January 28 is recognized as Data Protection Day in Europe, the United States and dozens of other countries including Canada and Israel. It provides a moment to reflect on where data protection regulations stand today and where they are going. At present, seemingly incongruent trends in cybersecurity policy threaten to confuse data protection efforts.

PostgreSQL is a powerful, open-source relational database management system (RDBMS). Because of its robustness and scalability, PostgreSQL is used extensively in the cloud. Most public cloud providers including AWS, Azure and GCP provide database services to their customers based on PostgreSQL.

One of the primary debugging tools for a cloud-native developer is the simple, humble log file. Some malfunctioning systems can be impossible to debug without them. FluentD is an open source log collector that provides unified log processing across multiple emitter systems, either on the same logical device or separate devices. For example, on a single k8s pod, logs are emitted from the pod itself, the container running in the pod and the microservice running in the container.

Logging is an important tool in the cloud developer’s toolbox. It can be the critical component used to discover why your authentication service can’t connect to its database or why your API gateway is not routing upstream traffic correctly. Today, humans are not the only ones reading logs. Machines are also participating in the logging landscape by helping identify patterns (and outliers) in your system logs.

Hybrid working models have increasingly become the normal way of doing business. Employees are working from anywhere, users and their devices are moving on and off the office network, and many applications once hosted in data centers are now moving to public clouds or being replaced with software as a service (SaaS).

Today, containers are the preferred approach to deploy software or create build environments in CI/CD lifecycles. However, since the emergence of container solutions and environments like Docker and Kubernetes, security researchers have consistently found ways to escape from containers once they are compromised. Most attacks are based on configuration errors.

The cybersecurity threats facing small and medium-sized businesses (SMBs) are real and growing. The FBI’s Internet Crime Complaint Center reports a majority of the 800,000+ complaints they received regarding cyberattacks in 2021 targeted small businesses. A cyberattack can cause significant damage to any organization. But for SMBs, a security incident that causes productivity loss, financial trouble or reputation harm can be devastating.

Adversaries continue to find new and innovative ways to penetrate an organization’s defenses. Defenders who focus on plugging these holes can find themselves exhausted and frustrated. Hunting for adversarial defense evasion for the purpose of data exfiltration and command-and-control (C2), however, remains a good strategy. Many adversaries leverage tooling to establish C2 or to enable successful data exfiltration, all while evading an organization’s defenses.

In December, CrowdStrike reported that beginning in June 2022, the CrowdStrike Services, CrowdStrike® Falcon OverWatch™ and CrowdStrike Intelligence teams observed an increase in the targeting of telco and BPO industries. CrowdStrike Intelligence attributed this campaign with low confidence to the SCATTERED SPIDER eCrime adversary.