- Weekly Cloud Info
- Posts
- Weekly Cloud Info #W03 - 2025
Weekly Cloud Info #W03 - 2025
Walid LARABI
January 17, 2025
Hi!
This week, we have some important AWS news, from critical security alert, new features to make the AWS Console easier to use, and more. Mistral has also launched a new coding AI that’s breaking records. Plus, we have some updates about Kubernetes.
Have a great read. ☕
📰 Top picks of the week
Mistral's Codestral Model Doubles Speed and Performance with New Update
Mistral AI's Codestral model is revolutionizing code generation, excelling in over 80 programming languages with high-speed, low-latency tasks. The latest update, Codestral 25.01, doubles its performance efficiency and maintains its top position in coding capabilities. Extensive benchmarks highlight its superior outcomes across various programming languages and tasks, particularly in FIM (Fill-in-the-Middle). This model has significantly boosted productivity for thousands of developers.
AWS Ransomware Alert: Codefinger Targets S3 Buckets with SSE-C Encryption
A new ransomware campaign has been discovered that targets Amazon S3 buckets using AWS's Server-Side Encryption with Customer Provided Keys (SSE-C). The threat actor, known as Codefinger, exploits compromised AWS keys to encrypt data, demanding ransom for the keys needed to decrypt it. This attack prevents recovery without payment and pressures victims with a seven-day deletion policy. Two recent victims have already reported data loss due to this method.
AWS Enhances Security: Tips to Prevent Unauthorized S3 Encryption
AWS identified an increase in unauthorized encryption activities in Amazon S3 buckets using client-provided keys (SSE-C) by malicious actors with valid credentials. To combat this, AWS implemented automatic mitigations and recommends customers block SSE-C if not needed, monitor access patterns, and use short-term credentials. These proactive measures aim to secure customer data against unintended encryption.
AWS Management Console: Now Access Up to 5 Accounts Simultaneously!
AWS now allows customers to sign in to up to 5 accounts simultaneously in the AWS Management Console. This multi-session support helps users manage resources across different environments like development, testing, and production more efficiently. Available in all Commercial Regions, users can easily enable this feature from the account menu. Documentation is available for further details.
AWS Expands EC2 Flex with New 12xlarge & 16xlarge Sizes for Enhanced Performance
AWS has released two new larger sizes for Amazon EC2 Flex instances: 12xlarge and 16xlarge, enhancing ready-to-scale compute options with up to 15% better performance. These Flex instances are tailored for various workloads, offering up to 19% better price performance compared to previous generations. The new sizes are available in multiple AWS regions globally. Ideal for web servers, batch processing, and enterprise applications, they are powered by 4th Gen Intel Xeon processors.
AWS CDK Splits Release Schedules: CLI and Construct Library Now Independent
AWS is separating the release schedules of the CDK CLI and the CDK Construct Library starting February 2025. The CLI will have its own versioning, diverging from the library's versioning while maintaining compatibility. This change allows for more agility and quicker iterative development of both components. Users can freely upgrade the CLI without affecting the API or user experience.
AWS Step Functions Expands Integration: 36 New Services Added!
AWS Step Functions now supports 36 additional services, including AWS End User Messaging, enhancing its integration capabilities. Users can now orchestrate over 14,000 API actions from more than 220 AWS services, reducing the need for extra integration code. This update also includes over 1,000 new API actions from popular services like AWS Transfer Family and Amazon EC2. The enhancements are available across all regions where Step Functions operates.
Critical Aviatrix Controller Vulnerability Exploited for Backdoors and Crypto Mining
A critical security vulnerability (CVE-2024-50603, CVSS 10.0) in the Aviatrix Controller cloud networking platform is being actively exploited to deploy backdoors and cryptocurrency miners. The flaw allows unauthenticated remote code execution due to improper input sanitization in API endpoints. Aviatrix has patched the issue in versions 7.1.4191 and 7.2.4996. Cloud security firm Wiz is responding to multiple related incidents.
Critical Kubernetes Vulnerability (CVE-2024-9042) Allows Command Execution on Windows Nodes
A new vulnerability, CVE-2024-9042, has been identified in Kubernetes affecting Windows worker nodes, allowing potential command execution on host systems via the /logs endpoint. This issue impacts several Kubelet versions and is rated with a medium severity score of 5.9. Administrators are advised to upgrade to patched Kubelet versions and monitor audit logs for suspicious activity. The vulnerability highlights the need for enhanced security practices in Kubernetes environments.
Red Hat Connectivity Link: A Unified Kubernetes Solution for Enhanced Application Management
Red Hat has launched Red Hat Connectivity Link, a Kubernetes-native solution designed to simplify application connectivity across hybrid multicloud environments. This unified platform enhances traffic ma
nagement, security, and policy enforcement for Kubernetes applications. By consolidating various management functions, it reduces complexity and improves the efficiency of connectivity configurations. The solution is based on the open source Kuadrant project, utilizing the Gateway API and Envoy proxy for seamless integration.
❤️ You might also like
🏁 Enjoy this newsletter?
Forward it to a friend, and let them know they can subscribe here.