Iot on ZX Cloud Security

AWS IoT Device Management MQTT Session Data API

Wed, 03 Jun 2026 21:15:00 +0000

🟢 Low | Source: AWS What’s New

AWS IoT Device Management has enhanced its connectivity status API to include detailed MQTT session data, such as session timeout and expiry values, plus optional socket-level details including IP addresses, ports, and VPC endpoint IDs. Unlike the IoT Core GetConnection API, which only retains data for 30 minutes post-disconnect, this API stores connection history indefinitely. This is useful for security auditing, forensic investigation of disconnect events, and monitoring connection patterns across large IoT fleets.

Architect’s Take: Review and tighten IAM policies controlling access to the new socket-level details (source/destination IPs, ports, VPC endpoint IDs), as this data could aid lateral movement reconnaissance if exposed to over-privileged roles. Use the indefinite data retention capability to feed IoT connectivity logs into your SIEM for anomaly detection and post-incident forensics.

Original advisory: AWS IoT Device Management adds MQTT session data to connectivity status API

AWS IoT Device Management: MQTT Session Data in API

Wed, 03 Jun 2026 21:15:00 +0000

🟢 Low | Source: AWS What’s New

AWS IoT Device Management has enhanced its connectivity status API to include detailed MQTT session data, such as session timeout and expiry values, plus optional socket-level details including IP addresses, ports, and VPC endpoint IDs. Unlike the AWS IoT Core GetConnection API, which only retains data for 30 minutes post-disconnect, this API stores connection history indefinitely, improving long-term auditability. Access to sensitive socket-level information is controlled via IAM policies, allowing organisations to limit visibility to authorised teams.

Architect’s Take: Review and tighten IAM policies governing access to the connectivity status API, particularly the socket-level data permissions, to ensure only operations and security teams have visibility into source/destination IPs and VPC endpoint IDs. Additionally, consider integrating the indefinite data retention capability into your IoT incident response and audit workflows to leverage historical disconnect data for forensic investigations.

Original advisory: AWS IoT Device Management adds MQTT session data to connectivity status API

Curved Radio Beams Can Defeat Anti-Jamming Systems

Wed, 03 Jun 2026 20:57:39 +0000

🟡 Medium | Source: The Register — Security

Researchers at Rice University have demonstrated that curving or bending radio beams can defeat anti-jamming systems that rely on locating the source of interference. Because the signal no longer travels in a straight line, direction-finding techniques used to identify and counter jammers become ineffective. This has implications for any wireless communication infrastructure, including those supporting cloud-connected IoT, satellite links, and enterprise wireless networks.

Architect’s Take: Cloud architects relying on wireless backhaul, satellite connectivity, or IoT sensor networks should review their signal resilience strategy — consider whether your anti-jamming or interference-detection controls assume line-of-sight propagation, and engage your network security team to assess whether alternative detection methods (e.g. signal fingerprinting or multi-point triangulation) are in scope.

Original advisory: Bend the beam like Beckham to defeat anti-jamming tech