Amazon Web Services suffered a major outage on Tuesday (Dec 7) as technical errors in its US-EAST-1 region persisted. The global console landing page, also located in US-EAST-1, was affected, as were EC2, DynamoDB and Amazon Connect. By 1404 Pacific Time (PT), Amazon confirmed it had ‘executed a mitigation… showing significant recovery’, while the network device issues were deemed ‘resolved’ by 1635 PT. At time of publishing, no official word has been given about the cause. According to Business Insider, the company has traced the root cause to device receiving more traffic than they are able to process, leading to elevated latency and packet loss. However, whether this was an internal mistake or anything external remains to be seen.
Figures from Monster show that, in India, jobs in cloud computing comprised one in 10 of total job vacancies in the country for November. The company warns of an ’emerging talent gap prevailing in the industry’ due to lack of skills. September also saw 10% of all jobs on the platform related to cloud skills, signifying an uptick from July and June of this year at 5%. As of November, 29% of cloud roles advertised on Monster were for entry level (0-3 years experience) jobs, compared with 44% for intermediate (4-6 years) and 21% for mid-senior (7-10 years). The top skills (and keywords) cited by the recruiting company were AWS/Azure, cloud migration, SAP, cloud security, and machine learning/AI. In total, Monster noted, there are more than 608,000 cloud professionals across all verticals in India.
Researchers have found 27 vulnerabilities in Eltima SDK, used by various cloud providers to remotely mount a local USB device. The vulns affect cloud desktop solutions, such as Amazon Workspaces, which allow third-party libraries, such as Eltima SDK, to provide ‘USB over Ethernet’ capabilities. This helps users to connect and share local devices, such as webcams. The vulnerabilities, which were spotted by SentinelLabs, the research arm of endpoint security provider Sentinel One. They ‘allow attackers to escalate privileges enabling them to disable security products, overwrite system components, corrupt the operating system, or perform malicious operations unimpeded,’ the researchers wrote. As of publishing date, SentinelLabs has not discovered evidence of in-the-wild abuse.
A new report from the Enterprise Strategy Group (ESG) has affirmed organisations’ spending on cloud application security in the coming 12 months. The report, the 2022 Technology Spending Intentions Survey, had some interesting findings: 60% of organizations using public cloud services currently develop and deploy production cloud-native applications, with 79% and 81% of respondents in North America employing agile software development methodologies and DevOps methodologies respectively. A similar percentage of senior IT decision makers (62%) expect their companies to increase spending on artificial intelligence and machine learning in 2022. Writing for TechTarget, senior analyst Melinda Marks noted that this was indicative of a trend of market vendors, such as Wiz, Snyk and Lacework, securing record-setting funding rounds and valuations.