This week TLDR i.e. 1 minute version (For executives):

1. Amazon GuardDuty Malware Protection for EC2 now available in AWS GovCloud (US) Regions.

2. Amazon VPC adds CloudTrail logging for VPC resources created by default.

Trending in Cloud & Cyber Security:

1. AWS Security Blogs & Bulletins:

   • Protect against advanced DNS threats with Amazon Route 53 Resolver DNS Firewall. Link.

   • How to manage migration of hsm1.medium CloudHSM clusters to hsm2m.medium. Link.

   • Implementing safety guardrails for applications using Amazon SageMaker. Link.

   • Monitoring and optimizing the cost of the unused access analyzer in IAM Access Analyzer. Link.

   • Mapping AWS security services to MITRE frameworks for threat detection and mitigation. Link.

2. General security blogs, articles, reports & trending news/advisories:

   • Amazon S3 Bucket Name Squatting by Costas Kourmpoglou. Link.

   • The Russian Open Source Project That We Can’t Live Without. Link.

   • Schedule Security Scanning with a Serverless Fanout Pattern by Rich Mogull. Link.

   • Tales from the cloud trenches: The Attacker doth persist too much, methinks by Martin McCloskey. Link.

   • China-Nexus Nation State Actors Exploit SAP NetWeaver (CVE-2025-31324) to Target Critical Infrastructures by Arda Büyükkaya. Link.

   • Google Threat Intelligence: COLDRIVER Using New Malware To Steal Documents From Western Targets and NGOs. Link.

   • FBI PSA: Cyber Criminal Proxy Services Exploiting End of Life Routers. Link.

   • Wiz: Cloud Hunting Games. Link.

   • Microsoft: Top MSRC 2025 Q1 Security Researchers. Link.

   • TA406 Pivots to the Front by Greg Lesnewich, Saher Naumaan, Mark Kelly. Link.

   • Orca Security Acquires Opus to Bring Agentic AI to CNAPP. Link.

This week Long i.e. 3-5 minutes version (For architects & engineers):

1. AWS now offers Amazon GuardDuty Malware Protection for EC2 in AWS GovCloud (US) Regions, allowing you to to detect potential malware by scanning EBS volumes attached to EC2 instances and container workloads. Link. Here’s my gov console.

   

2. Amazon VPC adds CloudTrail logging for VPC resources created by default. Previously, CloudTrail logs only captured resources explicitly created by customers, requiring manual tracking of default resources for audit purposes. With this update, CloudTrail now logs events related to the automatic creation or deletion of default resources—such as Security Groups, Network ACLs, and Route Tables—when a VPC is created or deleted. Link. Here’s my CloudTrail for a default VPC creation:

   

   Subscribe

   Share