StackRox released the findings of the State of Containers and Kubernetes Security Report, Fall 2020. Security incidents remain high (90 percent), and nearly half of respondents have delayed rolling out applications into production because of security concerns (44 percent). At the same time, organizations have progressed in developing DevSecOps initiatives (83 percent have some form in place) and in maturing their container and Kubernetes security strategies (only 25 percent lack a strategy).

As documented in Dirceu Santa Rosa’s article for the IAPP’s Privacy Tracker, efforts to delay the effective date of Brazil’s General Data Protection Law – Lei Geral de Proteção de Dados or LGPD – recently failed, and the law is expected to go into force in the coming days. Brazil’s federal government also published a decree approving the regulatory structure of the Autoridade Nacional de Proteção de Dados, i.e., Brazil’s national data protection authority.

The year 2020 isn’t over yet, but so far, it’s been unprecedented from a threat landscape point of view – including the impact of the global pandemic and social movements on the cybersecurity landscape. The threat researchers at FortiGuard Labs have taken a good hard look at what was happening over the first six months of 2020 from a cybersecurity perspective, and we’ve identified some key trends that the industry needs to be aware of.

What are four aspects that security and privacy professionals need to consider to ensure the balance of privacy and safety in data regulations?

Abnormal Security researchers discovered attackers were impersonating the Texas Department of State Health Services to send fake Request for Quotations (RFQs) to vendors in a type of multi-layered email attack. 

Threat Intelligence (TI) analysts are one of the key groups of experts in Security Operation Centers (SOCs) and play an important role in making sure IT systems are functioning properly. They are in charge of identifying attack vectors that most threaten the organization, define their company’s defensive strategy and help other team members make informed decisions about potential threats. However, handling such a vast amount of responsibilities, data and managing repetitive tasks is the exact type of work that makes TI employees prone to burnout.

Check Point Research unraveled an ongoing surveillance operation by Iranian entities that has been targeting Iranian expats and dissidents for years. While some individual sightings of this attack were previously reported by other researchers and journalists, the investigation allowed Check Point to connect the different campaigns and attribute them to the same attackers.

Mozilla has patched a security flaw that could allow cybercriminals to hijack all vulnerable Firefox for Android browsers running on devices connected to the same Wi-Fi network.

New York University Tandon School of Engineering and its Master of Science in Cybersecurity Risk and Strategy degree will now encompass practical, first-hand knowledge of secure access service edge (SASE) and zero trust best practices.

Currently, cryptographic algorithms are based on factorization. RSA and Elliptic Curve Cryptography (ECC) algorithms are difficult to solve using traditional binary computers because the computer is forced to work through an incomprehensibly long list of probabilities. A traditional binary computer solves that mathematical problem slowly, whereas a quantum computer with an efficient algorithm can solve that problem much more quickly. Maybe a million times faster!