In December 2022, the US Cybersecurity and Infrastructure Security Agency (CISA) identified exploits against vulnerable public-facing applications as the most common initial attack vector for cybercriminals, followed by attacks on external remote services such as VPNs. According to a study by CrowdStrike, exploit activity targeting cloud apps and assets grew 95% from 2021 to 2022, and instances of threat actors directly targeting cloud apps exploded by 288% during that period.

Although SIEMs have existed for more than 20 years, many organizations still fail to achieve full data visibility into their environments. Two problems compound this challenge. First: attack surfaces. As organizations scale their digital infrastructures and bring on new applications, the amount of data analysts need to monitor and analyze increases exponentially.

Technology trends may come and go, but cloud storage has become a mainstay for efficient data management. Instead of relying on physical drives such as local SSDs, the cloud allows users to store their data securely in remote data centers. On the other hand, traditional storage methods, such as hard disk drives (HDDs), have been storage mainstays for decades. Through magnetic spinning disk technology, HDDs have been reliable for long-term storage.

Read also: Four people arrested over ChatGPT-linked ransomware attacks, a scammer charged for stealing $7.5M from two charities, and more.

Welcome to 2024 and a new monthly feature here at GitGuardian, a comic strip called "Guardian Goofs." If you like it, please show it some love by hitting one of those "share" links below it. And check back on the first Thursday of each month for the newest "Goof." Share this article on Twitter, HackerNews, LinkedIn, or Reddit.

This is not a beginner’s blog post. As such, we will not tell you about the importance of securing your Kubernetes infrastructure (it’s important). However, if you are here to learn about increasing the efficiency of your security work and the blind spots you may have, you have come to the right place. You may have heard of and are already using CVSS as your gold standard for vulnerability prioritization.

Knowledge is power. Power is money. In the context of information systems and applications, knowledge is ingested, processed, and used as data. Data theft or loss can be devastatingly costly to a business. Data is one of an organization’s most valuable assets, and must be secured and protected as such.

Every year, new technologies are released; with them, professionals are discovering new sets of application vulnerabilities. However, some threats and challenges are constant in the list, such as malware and app spoofing. However, all the threats are now more powerful with the advancement of tools. Further, it’s expected that the mobile app security challenges will be more rigid in 2024.

The challenge of telling humans and bots apart is almost as old as the web itself. From online ticket vendors to dating apps, to ecommerce and finance — there are many legitimate reasons why you'd want to know if it's a person or a machine knocking on the front door of your website. Unfortunately, the tools for the web have traditionally been clunky and sometimes involved a bad user experience.