Announcing Amazon EC2 Capacity Blocks for ML to reserve GPU capacity for your machine learning workloads

This post was originally published on this site

Recent advancements in machine learning (ML) have unlocked opportunities for customers across organizations of all sizes and industries to reinvent new products and transform their businesses. However, the growth in demand for GPU capacity to train, fine-tune, experiment, and inference these ML models has outpaced industry-wide supply, making GPUs a scarce resource. Access to GPU capacity is an obstacle for customers whose capacity needs fluctuate depending on the research and development phase they’re in.

Today, we are announcing Amazon Elastic Compute Cloud (Amazon EC2) Capacity Blocks for ML, a new Amazon EC2 usage model that further democratizes ML by making it easy to access GPU instances to train and deploy ML and generative AI models. With EC2 Capacity Blocks, you can reserve hundreds of GPUs collocated in EC2 UltraClusters designed for high-performance ML workloads, using Elastic Fabric Adapter (EFA) networking in a peta-bit scale non-blocking network, to deliver the best network performance available in Amazon EC2.

This is an innovative new way to schedule GPU instances where you can reserve the number of instances you need for a future date for just the amount of time you require. EC2 Capacity Blocks are currently available for Amazon EC2 P5 instances powered by NVIDIA H100 Tensor Core GPUs in the AWS US East (Ohio) Region. With EC2 Capacity Blocks, you can reserve GPU instances in just a few clicks and plan your ML development with confidence. EC2 Capacity Blocks make it easy for anyone to predictably access EC2 P5 instances that offer the highest performance in EC2 for ML training.

EC2 Capacity Block reservations work similarly to hotel room reservations. With a hotel reservation, you specify the date and duration you want your room for and the size of beds you’d like─a queen bed or king bed, for example. Likewise, with EC2 Capacity Block reservations, you select the date and duration you require GPU instances and the size of the reservation (the number of instances). On your reservation start date, you’ll be able to access your reserved EC2 Capacity Block and launch your P5 instances. At the end of the EC2 Capacity Block duration, any instances still running will be terminated.

You can use EC2 Capacity Blocks when you need capacity assurance to train or fine-tune ML models, run experiments, or plan for future surges in demand for ML applications. Alternatively, you can continue using On-Demand Capacity Reservations for all other workload types that require compute capacity assurance, such as business-critical applications, regulatory requirements, or disaster recovery.

Getting started with Amazon EC2 Capacity Blocks for ML
To reserve your Capacity Blocks, choose Capacity Reservations on the Amazon EC2 console in the US East (Ohio) Region. You can see two capacity reservation options. Select Purchase Capacity Blocks for ML and then Get started to start looking for an EC2 Capacity Block.

Choose your total capacity and specify how long you need the EC2 Capacity Block. You can reserve an EC2 Capacity Block in the following sizes: 1, 2, 4, 8, 16, 32, or 64 p5.48xlarge instances. The total number of days that you can reserve EC2 Capacity Blocks is 1– 14 days in 1-day increments. EC2 Capacity Blocks can be purchased up to 8 weeks in advance.

EC2 Capacity Block prices are dynamic and depend on total available supply and demand at the time you purchase the EC2 Capacity Block. You can adjust the size, duration, or date range in your specifications to search for other EC2 Capacity Block options. When you select Find Capacity Blocks, AWS returns the lowest-priced offering available that meets your specifications in the date range you have specified. At this point, you will be shown the price for the EC2 Capacity Block.

After reviewing EC2 Capacity Blocks details, tags, and total price information, choose Purchase. The total price of an EC2 Capacity Block is charged up front, and the price does not change after purchase. The payment will be billed to your account within 12 hours after you purchase the EC2 Capacity Blocks.

All EC2 Capacity Blocks reservations start at 11:30 AM Coordinated Universal Time (UTC). EC2 Capacity Blocks can’t be modified or canceled after purchase.

You can also use AWS Command Line Interface (AWS CLI) and AWS SDKs to purchase EC2 Capacity Blocks. Use the describe-capacity-block-offerings API to provide your cluster requirements and discover an available EC2 Capacity Block for purchase.

$ aws ec2 describe-capacity-block-offerings 
          --instance-type p5.48xlarge 
          --instance-count 4 
          --start-date-range 2023-10-30T00:00:00Z 
          --end-date-range 2023-11-01T00:00:00Z 
          –-capacity-duration 48

After you find an available EC2 Capacity Block with the CapacityBlockOfferingId and capacity information from the preceding command, you can use purchase-capacity-block-reservation API to purchase it.

$ aws ec2 purchase-capacity-block-reservation 
          --capacity-block-offering-id cbr-0123456789abcdefg 
          –-instance-platform Linux/UNIX

For more information about new EC2 Capacity Blocks APIs, see the Amazon EC2 API documentation.

Your EC2 Capacity Block has now been scheduled successfully. On the scheduled start date, your EC2 Capacity Block will become active. To use an active EC2 Capacity Block on your starting date, choose the capacity reservation ID for your EC2 Capacity Block. You can see a breakdown of the reserved instance capacity, which shows how the capacity is currently being utilized in the Capacity details section.

To launch instances into your active EC2 Capacity Block, choose Launch instances and follow the normal process of launching EC2 instances and running your ML workloads.

In the Advanced details section, choose Capacity Blocks as the purchase option and select the capacity reservation ID of the EC2 Capacity Block you’re trying to target.

As your EC2 Capacity Block end time approaches, Amazon EC2 will emit an event through Amazon EventBridge, letting you know your reservation is ending soon so you can checkpoint your workload. Any instances running in the EC2 Capacity Block go into a shutting-down state 30 minutes before your reservation ends. The amount you were charged for your EC2 Capacity Block does not include this time period. When your EC2 Capacity Block expires, any instances still running will be terminated.

Now available
Amazon EC2 Capacity Blocks are now available for p5.48xlarge instances in the AWS US East (Ohio) Region. You can view the price of an EC2 Capacity Block before you reserve it, and the total price of an EC2 Capacity Block is charged up-front at the time of purchase. For more information, see the EC2 Capacity Blocks pricing page.

To learn more, see the EC2 Capacity Blocks documentation and send feedback to AWS re:Post for EC2 or through your usual AWS Support contacts.

Channy

Multiple Layers of Anti-Sandboxing Techniques, (Tue, Oct 31st)

This post was originally published on this site

It has been a while that I did not find an interesting malicious Python script. All the scripts that I recently spotted were always the same: a classic intostealer using Discord as C2 channel. Today I found one that contains a lot of anti-sanboxing techniques. Let's review them. For malware, it's key to detect the environment where they are executed. When detonated inside a sandbox (automatically or, manually, by an Analyst), they will be able to change their behaviour (most likely, do nothing)

PowerShell 7.4 Release Candidate 1

This post was originally published on this site

PowerShell 7.4 RC-1 is now available

We’re proud to announce the availability of PowerShell 7.4.0-rc.1!
This is the first release candidate version of PowerShell 7.4 and is considered a “go-live” release
meaning that it is a supported release in production.
Now is the time to test out PowerShell 7.4 in your environment.
PowerShell 7.4 is built on top of .NET 8 and as a LTS (Long Term Support) release will be supported for 3 years.

How do I get it?

Since PowerShell 7 is supported on Windows, Linux, and macOS, there are a variety of ways to get it.
If you had installed the previous PowerShell 7.4 preview release (7.4.0-preview.6) via the Windows Store or MSI (and opted into Microsoft Update),
you will be automatically updated to 7.4.0-rc.1.

Note that after releases there are some delays in all release channels getting the latest bits.
If this version is not available on your release channel of choice expect it to be available
within 2 weeks.

What’s new in this release?

  • PSResourceGet is now GA and has reached a 1.0.0 version in this release– for more info on this module release check out this blog post
  • PSReadLine has been incremented to a new feature version 2.3.4– for more info on this module release check out this blog post
  • This release also contained a number of bug fixes– for the full list of changes please refer to the changelog

For more info on what’s changed in PowerShell 7.4, check out this page of the documentation.

Experimental Features which were made stable for 7.4

The following features were developed and released as experimental during the PowerShell 7.4
previews. Through telemetry and user feedback we determined that they should
be available as non-experimental features in the 7.4 release.

What’s next?

PowerShell 7.4 will be our next LTS release and expected to ship once an RC is determined to be ready.
We’ll have a separate blog post when the GA release of 7.4 becomes available.
We appreciate all the efforts of the community, both individuals and working group members,
and look forward to your continued feedback and contributions!

Sydney
PowerShell Team

The post PowerShell 7.4 Release Candidate 1 appeared first on PowerShell Team.

AWS Weekly Roundup – re:Post Selections, SNS and SQS FIFO improvements, multi-VPC ENI attachments, and more – October 30, 2023

This post was originally published on this site

It’s less than a month to AWS re:Invent, but interesting news doesn’t slow down in the meantime. This week is my turn to help keep you up to date!

Last week’s launches
Here are some of the launches that caught my attention last week:

AWS re:Post – With re:Post, you have access to a community of experts that helps you become even more successful on AWS. With Selections, community members can organize knowledge in an aggregated view to create learning paths or curated content sets.

Amazon SNS – First-in-First-out (FIFO) topics now support the option to store and replay messages without needing to provision a separate archival resource. This improves the durability of your event-driven applications and can help you recover from downstream failure scenarios. Find out more in this AWS Comput Blog post – Archiving and replaying messages with Amazon SNS FIFO. Also, you can now use custom data identifiers to protect not only common sensitive data (such as names, addresses, and credit card numbers) but also domain-specific sensitive data, such as your company’s employee IDs. You can find additional info on this feature in this AWS Security blog post – Mask and redact sensitive data published to Amazon SNS using managed and custom data identifiers.

Amazon SQS – With the increased throughput quota for FIFO high throughput mode, you can process up to 18,000 transactions per second, per API action. Note the throughput quota depends on the AWS Region.

Amazon OpenSearch Service – OpenSearch Serverless now supports automated time-based data deletion with new index lifecycle policies. To determine the best strategy to deliver accurate and low latency vector search queries, OpenSearch can now intelligently evaluate optimal filtering strategies, like pre-filtering with approximate nearest neighbor (ANN) or filtering with exact k-nearest neighbor (k-NN). Also, OpenSearch Service now supports Internet Protocol Version 6 (IPv6).

Amazon EC2 – With multi-VPC ENI attachments, you can launch an instance with a primary elastic network interface (ENI) in one virtual private cloud (VPC) and attach a secondary ENI from another VPC. This helps maintain network-level segregation, but still allows specific workloads (like centralized appliances and databases) to communicate between them.

AWS CodePipeline – With parameterized pipelines, you can dynamically pass input parameters to a pipeline execution. You can now start a pipeline execution when a specific git tag is applied to a commit in the source repository.

Amazon MemoryDB – Now supports Graviton3-based R7g nodes that deliver up to 28 percent increased throughput compared to R6g. These nodes also deliver higher networking bandwidth.

Other AWS news
Here are a few posts from some of the other AWS and cloud blogs that I follow:

Networking & Content Delivery Blog – Some of the technical management and hardware decisions we make when building AWS network infrastructure: A Continuous Improvement Model for Interconnects within AWS Data Centers

Interconnect monitoring service infrastructure diagram

DevOps Blog – To help enterprise customers understand how many of developers use CodeWhisperer, how often they use it, and how often they accept suggestions: Introducing Amazon CodeWhisperer Dashboard and CloudWatch Metrics

Front-End Web & Mobile Blog – How to restrict access to your GraphQL APIs to consumers within a private network: Architecture Patterns for AWS AppSync Private APIs

Architecture Blog – Another post in this super interesting series: Let’s Architect! Designing systems for stream data processing

A serverless streaming data pipeline using Amazon Kinesis and AWS Glue

From Community.AWS: Load Testing WordPress Amazon Lightsail Instances and Future-proof Your .NET Apps With Foundation Model Choice and Amazon Bedrock.

Don’t miss the latest AWS open source newsletter by my colleague Ricardo.

Upcoming AWS events
Check your calendars and sign up for these AWS events

AWS Community Days – Join a community-led conference run by AWS user group leaders in your region: Jaipur (November 4), Vadodara (November 4), Brasil (November 4), Central Asia (Kazakhstan, Uzbekistan, Kyrgyzstan, and Mongolia on November 17-18), and Guatemala (November 18).

AWS re:Invent (November 27 – December 1) – Join us to hear the latest from AWS, learn from experts, and connect with the global cloud community. Browse the session catalog and attendee guides and check out the highlights for generative AI.

Here you can browse all upcoming AWS-led in-person and virtual events and developer-focused events.

And that’s all from me for this week. On to the next one!

Danilo

This post is part of our Weekly Roundup series. Check back each week for a quick roundup of interesting news and announcements from AWS!

Flying under the Radar: The Privacy Impact of multicast DNS, (Mon, Oct 30th)

This post was originally published on this site

The recent patch to iOS/macOS for CVE-2023-42846 made me think it is probably time to write up a reminder about the privacy impact of UPNP and multicast DNS. This is not a new issue, but it appears to have been forgotten a bit [vuln]. In particular, Apple devices are well-known for their verbose multicast DNS messages.

Spam or Phishing? Looking for Credentials & Passwords, (Sun, Oct 29th)

This post was originally published on this site

We are now at the end of the Cybersecurity Awareness month, it is important to remain digitally safe all year round [1][2][3].

In the past week, the handler mailbox has been receiving several emails, some asking to authenticate to get a password and other to add more storage. It is clear that all of them have the same goal, to get access to the password associated with the account.

 

If the anti-spam filter doesn't catch/block them, most of them have a similar format containing the pre-filled email address (in this case the handler email) at the end of the URL asking to enter the password to fix the problem. Sometimes there is little or no URL obfuscation [4][5][6] where other, you are not exactly sure where the full URL is taking you and may need a tool like CyberChef [7] to rebuild it. 

[1] https://www.sans.org/security-awareness-training/
[2] https://www.nist.gov/cybersecurity/cybersecurity-awareness-month
[3] https://www.canada.ca/en/communications-security/news/2023/09/cyber-security-awareness-month-2023.html
[4] https://us-central-1.fybeobjects[.]com/969b00a97b384e09b03b3ca692e2d995:japa/jackpablocker/index5.htm#handlers@isc.sans.edu
[5] https://us-central-1.fybeobjects[.]com/969b00a97b384e09b03b3ca692e2d995:japa/jackpaty5020/index5.htm#handlers@isc.sans.edu
[6] https://ipfs[.]io/ipfs/QmUvJ5s5yMpDafExvEvkb6B6QKDKXANytaWHBveSVNAbs4/?bookName=handlers@isc.sans.edu
[7] https://gchq.github.io/CyberChef/

———–
Guy Bruneau IPSS Inc.
My Handler Page
Twitter: GuyBruneau
gbruneau at isc dot sans dot edu

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Size Matters for Many Security Controls, (Sat, Oct 28th)

This post was originally published on this site

This week, I'm teaching FOR610 in Manchester, and while my students are busy resolving some challenges, I'm looking at my hunting results from the previous days. I found an interesting sample. The file was delivered via an email with a URL pointing to a well-known file-sharing service: hxxps://www[.]Mediafire[.]com/file/o3m15ydxnhlm9w0/New+Purchase+Order+pdf.tgz/file. The file is not available anymore, but I was able to find it back on VirusTotal: "New Purchase Order pdf.tgz" (SHA256:7f351b32e6209496ef59c511dffaf9312508b53e476b1e77171af3d433b94087[1]) with a low score of 3/54.

VMware Skyline Advisor Pro Proactive Findings – October 2023 Edition

This post was originally published on this site

Tweet VMware Skyline Advisor Pro releases new proactive Findings every month. Findings are prioritized by trending issues in VMware Technical Support, issues raised through post escalation review, security vulnerabilities, issues raised from VMware engineering, and nominated by customers. For the month of October, we released 39 new Findings. Of these, there are 30 Findings based … Continued

Adventures in Validating IPv4 Addresses, (Thu, Oct 26th)

This post was originally published on this site

It should be pretty easy to validate an IP address. IPv4 addresses are 32-bit unsigned integers, and IPv6 addresses are 128-bit unsigned integers. Things get "interesting" when developers attempt to validate IP addresses as a string. There have been a few interesting vulnerabilities around this issue (CVE-2021-28918, CVE-2021-29921, CVE-2021-29418).

PowerShell Extension for Visual Studio Code Fall 2023 Update

This post was originally published on this site

PowerShell Extension for Visual Studio Code Fall 2023 Update

We are excited to announce that the fall update to the PowerShell Extension for Visual Studio Code
is now available on the extension marketplace.

In this update, thanks to efforts across the team, we are shipping the extension with the latest and greatest PSReadLine, v2.3.4! In addition this release contains a number of bug fixes and community contributions.

Thanks to all the many community contributors whose efforts make releases such as these possible!

Updates in the Fall Release

Note that these updates all shipped in our preview channel
for VS Code before shipping in our stable channel.

Some highlights of the fall release:

  • Stop hiding Activity Bar in ISE Mode.
  • Fix race condition with displaying PowerShell name on icon.
  • Support ~, ./ and named workspace folders in cwd.
  • Enhance additionalPowerShellExes setting.
  • Add startLocation setting for Extension Terminal. (Thanks @krishankanumuri!)
  • Upgrade bundled PSReadLine module to v2.3.4.
  • Add None to PsesLogLevel enum.
  • Fix debugging script blocks that aren’t in files.
  • Fix shell integration for PowerShell 5.1 with strict mode.

For the full list of changes please refer to our changelog.

In this release we also updated our versioning schema. The middle version number no longer corresponds to the month, but is simply incremented. Even versions are stable, and odd versions are pre-release, with the latter purposefully being versioned higher than the former in order to keep both channels (pre-release and stable) available in the Visual Studio Code marketplace.

Getting Support and Giving Feedback

While we hope the new release provides a better user experience, there are bound to be issues.
Please let us know if you run into anything.

If you encounter any issues with the PowerShell Extension in Visual Studio Code or have feature requests, the best place to get support is through our GitHub repository.

Sydney Smith
PowerShell Team

The post PowerShell Extension for Visual Studio Code Fall 2023 Update appeared first on PowerShell Team.