DigitalUbuntu - Weekly Pulse#3
PromptLock : AI-Powered Malware || Power of Showing Up || Amazon QuickSight Support for Google Sheets
✨ Power of Showing Up → Joy of Compounding
We often wait for the “right mood” or the “perfect time” to act. But real progress doesn’t come from inspiration—it comes from showing up, even when conditions aren’t ideal. A single imperfect effort still beats the illusion of waiting for perfection.
Like money that grows through compounding interest, progress in life works the same way. Momentum is built through presence, not planning. Show up, do something small, and let the habit of consistency do the heavy lifting over time.
The magic isn’t in intensity—it’s in persistence. Every small action, repeated, multiplies into something far greater than it looks at the start.
Your move 🌱: Choose one thing you’ve been postponing, and do a small version of it today—just to show up.
Amazon QuickSight now supports connectivity to Google Sheets
Amazon QuickSight is a cloud-powered business intelligence (BI) service from Amazon Web Services (AWS).
Amazon QuickSight now lets you connect directly to Google Sheets. You can log in with your Google account to import your sheets for analysis.
IAM now supports three global condition keys — aws:VpceAccount, aws:VpceOrgPaths, and aws:VpceOrgID — to simplify network perimeter enforcement. These keys let you restrict requests by account, organization path (OU), or entire organization, giving flexible control over access.
Amazon EBS launches snapshot copy for AWS Local Zones
Amazon EBS now lets you copy snapshots to AWS Local Zones, helping you meet business and compliance needs.
You can use this for disaster recovery, data migration, and compliance.
Amazon SageMaker introduces account-agnostic, reusable project profiles
Amazon SageMaker now allows you to create project profiles that can be used across different AWS accounts and regions. This means you don't have to set up projects from scratch each time.
With this new feature, managing projects becomes easier. You can define project settings once and apply them everywhere, reducing duplication and making it simpler to follow rules.
AWS Shield network security director (preview)
Secure AWS environments by discovering compute, networking, and network security resources, then evaluating configurations against AWS best practices and threat intelligence.
Enforce scalable access controls across multiple accounts and organizations.
As organizations grow across multiple AWS accounts, enforcing consistent access controls with existing IAM keys (like aws:SourceVpc and aws:SourceVpce) becomes harder to scale.
AWS introduced three IAM global condition keys — aws:VpceAccount, aws:VpceOrgPaths, and aws:VpceOrgID — to enforce scalable access controls across multiple accounts and organizations.
Key Functions:
aws:VpceAccount – Restricts access to VPC endpoints in a specific AWS account.
aws:VpceOrgPaths – Restricts access to VPC endpoints in a specific organizational unit (OU).
aws:VpceOrgID – Restricts access to VPC endpoints within your entire AWS organization.
These keys evaluate the ID of the account, OU, or organization that owns the VPC endpoint making the request.
They can be applied across IAM policy types — including resource control policies (RCPs), service control policies (SCPs), session policies, permissions boundaries, identity-based policies, and resource-based policies.
An open knowledge base for AI security, offering defensive countermeasures and best practices to safeguard AI and machine learning systems.
Techniques and subtechniques are mapped to threats cataloged in MITRE ATLAS, MAESTRO, and OWASP Top 10 for LLMs and ML.
Focused on practicality with clear, highly actionable playbooks that go beyond awareness by providing defensive steps.
PromptLock : AI-Powered Malware
ESET uncovered PromptLock, a new ransomware that uses a local generative AI model to autonomously generate malicious scripts during infection.
The AI creates Lua scripts compatible with Windows, Linux, and macOS, scanning local files and deciding whether to exfiltrate or encrypt them.
Although considered an early-stage proof of concept, PromptLock demonstrates how GenAI can lower barriers for cybercriminals, enabling sophisticated, adaptive malware without large development teams.