AWS - Security Ticks

AWS Continuum brings AI models to code vulnerability management

AI, AWS, News, vulnerability management / SecurityTicks

AWS Continuum brings AI models to code vulnerability management 2026-06-18 at 07:33 By Sinisa Markovic AWS Continuum for code vulnerabilities, a system built to handle a vulnerability across its lifecycle, from discovery through to a fix, is now available in gated preview. It reasons over a customer’s environment, confirms which findings are real, and works […]

AWS Continuum brings AI models to code vulnerability management Read More »

The assembly line behind 1.5 million malicious domains

AWS, Cloudflare, cybercrime, cybersecurity, domain information, Don't miss, News, research, threats, VirusTotal / SecurityTicks

The assembly line behind 1.5 million malicious domains 2026-06-12 at 11:07 By Anamarija Pogorelec Attackers registered roughly 1.5 million malicious domains during the first five months of 2026. The registration patterns resemble industrial output. Most of the domains were created by attackers, put to use within weeks, and concentrated among a small set of registrars,

The assembly line behind 1.5 million malicious domains Read More »

OpenAI brings frontier AI to existing AWS environments

AI, AWS, News, OpenAI / SecurityTicks

OpenAI brings frontier AI to existing AWS environments 2026-06-02 at 11:55 By Anamarija Pogorelec OpenAI frontier models and Codex are now available on AWS, giving customers access to OpenAI capabilities within AWS environments and the controls needed to move more quickly from evaluation to deployment. OpenAI capabilities on Amazon Bedrock These capabilities are available through

OpenAI brings frontier AI to existing AWS environments Read More »

Zapier exploit chain shows how known anti-patterns compose into critical risk

AWS, cybersecurity, Don't miss, News, research, Token Security, vulnerability / SecurityTicks

Zapier exploit chain shows how known anti-patterns compose into critical risk 2026-05-28 at 16:00 By Mirko Zorz A five-stage exploit chain disclosed by Token Security researchers turned a free Zapier account into write access on Zapier’s public developer SDK packages and on internal packages that load in every authenticated zapier.com session. Each link in the

Zapier exploit chain shows how known anti-patterns compose into critical risk Read More »

Amazon Quick authorization bypass let users reach blocked AI chat agents

AI, AWS, Don't miss, HackerOne, Hot stuff, News, vulnerability, vulnerability disclosure / SecurityTicks

Amazon Quick authorization bypass let users reach blocked AI chat agents 2026-05-12 at 20:12 By Mirko Zorz Enterprises running Amazon Quick, the AWS business intelligence and agentic AI service, rely on a feature called custom permissions to restrict who inside an account can use AI chat agents. Fog Security founder Jason Kao discovered that those

Amazon Quick authorization bypass let users reach blocked AI chat agents Read More »

25 open-source cybersecurity tools that don’t care about your budget

AI, AWS, Compliance, GitHub, GitLab, Kubernetes, Linux, News, open source, OpenClaw, penetration testing, software, Trail of Bits / SecurityTicks

25 open-source cybersecurity tools that don’t care about your budget 2026-04-27 at 10:30 By Anamarija Pogorelec Regardless of the operating system you use, managing secrets, apps, cloud, compliance, and security operations can be overwhelming. The free, open-source tools presented in this article can help you detect threats, increase visibility, enforce controls, and investigate and respond

25 open-source cybersecurity tools that don’t care about your budget Read More »

AWS, Wasabi, Cloudflare, and Backblaze go head-to-head in new cloud storage test

AWS, Backblaze, Catchpoint, Cloud, cloud computing, Cloudflare, EU, networking, News, report, storage, USA / SecurityTicks

AWS, Wasabi, Cloudflare, and Backblaze go head-to-head in new cloud storage test 2026-04-03 at 01:25 By Anamarija Pogorelec Cloud storage buyers rarely get vendor-provided performance data that includes the vendor’s own weak spots. Backblaze’s Q1 2026 Performance Stats report, attempts to do exactly that, sharing benchmark results for Backblaze B2, AWS S3, Cloudflare R2, and

AWS, Wasabi, Cloudflare, and Backblaze go head-to-head in new cloud storage test Read More »

Amazon sends AI agents into pen testing and DevOps

agentic AI, Artificial Intelligence, AWS, cybersecurity, DevSecOps, News / SecurityTicks

Amazon sends AI agents into pen testing and DevOps 2026-03-31 at 20:31 By Sinisa Markovic Amazon’s latest AI capabilities bring on-demand penetration testing through the AWS Security Agent, alongside the AWS DevOps Agent. “These agents are changing the way we secure and operate software. AWS Security Agent compresses penetration testing timelines from 2-6 weeks to

Amazon sends AI agents into pen testing and DevOps Read More »

TeamPCP Moves From OSS to AWS Environments

Application Security, AWS, cloud security, supply chain attack, TeamPCP / SecurityTicks

TeamPCP Moves From OSS to AWS Environments 2026-03-31 at 17:42 By Ionut Arghire After validating stolen credentials using TruffleHog, the hacking group started AWS services enumeration and lateral movement activities. The post TeamPCP Moves From OSS to AWS Environments appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

TeamPCP Moves From OSS to AWS Environments Read More »

Cisco FMC flaw was exploited by Interlock weeks before patch (CVE-2026-20131)

0-day, AWS, Cisco, Don't miss, enterprise, firewall, Hot stuff, News, Ransomware / SecurityTicks

Cisco FMC flaw was exploited by Interlock weeks before patch (CVE-2026-20131) 2026-03-20 at 15:21 By Zeljka Zorz A critical vulnerability (CVE-2026-20131) in Cisco Secure Firewall Management Center (FMC) that Cisco disclosed and patched in early March 2026 has been exploited as a zero-day by the Interlock ransomware gang, Amazon CISO and VP of Security Engineering

Cisco FMC flaw was exploited by Interlock weeks before patch (CVE-2026-20131) Read More »

Major tech companies invest $12.5 million in open source security

Anthropic, Artificial Intelligence, AWS, cybersecurity, GitHub, Google, Microsoft, News, open source, OpenAI, OpenSSF, The Linux Foundation / SecurityTicks

Major tech companies invest $12.5 million in open source security 2026-03-18 at 11:31 By Sinisa Markovic The Linux Foundation announced $12.5 million in grant funding backed by Anthropic, AWS, GitHub, Google, Google DeepMind, Microsoft, and OpenAI to strengthen open source security. The funding will be directed through the foundation’s Alpha-Omega Project and the Open Source

Major tech companies invest $12.5 million in open source security Read More »

Cloud-audit: Fast, open-source AWS security scanner

AWS, cloud security, Don't miss, GitHub, Hot stuff, News, scanner, software / SecurityTicks

Cloud-audit: Fast, open-source AWS security scanner 2026-03-11 at 09:21 By Mirko Zorz Running AWS security audits without a dedicated security team typically means choosing between enterprise platforms with per-check billing and generic open-source scanners that produce findings with no remediation guidance. Cloud-audit, a Python CLI tool published on GitHub by Mariusz Gebala, takes a narrower

Cloud-audit: Fast, open-source AWS security scanner Read More »

Attackers use AiTM phishing kit, typosquatted domains to hijack AWS accounts

account hijacking, AWS, Datadog, Don't miss, Hot stuff, News, phishing / SecurityTicks

Attackers use AiTM phishing kit, typosquatted domains to hijack AWS accounts 2026-03-10 at 15:22 By Zeljka Zorz Phishers are targeting AWS accounts holders with fake email security alerts and redirecting them to a high-fidelity clone of the AWS Management Console sign-in page, Datadog researchers have warned. The cloned AWS phishing page (Source: Datadog Security Labs)

Attackers use AiTM phishing kit, typosquatted domains to hijack AWS accounts Read More »

Iranian Strikes on Amazon Data Centers Highlight Industry’s Vulnerability to Physical Disasters

AWS, cloud security, Cyberwarfare, Iran / SecurityTicks

Iranian Strikes on Amazon Data Centers Highlight Industry’s Vulnerability to Physical Disasters 2026-03-03 at 22:09 By Associated Press Two AWS data centers in the United Arab Emirates were “directly struck” and another facility in Bahrain was also damaged after a drone landed nearby. The post Iranian Strikes on Amazon Data Centers Highlight Industry’s Vulnerability to

Iranian Strikes on Amazon Data Centers Highlight Industry’s Vulnerability to Physical Disasters Read More »

AWS Expands Security Hub Into a Cross-Domain Security Platform

AWS, cloud security / SecurityTicks

AWS Expands Security Hub Into a Cross-Domain Security Platform 2026-03-02 at 15:09 By Kevin Townsend The AWS Security Hub Extended plan aims to reduce security tool sprawl by correlating findings across multiple security domains. The post AWS Expands Security Hub Into a Cross-Domain Security Platform appeared first on SecurityWeek. This article is an excerpt from

AWS Expands Security Hub Into a Cross-Domain Security Platform Read More »

AWS Security Hub Extended brings enterprise security under one roof

Artificial Intelligence, AWS, cloud security, cybersecurity, email security, News / SecurityTicks

AWS Security Hub Extended brings enterprise security under one roof 2026-02-26 at 23:18 By Anamarija Pogorelec AWS Security Hub Extended is a plan within Security Hub that simplifies how customers procure, deploy, and integrate a full-stack enterprise security solution across endpoint, identity, email, network, data, browser, cloud, AI, and security operations. The plan allows customers

AWS Security Hub Extended brings enterprise security under one roof Read More »

AWS adds IPv6 support to IAM Identity Center through dual-stack endpoints

AWS, News / SecurityTicks

AWS adds IPv6 support to IAM Identity Center through dual-stack endpoints 2026-01-27 at 15:49 By Anamarija Pogorelec Amazon Web Services has added IPv6 support to IAM Identity Center through new dual-stack endpoints. The update allows identity services to operate over IPv6 networks while continuing to support IPv4. The change applies to access portals, managed applications,

AWS adds IPv6 support to IAM Identity Center through dual-stack endpoints Read More »

AWS releases updated PCI PIN compliance report for payment cryptography

AWS, Coalfire, Compliance, News, PCI, PCI DSS / SecurityTicks

AWS releases updated PCI PIN compliance report for payment cryptography 2026-01-26 at 07:05 By Anamarija Pogorelec Amazon Web Services has published an updated Payment Card Industry Personal Identification Number (PCI PIN) compliance package for its AWS Payment Cryptography service, confirming a recent third-party audit of the platform. The report package is now accessible through AWS’s

AWS releases updated PCI PIN compliance report for payment cryptography Read More »

AWS European Sovereign Cloud puts data, operations, and oversight inside the EU

Amazon, AWS, Cloud, Data Protection, EU, Europe, News, regulation / SecurityTicks

AWS European Sovereign Cloud puts data, operations, and oversight inside the EU 2026-01-15 at 13:54 By Sinisa Markovic Amazon has made the AWS European Sovereign Cloud generally available to customers across the European Union, backed by a €7.8 billion investment. According to AWS, the funding will support infrastructure buildout, staffing, and long-term operations, and is

AWS European Sovereign Cloud puts data, operations, and oversight inside the EU Read More »

re:Invent 2025: AWS and Security Vendors Unveil New Products and Capabilities

AWS, cloud security, re:Invent 2025, security products / SecurityTicks

re:Invent 2025: AWS and Security Vendors Unveil New Products and Capabilities 2025-12-03 at 14:35 By Eduard Kovacs AWS and cybersecurity vendors have made several announcements at the cloud giant’s re:Invent 2025 event. The post re:Invent 2025: AWS and Security Vendors Unveil New Products and Capabilities appeared first on SecurityWeek. This article is an excerpt from

re:Invent 2025: AWS and Security Vendors Unveil New Products and Capabilities Read More »