Security

Apple Patches Exploited Notification Flaw, (Thu, Apr 23rd)

Leave a comment
This post was originally published on this site

Apple yesterday released iOS/iPadOS 26.4.2 and iOS/iPadOS 18.7.8. This update fixes a single Notification Services vulnerability, CVE-2026-28950:

Impact: Notifications marked for deletion could be unexpectedly retained on the device

Description: A logging issue was addressed with improved data redaction.

Apple did not mark the vulnerability as exploited. However, recent news articles reported that the FBI used this vulnerability to extract Signal messages from a device seized in a criminal case. The suspect in the case used Signal to communicate. Signal is encrypted end-to-end and attempts not to store retrievable data on the device itself. However, Signal may display a notification on the screen whenever a new message is received. These notifications may include the sender's username and some of the message's content. Signal used Apple's Notification Services framework to generate these notifications, and iOS did not delete their contents even when they were marked for deletion. 

The use of OS libraries and APIs like that has caused problems before, as they may not be designed with the same threat model in mind as the one used to create secure messaging applications.


Johannes B. Ullrich, Ph.D. , Dean of Research, SANS.edu
Twitter|

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Security

[Guest Diary] Beyond Cryptojacking: Telegram tdata as a Credential Harvesting Vector, Lessons from a Honeypot Incident, (Wed, Apr 22nd)

Leave a comment
This post was originally published on this site

[This is a Guest Diary by L. Carty, an ISC intern as part of the SANS.edu Bachelor's Degree in Applied Cybersecurity (BACS) program [1].]

Introduction

A few weeks ago, my honeypot logged an incident that changed how I think about modern attacks. A threat actor broke into my system using weak SSH credentials and immediately started running commands. What started as a routine resource-hijacking attempt was followed by credential harvesting targeting Telegram Desktop session data.

This incident isn't just another story about cryptocurrency mining malware. It's a window into how modern threat actors are evolving their tactics – chaining initial access with credential theft to enable persistent, multi-layered exploitation. The commands I observed tell a story of methodical reconnaissance, from checking for competing miners to hunting for Telegram's tdata directory.

In this post, I'll walk through what I found, explain why the tdata folder is so valuable to threat actors, and share practical ways to protect it and manage your sessions.

The Attack Chain: A Conceptual Overview

Before diving into the actual commands, let's establish what we're looking at. Modern attacks rarely consist of a single malicious action and instead follow a progression. Below is the attack chain and corresponding MITRE ATT&CK Techniques. [2]

  1. Initial Access – Weak SSH credentials, phishing, or vulnerabilities /T1110/001/
  2. Reconnaissance – System enumeration, identifying valuable targets /T1082/ /T1083/
  3. Credential Harvesting – Extracting session tokens, passwords, or authentication data /T1555/ /T1005/
  4. Account Takeover – Using stolen credentials for further access /T1078/
  5. Exploitation – Social engineering, lateral movement, or monetization /T1041/

What made this particular attack notable was the explicit targeting of Telegram's local session data. Threat actors aren't just after CPU cycles anymore—they're after persistent access through compromised accounts that can be leveraged for ongoing exploitation.

The Evidence: Live from the Honeypot

The following commands were captured in the honeypot's SSH logs immediately after the threat actor gained access. They show the threat actor’s intent to map the system, check for competition, and locate the tdata directory.

Commands Captured

  • /ip cloud print
  • ifconfig
  • uname -a cat /proc/cpuinfo #looks to have an issue with cloudflare
  • ps | grep '[Mm]iner' ps -ef | grep '[Mm]iner'
  • ls -la ~/.local/share/TelegramDesktop/tdata /home/*/.local/share/TelegramDesktop/tdata /dev/ttyGSM* /dev/ttyUSB-mod* /var/spool/sms/* /var/log/smsd.log /etc/smsd.conf* /usr/bin/qmuxd /var/qmux_connect_socket /etc/config/simman /dev/modem* /var/config/sms/*
  • locate D877F783D5D3EF8Cs
  • echo Hi | cat -n

A Command Timeline Visualization

[Initial SSH Access]
         |
_________V_________________________________________________________
| RECONNAISSANCE PHASE                                            |
| • /ip cloud print → MikroTik RouterOS status,configuration      |
| • ifconfig → Network interface enumeration                      |
| • uname -a → OS/kernel identification                           |
| • cat /proc/cpuinfo → Hardware capability assessment            |
___________________________________________________________________
         |
_________V_________________________________________________________
| MINER DETECTION                                                 |
| • ps | grep '[Mm]iner' → Check for competing miners             |
| • ps -ef | grep... → Full process list scan                     |
__________________________________________________________________
         |
_________V_________________________________________________________
| CREDENTIAL HARVESTING                                           |
| • ls -la .../tdata → Locate Telegram session directory          |
| • /home/*/... → Wildcard search for user accounts               |
| • /dev/ttyGSM*, etc. → Modem/SMS 2FA bypass attempts            |
___________________________________________________________________
         |
_________V_________________________________________________________
| EXFILTRATION PREPARATION                                        |
| • locate D877F783... → Specific tdata folder lookup             |
| • echo Hi | cat -n → Shell verification                         |
| • [Compress & upload] → Likely next step (not captured)         |
__________________________________________________________________

Operational Context: Connecting the Dots

While the timeline shows what happened, understanding the why requires looking at the attack from a strategic view. Each command serves a specific purpose in a larger plan.

The initial reconnaissance (ifconfig, uname -a) was an attempt to confirm the system had the processing power to support a cryptominer and the network connectivity to send data out. Next came the miner detection phase (ps | grep). If the threat actor found an existing miner, they would need to remove those processes to free up resources and avoid conflicts before installing their own.

The next set of commands gets interesting as the threat actor shifts focus to Telegram Desktop tdata. This move reveals that stealing CPU cycles is a short-term gain, whereas stealing the Telegram session is a long-term asset. The threat actor searched for modem devices and SMS logs to get around the victim's two-factor authentication (2FA). This ensured that even if the stolen session stopped working, the threat actor could still reset the account password via SMS to take full control. This shows a clear shift from just using someone's computer for a quick profit to stealing their digital identity for long-term use.

Deep Dive: The Critical Risk of tdata Exposure

Understanding why the tdata folder is so valuable is essential for defense. This directory contains the session data that authenticates the user to Telegram's servers.

The Mechanics of Session Theft

According to an Imperva Threat Research report from 2025 regarding the sale of Telegram identities [3], copying the tdata folder to another machine grants a threat actor full access to the victim's Telegram account without needing the phone number or two-factor authentication code.

The session information stored in tdata acts as persistent login credentials. Because the authentication tokens are self-contained within the folder, the threat actor doesn't need to re-authenticate or bypass 2FA. They simply need to move the folder to a machine where they can run Telegram.

This flexibility is what makes the attack so dangerous. The threat actor does not need a specific version of the software, such as ‘Telegram Portable.’ Any standard Telegram Desktop client works because:

  • Same Authentication Method: All Telegram Desktop clients (standard or portable) use the identical tdata folder structure, and
  • No Installation Required: The session information is self-contained. A threat actor can copy the folder to a fresh installation of Telegram on their own machine, and it will log in immediately.

Below are scenarios on how a threat actor may use stolen tdata:

Scenario 1: Direct Import

  1. Threat actor copies the tdata folder from the victim's system.
  2. Threat actor installs Telegram Desktop on their own computer.
  3. Threat actor replaces their own tdata folder with the victim's copy.
  4. When Telegram launches, it reads the stolen session tokens and logs in as the victim.

Scenario 2: Cloud Exfiltration

  1. Threat actor compresses the tdata folder on the victim's system.
  2. Threat actor uploads it to their own cloud storage or server.
  3. Later, threat actor downloads it to their machine.
  4. Threat actor places it in their Telegram Desktop directory.
  5. Telegram authenticates using the stolen session tokens.

Scenario 3: Portable Client

  1. Threat actor copies tdata to a USB drive or portable installation.
  2. Threat actor can run Telegram Portable from anywhere without installation.
  3. All session data travels with the portable folder.

Because the session appears as a legitimate login from a new device, it is often indistinguishable from normal user activity, making detection difficult without specific monitoring of the tdata directory.

What You Can Do: Protecting tdata and Managing Sessions

Here are the most effective steps to protect your system and your Telegram account.

Protect the tdata Folder

Implement File Integrity Monitoring by setting up alerts for any access to the tdata directory. If a process other than Telegram itself tries to read or copy files in that folder, you want to know immediately.

Harden SSH Access since many of these attacks begin with weak SSH credentials. The most effective fix is to disable password authentication and use SSH keys instead. If you must use passwords, make them long and unique.

Monitor for Reconnaissance Commands such as grep, '[Mm]iner', ls -la …/tdata, or searches for modem devices /dev/ttyGSM*, and treat them as critical alerts. These aren't normal user activities and usually indicate a threat actor is mapping your system.

Manage Your Sessions

Conduct Regular Session Audits by navigating to Telegram Settings > Privacy and Security > Active Sessions. If you see a device or location you don't recognize, terminate it immediately. This is your first line of defense if tdata is stolen.

Log Out of Unused Devices because every device you're logged into is a potential entry point. If you're not actively using Telegram on a laptop or tablet, log out. Fewer active sessions mean fewer targets for threat actors.

Consider Mobile Usage as these devices offer better session controls. Telegram on iOS and Android supports biometric authentication and makes it harder to exfiltrate session data via file copying. If you're concerned about tdata theft, use Telegram primarily on mobile.

Enable Two-Factor Authentication (2FA) even though tdata theft bypasses it. 2FA protects against standard account takeovers where the threat actor doesn't have your session token, and it could make it harder for the threat actor to reset the password after the session expires.

Network-Level Detection

Monitor for Telegram Bot API Traffic since threat actors often use the Telegram Bot API to send stolen data or receive commands. Research by SonicWall [4] has documented campaigns where phishing emails deliver HTML attachments that exfiltrate credentials directly to Telegram bots, highlighting the need to monitor for this traffic.

Block Known Malicious IPs as many of these attacks come from known command-and-control servers. Subscribe to threat intelligence feeds that track Telegram-based attack infrastructure and block those IPs at your firewall.

The Bigger Picture: Why Telegram Remains a Target

Despite Telegram banning millions of accounts, threat actors continue to migrate to the platform due to its infrastructure simplicity, encryption, and massive scale. The platform's marketplace ecosystem and resilience against take-downs make it an attractive venue for criminal activity. According to Beeble.com's analysis ‘The Great Telegram Purge: Why 43 Million Bans Couldn’t Break the Cybercrime Grip’ [5], Telegram has evolved from a messaging app into a comprehensive criminal infrastructure platform.

Silobreaker's research [6] further indicates that ransomware groups like BlackCat use Telegram for both data exfiltration and selling stolen credentials on public marketplaces, while Kaspersky [7] notes that Telegram has become a hub for crypto scams, generating millions in fraudulent revenue through fake support bots and investment channels.

Conclusion

The multi-layered attack captured in my honeypot reflects current priorities in the threat landscape. The combination of cryptojacking reconnaissance with Telegram credential harvesting demonstrates that threat actors are thinking beyond simple resource theft. They are building persistent access through account takeover to enable ongoing exploitation.

The key insight is that Telegram's features, while legitimate for many users, have been repurposed by threat actors for credential theft, C2 communication, and data exfiltration. Defenders must monitor not just for malware installation, but for the specific indicators of credential harvesting that enable account takeover and lateral movement through social channels.

By understanding the attack chain, recognizing the indicators, and implementing robust protections for the tdata folder and session management, we can better protect ourselves against these evolving threats.

Key Takeaways

  • Telegram tdata is a high-value target: Session tokens in this folder allow threat actors to bypass 2FA and take over accounts instantly.
  • Attack chains are evolving: Modern threats combine cryptojacking reconnaissance with credential harvesting for multi-layered exploitation.
  • Monitor for specific indicators: File access to tdata, modem device enumeration, and 'miner' process searches are critical warning signs.
  • Telegram Portable enables persistence: Threat actors can copy tdata to portable installations for seamless account takeover without detection.
  • Defense requires multiple layers: SSH hardening, file integrity monitoring, and session auditing are all necessary to protect against this attack pattern.

Acknowledgments: This analysis was assisted by Lumo AI (Proton) [8] for content organization and structuring.

[1] https://www.sans.edu/cyber-security-programs/bachelors-degree/
[2] https://attack.mitre.org/techniques/
[3] https://www.imperva.com/blog/telegram-identity-theft/
[4] https://www.sonicwall.com/blog/threat-actors-caught-using-telegram-bot-to-harvest-credentials
[5] https://beeble.com/en/blog/the-great-telegram-purge-why-43-million-bans-couldn-t-break-the-cybercrime-grip
[6] https://www.silobreaker.com/blog/cyber-threats/mapping-threat-actor-abuse-of-telegram-from-c2-to-hacktivism/
[7] https://www.kaspersky.com/blog/phishing-and-scam-in-telegram-2025/54090/
[8] https://lumo.proton.me

 


Jesse La Grew
Senior Handler

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Security

A .WAV With A Payload, (Tue, Apr 21st)

Leave a comment
This post was originally published on this site

There have been reports of threat actors using a .wav file as a vector for malware.

It's a proper .wav file, but they didn't use staganography. The .wav file will play, but you'll just hear noise:

That's because the TAs have just replaced the bytes that encode the sound with the BASE64 representation of their payload:

Thus I don't need a .wav parser to extract the encoded payload, I can just use my base64dump.py tool:

The BASE64-decoded payload is an XOR-encoded PE file. So I don't need to make a custom decoder, I can just perform a known-plaintext attack looking for the DOS header with my xor-kpa.py tool:

The XOR key was found. Thus we can easily dump the decoded PE file and see the MZ header at position 0x08 and a bit further down the DOS header we used in the known-plaintext-attack:

And my tool pecheck.py can extract an analyse the sample:

Didier Stevens
Senior handler
blog.DidierStevens.com

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Security

Lumma Stealer infection with Sectop RAT (ArechClient2), (Fri, Apr 17th)

Leave a comment
This post was originally published on this site

Introduction

This diary provides indicators from a Lumma Stealer infection that was followed by Sectop RAT (ArechClient2). I searched for cracked versions of popular copyright-protected software, and I downloaded the initial malware after following the results of one such search. This is a common distribution technique for various families of malware, and I often find Lumma Stealer this way.

In this case, the initial malware for Lumma Stealer was delivered as a password-protected 7-zip archive. The extracted malware is an inflated Windows executable (EXE) file at 806 MB. The EXE is padded with null-bytes (0x00), a technical which increases the EXE size while allowing the compressed archive file to be much smaller. The password-protected archive and inflated EXE file are designed to avoid detection.

Images from the infection


Shown above: Example of a page with instructions to download the initial malware file.


Shown above: Traffic from the infection filtered in Wireshark.


Shown above: Sectop RAT persistent on an infected Windows host.

Indicators of Compromise

Example of download link from the site advertising cracked versions of copyright-protected software:

hxxps[:]//incolorand[.]com/how-visual-patch-enhances-ui-consistency-across-releases/?utm_source={CID}&utm_term=Adobe%20Premiere%20Pro%20(2026)%20Full%20v26.0.2%20Espa%C3%B1ol%20[Mega]&utm_content={SUBID1}&utm_medium={SUBID2}

Example of URL for page with the file download instructions:

hxxps[:]//mega-nz.goldeneagletransport[.]com/Adobe_Premiere_Pro_%282026%29_Full_v26.0.2_Espa%C3%B1ol_%5BMega%5D.zip?c=ABUZ4WkRgQUA_YUCAFVTFwASAAAAAACh&s=360721

Example of URL for file download from site above site impersonating MEGA:

hxxps[:]//arch.primedatahost3[.]cfd/auth/media/JvWcFd5vUoYTrImvtWQAASTh/Adobe_Premiere_Pro_(2026)_Full_v26.0.2_Espa%C3%B1ol_%5BMega%5D.zip

Downloaded file:

Extracted malware:

  • SHA256 hash: 4849f76dafbef516df91fecfc23a72afffaf77ade51f805eae5ad552bed88923
  • File size: 806,127,604 bytes
  • File name: appFile.exe
  • File type: PE32 executable (GUI) Intel 80386, for MS Windows
  • File description: Inflated Windows EXE file for Lumma Stealer, padded with null-bytes

Deflated malware:

Lumma Stealer command and control (C2) domains from Triage sandbox analysis:

  • cankgmr[.]cyou
  • carytui[.]vu
  • decrnoj[.]club
  • genugsq[.]best
  • longmbx[.]click
  • mushxhb[.]best
  • pomflgf[.]vu
  • strikql[.]shop
  • ulmudhw[.]shop

Follow-up malware:

Example of Sectop RAT C2 traffic from an infected Windows host:

  • hxxp[:]//91.92.241[.]102:9000/wmglb
  • hxxp[:]//91.92.241[.]102:9000/wbinjget?q=66B553A8B94CE37C16F4EBC863D51FCC
  • tcp[:]//91.92.241[.]102:443/ – encoded or otherwise encrypted traffic (not HTTPS/TLS)


Bradley Duncan
brad [at] malware-traffic-analysis.net

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

AWS

Introducing Anthropic’s Claude Opus 4.7 model in Amazon Bedrock

Leave a comment
This post was originally published on this site

Today, we’re announcing Claude Opus 4.7 in Amazon Bedrock, Anthropic’s most intelligent Opus model for advancing performance across coding, long-running agents, and professional work.

Claude Opus 4.7 is powered by Amazon Bedrock’s next generation inference engine, delivering enterprise-grade infrastructure for production workloads. Bedrock’s new inference engine has brand-new scheduling and scaling logic which dynamically allocates capacity to requests, improving availability particularly for steady-state workloads while making room for rapidly scaling services. It provides zero operator access—meaning customer prompts and responses are never visible to Anthropic or AWS operators—keeping sensitive data private.

According to Anthropic, Claude Opus 4.7 model provides improvements across the workflows that teams run in production such as agentic coding, knowledge work, visual understanding,long-running tasks. Opus 4.7 works better through ambiguity, is more thorough in its problem solving, and follows instructions more precisely.

  • Agentic coding: The model extends Opus 4.6’s lead in agentic coding, with stronger performance on long-horizon autonomy, systems engineering, and complex code reasoning tasks. According to Anthropic, the model records high-performance scores with 64.3% on SWE-bench Pro, 87.6% on SWE-bench Verified, and 69.4% on Terminal-Bench 2.0.
  • Knowledge work: The model advances professional knowledge work, with stronger performance on document creation, financial analysis, and multi-step research workflows. The model reasons through underspecified requests, making sensible assumptions and stating them clearly, and self-verifies its output to improve quality on the first step. According to Anthropic, the model reaches 64.4% on Finance Agent v1.1.
  • Long-running tasks: The model stays on track over longer horizons, with stronger performance over its full 1M token context window as it reasons through ambiguity and self-verifies its output.
  • Vision: the model adds high-resolution image support, improving accuracy on charts, dense documents, and screen UIs where fine detail matters.

The model is an upgrade from Opus 4.6 but may require prompting changes and harness tweaks to get the most out of the model. To learn more, visit Anthropic’s prompting guide.

Claude Opus 4.7 model in action
You can get started with Claude Opus 4.7 model in Amazon Bedrock console. Choose Playground under Test menu and choose Claude Opus 4.7 when you select model. Now, you can test your complex coding prompt with the model.

I run the following prompt example about technical architecture decision:
Design a distributed architecture on AWS in Python that should support 100k requests per second across multiple geographic regions.

You can also access the model programmatically using the Anthropic Messages API to call the bedrock-runtime through Anthropic SDK or bedrock-mantle endpoints, or keep using the Invoke and Converse API on bedrock-runtime through the AWS Command Line Interface (AWS CLI) and AWS SDK.

To get started with making your first API call to Amazon Bedrock in minutes, choose Quickstart in the left navigation pane in the console. After choosing your use case, you can generate a short term API key to authenticate your requests as testing purpose.

When you choose the API method such as the OpenAI-compatible Responses API, you can get sample codes to run your prompt to make your inference request using the model.


To invoke the model through the Anthropic Claude Messages API, you can proceed as follows using anthropic[bedrock] SDK package for a streamlined experience:

from anthropic import AnthropicBedrockMantle
# Initialize the Bedrock Mantle client (uses SigV4 auth automatically)
mantle_client = AnthropicBedrockMantle(aws_region=REGION)
# Create a message using the Messages API
message = mantle_client.messages.create(
    model="anthropic.claude-opus-4-7",
    max_tokens=2048,
    messages=[ 
	    {"role": "user", "content": "Design a distributed architecture on AWS in Python that should support 100k requests per second across multiple geographic regions"}
    ]
)
print(message.content[0].text)

You can also run the following command to invoke the model directly to bedrock-runtime endpoint using the AWS CLI and the Invoke API:

aws bedrock-runtime invoke-model  
 --model-id anthropic.claude-opus-4-7  
 --region us-east-1  
 --body '{"messages": [{"role": "user", "content": "Design a distributed architecture on AWS in Python that should support 100k requests per second across multiple geographic regions."}], "max_tokens": 512, "temperature": 0.5, "top_p": 0.9}'  
 --cli-binary-format raw-in-base64-out  
invoke-model-output.txt

For more intelligent reasoning capability, you can use Adaptive thinking with Claude Opus 4.7, which lets Claude dynamically allocate thinking token budgets based on the complexity of each request.

To learn more, visit the Anthropic Claude Messages API and check out code examples for multiple use cases and a variety of programming languages.

Things to know
Let me share some important technical details that I think you’ll find useful.

  • Choosing APIs: You can choose from a variety of Bedrock APIs for model inference, as well as the Anthropic Messages API. The Bedrock-native Converse API supports multi-turn conversations and Guardrails integration. The Invoke API provides direct model invocation and lowest-level control.
  • Scaling and capacity: Bedrock’s new inference engine is designed to rapidly provision and serve capacity across many different models. When accepting requests, we prioritize keeping steady state workloads running, and ramp usage and capacity rapidly in response to changes in demand. During periods of high demand, requests are queued, rather than rejected. Up to 10,000 requests per minute (RPM) per account per Region are available immediately, with more available upon request.

Now available
Anthropic’s Claude Opus 4.7 model is available today in the US East (N. Virginia), Asia Pacific (Tokyo), Europe (Ireland), and Europe (Stockholm) Regions; check the full list of Regions for future updates. To learn more, visit the Claude by Anthropic in Amazon Bedrock page and the Amazon Bedrock pricing page.

Give Anthropic’s Claude Opus 4.7 a try in the Amazon Bedrock console today and send feedback to AWS re:Post for Amazon Bedrock or through your usual AWS Support contacts.

Channy

AWS

AWS Weekly Roundup: Claude Mythos Preview in Amazon Bedrock, AWS Agent Registry, and more (April 13, 2026)

Leave a comment
This post was originally published on this site

In my last Week in Review post, I mentioned how much time I’ve been spending on AI-Driven Development Lifecycle (AI-DLC) workshops with customers this year. A common theme in those sessions is the need for better cost visibility. Teams are moving fast with AI, but as they go from experimenting to full production, finance and leadership really need to know who is using which resources and at what cost. That’s why I was so excited to see the launch of Amazon Bedrock new support for cost allocation by IAM user and role this week. This lets you tag IAM principals with attributes like team or cost center and then activate those tags in your Billing and Cost Management console. The resulting cost data flows into AWS Cost Explorer and the detailed Cost and Usage Report, giving you a clear line of sight into model inference spending. Whether you’re scaling agents across teams, tracking foundation model use by department, or running tools like Claude Code on Amazon Bedrock, this new feature is a game changer for tracking and managing your AI investments. You can get all the details on setting this up in the IAM principal cost allocation documentation.

Now, let’s get into this week’s AWS news…

Headlines
Amazon Bedrock now offers Claude Mythos Preview Anthropic’s most sophisticated AI model to date is now available on Amazon Bedrock as a gated research preview through Project Glasswing. Claude Mythos introduces a new model class focused on cybersecurity, capable of identifying sophisticated security vulnerabilities in software, analyzing large codebases, and delivering state of the art performance across cybersecurity, coding, and complex reasoning tasks. Security teams can use it to discover and address vulnerabilities in critical software before threats emerge. Access is currently limited to allowlisted organizations, with Anthropic and AWS prioritizing internet critical companies and open source maintainers.

AWS Agent Registry for centralized agent discovery and governance now in preview AWS launched Agent Registry through Amazon Bedrock AgentCore, providing organizations with a private catalog for discovering and managing AI agents, tools, skills, MCP servers, and custom resources. The registry helps teams locate existing capabilities rather than duplicating them, with semantic and keyword search, approval workflows, and CloudTrail audit trails. It is accessible via the AgentCore Console, AWS CLI, SDK, and as an MCP server queryable from IDEs.

Last week’s launches
Here are some launches and updates from this past week that caught my attention:

  • Announcing Amazon S3 Files, making S3 buckets accessible as file systems — Amazon S3 Files transforms S3 buckets into shared file systems that connect any AWS compute resource directly with your S3 data. Built on Amazon EFS technology, it delivers full file system semantics with low latency performance, caching actively used data and providing multiple terabytes per second of aggregate read throughput. Applications can access S3 data through both file system and S3 APIs simultaneously without code modifications or data migration.
  • Amazon OpenSearch Service supports Managed Prometheus and agent tracing —Amazon OpenSearch Service now provides a unified observability platform that consolidates metrics, logs, traces, and AI agent tracing into a single interface. The update includes native Prometheus integration with direct PromQL query support, RED metrics monitoring, and OpenTelemetry GenAI semantic convention support for LLM execution visibility. Operations teams can correlate slow traces to logs and overlay Prometheus metrics on dashboards without switching between tools.
  • Amazon WorkSpaces Advisor now available for AI powered troubleshooting— AWS launched Amazon WorkSpaces Advisor, an AI powered administrative tool that uses generative AI to help IT administrators troubleshoot Amazon WorkSpaces Personal deployments. It analyzes WorkSpace configurations, detects problems automatically, and provides actionable recommendations to restore service and optimize performance.
  • Amazon Braket adds support for Rigetti’s 108 qubit Cepheus QPU — Amazon Braket now offers access to Rigetti’s Cepheus-1-108Q device, the first 100+ qubit superconducting quantum processor on the platform. The modular design features twelve 9 qubit chiplets with CZ gates that offer enhanced resilience to phase errors. It supports multiple frameworks including Braket SDK, Qiskit, CUDA-Q, and Pennylane, with pulse level control for researchers.

For a full list of AWS announcements, be sure to keep an eye on the What’s New with AWS page.

Other AWS news
Here are some additional posts and resources that you might find interesting:

Upcoming AWS events
Check your calendar and sign up for upcoming AWS events:

  • What’s Next with AWS (April 28, Virtual) Join this livestream at 9am PT for a candid discussion about how agentic AI is transforming how businesses operate. Featuring AWS CEO Matt Garman, SVP Colleen Aubrey, and OpenAI leaders discussing emerging agent capabilities, Amazon’s internal experiences, and new agentic solutions and platform capabilities.

Browse here for upcoming AWS led in person and virtual events, startup events, and developer focused events.

That’s all for this week. Check back next Monday for another Weekly Roundup!

~ micah

Security

Scans for EncystPHP Webshell, (Mon, Apr 13th)

Leave a comment
This post was originally published on this site

Last week, I wrote about attackers scanning for various webshells, hoping to find some that do not require authentication or others that use well-known credentials. But some attackers are paying attention and are deploying webshells with more difficult-to-guess credentials. Today, I noticed some scans for what appears to be the "EncystPHP" web shell. Fortinet wrote about this webshell back in January. It appears to be a favorite among attackers compromising vulnerable FreePBX systems.