS launches that caught my attention.
Amazon Q Business browser extension gets upgrades – The Amazon Q Business browser extension now features significant enhancements designed to streamline browser-based tasks. Users gain access to their company’s indexed knowledge alongside web content, direct PDF support within the browser, image file attachment capabilities, and controls to remove irrelevant attachments from conversation context. The expanded context window accommodates larger web pages and more detailed prompts, resulting in more helpful responses. For advanced needs, the extension offers seamless transition to the full Amazon Q Business web experience with access to Actions and Amazon Q Apps. Review the Enhancing web browsing with Amazon Q Business in the documentation for detailed setup instructions and feature descriptions to learn more about this announcement.
Amazon Bedrock RAG evaluation is now generally available – Offering comprehensive assessment of both Bedrock Knowledge Bases and custom Retrieval Augmented Generation (RAG) systems through LLM-as-a-judge methodology. The service evaluates retrieval quality and end-to-end generation with metrics for relevance, correctness, and hallucination detection, and the newly added support for custom RAG pipeline evaluations lets you bring your own input-output pairs and retrieved contexts directly into the evaluation job, along with new citation precision metrics and Amazon Bedrock Guardrails integration for more flexible RAG system optimization. To learn more, visit the Amazon Bedrock Evaluations page and What is Amazon Bedrock? in the documentation.
Amazon Nova expands Tool Choice options for Converse API – We’ve enhanced Amazon Nova with expanded Tool Choice capabilities for the Converse API, giving developers more flexibility in building sophisticated AI applications. This update allows models to determine when to use tools to fulfill user requests more effectively. Learn more in the announcement about expands Tool Choice options.
Amazon Bedrock Guardrails adds policy-based enforcement for responsible AI – Our builders can now enforce responsible AI policies at scale with Amazon Bedrock Guardrails’ new AWS Identity and Access Management (IAM) policy-based enforcement capabilities. This feature helps you to specify required guardrails through IAM policies using the bedrock:GuardrailIdentifiercondition key, so that all model inference calls comply with your organization’s AI safety standards. When your teams make Amazon Bedrock Invoke or Converse API calls, requests are automatically rejected if they don’t include the mandated guardrails, providing consistent protection against undesirable content, sensitive information exposure, and model hallucinations. Refer to the Set up permissions to use Guaidrails for content filtering in the technical documentation and the Amazon Bedrock Guardrails product page to learn more about the announcement about policy based enforcement for responsible AI.
Next generation of Amazon Connect released – We’ve launched the next generation of Amazon Connect, featuring AI-powered interactions designed to strengthen customer relationships and improve business outcomes. This major update brings enhanced agent experiences, smarter customer interactions, and deeper operational insights to contact centers of all sizes. Learn more from the new launch post in the AWS Contact Center Blog.
Amazon Redshift Serverless introduces Current and Trailing release tracks – Amazon Redshift Serverless now offers two release tracks to give users more control over their update cadence. The Current track delivers the most up-to-date certified release with the latest features and security updates, while the Trailing track remains on the previous certified release. This dual-track approach allows organizations to validate new releases on select workgroups before implementing them across production environments. Users can easily switch between tracks through the Amazon Redshift console, providing the flexibility to balance innovation with stability for mission-critical workloads. This capability is available in all AWS Regions where Amazon Redshift Serverless is offered. Refer to Tracks for Amazon Redshift provisioned cluster and serverless work groups to learn more about the Current and Trailing tracks in Amazon Redshift Serverless.
AWS WAF now supports URI fragment field matching – AWS WAF has expanded its capability to include URI fragment field matching, allowing security teams to create rules that inspect and match against the fragment portion of URLs. This enhancement enables more precise security controls for web applications that use URI fragments to identify specific sections within pages. Security professionals can now implement more targeted protections, such as restricting access to sensitive page elements, detecting suspicious navigation patterns, and enhancing bot mitigation by analyzing fragment usage patterns characteristic of automated attacks. This feature is available in all AWS Regions where AWS WAF is supported. For more information about URI field for matching, visit the AWS WAF Developer Guide.
For a full list of AWS announcements, be sure to keep an eye on the What’s New at AWS.
Other AWS news
Here are some other additional projects and blog posts that you might find interesting.
Build your generative AI skills at AWS Gen AI Lofts – AWS has established more than 10 global hubs offering training and networking for developers and startups in 2025, where you can gain practical, hands-on experience with the latest AI technologies. These revamped spaces feature dedicated zones where you can participate in workshops on prompt engineering, foundation model (FM) selection, and implementing AI in production environments. If you’re near San Francisco, New York, Tokyo, or other major tech hubs with AWS Gen AI Lofts, stop by to access these free resources and accelerate your generative AI development skills. Check out all of the AWS Gen AI Loft locations and events and to read 5 ways to build your AI skills on AWS Gen AI Loft to learn more.
AWS Lambda‘s architecture for billions of asynchronous invocations – A recent technical article reveals how AWS Lambda handles massive scale through sophisticated engineering approaches. The Lambda asynchronous invocation path employs multiple queuing strategies, consistent hashing for intelligent partitioning, and shuffle-sharding techniques to minimize noisy neighbor effects. The system relies on key observability metrics (AsyncEventReceived, AsyncEventAge, and AsyncEventDropped) to maintain optimal performance. These architectural decisions enable Lambda to process tens of trillions of monthly invocations across 1.5 million active customers while providing reliable scalability and performance isolation. For details read Handling billions of invocations – best practices from AWS Lambda in the AWS computing blog.
AWS is reducing prices by more than 11% for its high-memory U7i instances across all Regions and pricing models. The reduction applies to four instances: u7i-12tb.224xlarge, u7in-16tb.224xlarge, u7in-24tb.224xlarge, and u7in-32tb.224xlarge. The new On-Demand pricing, which covers shared, dedicated, and host tenancy options is retroactive, to March 1, 2025. For new Savings Plan purchases, pricing is effective immediately.
Create your AWS Builder ID and reserve your alias – Builder ID is a universal login credential that gives you access beyond the AWS Management Console to AWS tools and resources, including over 600 free training courses, community features, and developer tools such as Amazon Q Developer.
From community.aws
Here are some of my favorite posts from community.aws.
Model Context Protocol (MCP): why it matters – The recently introduced Model Context Protocol (MCP) creates a standardized way for AI applications to communicate with multiple FMs using consistent prompts and tools.
Build serverless GenAI Apps faster with Amazon Q Developer CLI agent – Discover how Amazon Q Developer CLI Agent revolutionizes cloud development by building a complete serverless generative AI application in minutes instead of days.
Automating code reviews with Amazon Q and GitHub actions – A new developer tutorial demonstrates how to integrate Amazon Q Developer with GitHub Actions to automatically analyze pull requests and provide AI-powered code feedback.
DeepSeek on AWS – A new technical guide demonstrates how to deploy DeepSeek’s powerful open-source AI models on AWS infrastructure. The tutorial provides step-by-step instructions for setting up these cutting-edge models using Amazon SageMaker, Amazon Elastic Compute Cloud (Amazon EC2) instances with GPUs, or through integration with Amazon Bedrock. The guide covers optimization techniques, sample applications, and best practices for balancing performance with cost efficiency.
Upcoming AWS events
Check your calendars and sign up for these upcoming AWS events.
Empowering Futures – Women Leading the Way in Tech and Non-Tech Careers – Whether you’re here to expand your professional circle, learn about the AWS Cloud or gain wisdom from inspiring speakers, this event has something for everyone. This is a public event open to everyone in the Seattle area—for free—on March 27, 2025.
AWS at KubeCon + CloudNativeCon London 2025 – Join us at KubeCon London on April 1 – April 4 , at Excel booth S300 for live product demonstrations that help you simplify Kubernetes operations, optimize costs and performance, harness the power of artificial learning and machine learning (AI/ML), and build scalable platform strategies.
That’s all for this week. Check back next Monday for another Weekly Roundup!
– Betty
This post is part of our Weekly Roundup series. Check back each week for a quick roundup of interesting news and announcements from AWS!
How is the News Blog doing? Take this 1 minute survey!
(This survey is hosted by an external company. AWS handles your information as described in the AWS Privacy Notice. AWS will own the data gathered via this survey and will not share the information collected with survey respondents.)
from AWS News Blog https://ift.tt/FDrHguL
via IFTTT
University Competition Focuses on Solving Generative AI Challenges
The Amazon Nova AI Challenge puts student research to the test and aims to bring a new perspective to challenges arising from the increase in AI-assisted software development.
from darkreading https://ift.tt/aquPUJ8
via IFTTT
Cybercriminals Taking Advantage Of AI, ‘Shadow’ Alliances
A Europol report says nation-state actors are increasingly working with organized crime networks to achieve geopolitical goals, including the destabilization of the EU.
from darkreading https://ift.tt/tJbHiLg
via IFTTT
How to Protect Your Business from Cyber Threats: Mastering the Shared Responsibility Model
Cybersecurity isn’t just another checkbox on your business agenda. It’s a fundamental pillar of survival. As organizations increasingly migrate their operations to the cloud, understanding how to protect your digital assets becomes crucial. The shared responsibility model, exemplified through Microsoft 365’s approach, offers a framework for comprehending and implementing effective cybersecurity
from The Hacker News https://ift.tt/GpvlFBb
via IFTTT
Capital One hacker Paige Thompson got too light a sentence, appeals court rules
A federal appeals court overruled a district court judge’s sentence for Capital One hacker Paige Thompson this week, deciding that the sentence of five years’ probation plus time served was too lenient.
Describing the hack as the “second largest data breach in the United States at the time, causing tens of millions of dollars in damage and emotional and reputational harm to numerous individuals and entities,” two of three judges from the 9th Circuit Court of Appeals said they believed that the sentence was “substantially unreasonable.”
In deciding on the original sentence in 2022, U.S. District Judge Robert Lasnik considered that Thompson was transgender, autistic and had suffered past trauma. He raised the prospect of Bureau of Prisons decisions under a future presidential administration making life more difficult for transgender inmates. He also noted that the hack wasn’t done in a “malicious manner” and that Thompson was “tormented” about her activities.
Thompson was charged with stealing data on 106 million Capital One customers after taking advantage of a misconfigured firewall in the bank’s cloud computing system. Over the course of the investigation, the government found terabytes of additional data Thompson took from more than 30 organizations.
Prosecutors swiftly appealed the sentence, with then-U.S. Attorney Nick Brown saying “this is not what justice looks like.” They argued that the judge gave too much weight to Thompson’s history and personal characteristics.
“We agree that the district court overemphasized Thompson’s personal story,” Judge Danielle Forrest wrote, with Judge Johnnie Rawlinson concurring. “Thompson’s personal background and characteristics are, of course, proper considerations at sentencing, but they may not be the sole basis for the chosen sentence.”
The ruling also disputed the district judge saying the hack wasn’t malicious, or that Thompson was tortured over her behavior. Thompson, a former Amazon Web Services software engineer, blamed victims’ incompetence for the theft and encouraged others to hack them, and she also bragged about what she did, the ruling states.
Therefore, with a maximum sentence of 210 months, the sentence was too lenient, it reads.
President Donald Trump appointed Forrest. President Bill Clinton appointed Rawlinson. The third appeals court judge, Jennifer Sung, appointed by President Joe Biden, took issue with the duo’s decision.
What matters most is whether the district judge engaged in “abuse of discretion,” such as a procedural error, and there’s no sign of that in the Thompson sentence, Sung wrote.
The full quote on Lasnick’s “malicious manner” comment sheds more favorable light on the judge’s viewpoint, Sung observed. Lasnik said did not act “in the malicious manner that you want to punish, to the same degree as somebody who gets that information and immediately turns to monetizing it in some way,” Sung noted. Thompson also showed signs of being tormented over her activities, openly seeking jail or death.
While the majority said prospective future administrations’ actions on transgender inmates shouldn’t play a role in sentencing, Sung said the district court correctly noted that it was “dealing with Paige Thompson, what she did, who she is, is the dilemma before the court today,” and therefore the sentence gave proper weight to her being transgender.
The Center for Cybersecurity Policy and Law, in a friend of the court brief in support of the government appeal, said it wouldn’t give its opinion on how long Thompson’s sentence should be. But it asked the court to clarify one element in its ruling.
“It is critical for legal frameworks to maintain the distinction between good-faith security research and harmful criminal activities,” it wrote in its brief. “The Center is interested in this proceeding because a perception that the sentencing at issue was based on the Defense’s arguments in the District Court that the charged conduct was good-faith security research risks eroding the distinction between good-faith security research and harmful criminal activity.
“Addressing this distinction is needed to ensure ethical research is not conflated with actions like the Defendant’s and thus prevent undermining trust between the security, business, and policy communities,” it continued.
The appeals court ruling made no mention of good-faith security research.
Mo Hamoudi, an attorney for Thompson, did not immediately respond to requests for comment.
The case is being sent back to the district court level for resentencing.
The post Capital One hacker Paige Thompson got too light a sentence, appeals court rules appeared first on CyberScoop.
from CyberScoop https://ift.tt/omfKa7B
via IFTTT
AI Cloud Adoption Is Rife With Cyber Mistakes
Research finds that organizations are granting root access by default and making other big missteps, including a Jenga-like building concept, in deploying and configuring AI services in cloud deployments.
from darkreading https://ift.tt/Rm7TbxM
via IFTTT
5 Identity Threat Detection & Response Must-Haves for Super SaaS Security
Identity-based attacks are on the rise. Attackers are targeting identities with compromised credentials, hijacked authentication methods, and misused privileges. While many threat detection solutions focus on cloud, endpoint, and network threats, they overlook the unique risks posed by SaaS identity ecosystems. This blind spot is wreaking havoc on heavily SaaS-reliant organizations big and small
from The Hacker News https://ift.tt/cb0Ykt3
via IFTTT
Mitigated – Networking reduced availability in East US
What happened?
Between 13:09 UTC and 18:51 UTC on 18 March 2025, a platform issue resulted in an impact to a subset of Azure customers in the East US region. Customers may have experienced intermittent connectivity loss and increased network latency sending traffic within as well as in and out of Azure’s US East Region.
At 23:21 UTC on 18 March 2025, another impact to network capacity occurred during the recovery of the underlying fiber that customers may have experienced the same intermittent connectivity loss and increased latency sending traffic within, to and from US East.
What do we know so far?
We identified multiple fiber cuts affecting a subset of datacenters in the East US region at 13:09 UTC on 18 March 2025. The fiber cut impacted capacity to those datacenters increasing the utilization for the remaining capacity serving the affected datacenters. At 13:55 UTC on 18 March 2025, we began mitigating the impact of the fiber cut by load balancing traffic and restoring some of the impacted capacity; customers should have started to see service recover starting at this time. The restoration of traffic was fully completed by 18:51 UTC on 18 March 2025 and the issue was mitigated.
At 23:20 UTC on 18 March 2025, another impact was observed during the capacity repair process. This was due to a tooling failure during the recovery process that started adding traffic back into the network before the underlying capacity was ready. The impact was mitigated at 00:30 UTC on 19 March after isolating the capacity impacted by the tooling failure.
At 01:52 UTC on 19 March, the underlying fiber cut has been fully restored. We continue working to test and restore all capacity to pre-incident levels.
Our telemetry indicates that customer impact has been fully mitigated. We will continue to monitor during our capacity recovery process before confirming complete incident mitigation.
An update will be provided in 3 hours, or as events warrant
from Azure Status https://ift.tt/mJ5B3Dt
via IFTTT
Active – Networking reduced availability in East US.
What happened?
Between 13:09 UTC and 18:51 UTC on 18 March 2025, a platform issue resulted in an impact to a subset of Azure customers in the East US region. Customers may have experienced intermittent connectivity loss and increased network latency sending traffic within as well as in and out of Azure’s US East Region.
At 23:21 UTC, another impact to network capacity occurred during the recovery of the underlying fiber that customers may have experienced the same intermittent connectivity loss and increased latency sending traffic within, to and from US East.
What do we know so far?
We identified multiple fiber cuts affecting a subset of datacenters in the East US region at 13:09 UTC. The fiber cut impacted capacity to those datacenters increasing the utilization for the remaining capacity serving the affected datacenters. At 13:55 UTC, we began mitigating the impact of the fiber cut by load balancing traffic and restoring some of the impacted capacity; customers should have started to see service recover starting at this time. The restoration of traffic was fully completed by 18:51 UTC and the issue was mitigated.
At 23:20 UTC, another impact was observed during the capacity repair process. This was due to a tooling failure during the recovery process that started adding traffic back into the network before the underlying capacity was ready. We are actively mitigating the current impact to ensure no further incidents occur during the recovery process.
An update will be provided in 60 minutes, or as events warrant.
from Azure Status https://ift.tt/mJ5B3Dt
via IFTTT