StackRox released the findings of the State of Containers and Kubernetes Security Report, Fall 2020. Security incidents remain high (90 percent), and nearly half of respondents have delayed rolling out applications into production because of security concerns (44 percent). At the same time, organizations have progressed in developing DevSecOps initiatives (83 percent have some form in place) and in maturing their container and Kubernetes security strategies (only 25 percent lack a strategy).

As documented in Dirceu Santa Rosa’s article for the IAPP’s Privacy Tracker, efforts to delay the effective date of Brazil’s General Data Protection Law – Lei Geral de Proteção de Dados or LGPD – recently failed, and the law is expected to go into force in the coming days. Brazil’s federal government also published a decree approving the regulatory structure of the Autoridade Nacional de Proteção de Dados, i.e., Brazil’s national data protection authority.

The year 2020 isn’t over yet, but so far, it’s been unprecedented from a threat landscape point of view – including the impact of the global pandemic and social movements on the cybersecurity landscape. The threat researchers at FortiGuard Labs have taken a good hard look at what was happening over the first six months of 2020 from a cybersecurity perspective, and we’ve identified some key trends that the industry needs to be aware of.

What are four aspects that security and privacy professionals need to consider to ensure the balance of privacy and safety in data regulations?

Many higher education institutions have seen a decline in on-campus residency, dining, and parking along with deferred enrollment which has resulted in reduced revenue. At the same time, they have had to decrease class sizes, transform non-academic spaces into classrooms, and improve ventilation systems. All of which come with mounting expenses.

Abnormal Security researchers discovered attackers were impersonating the Texas Department of State Health Services to send fake Request for Quotations (RFQs) to vendors in a type of multi-layered email attack. 

Threat Intelligence (TI) analysts are one of the key groups of experts in Security Operation Centers (SOCs) and play an important role in making sure IT systems are functioning properly. They are in charge of identifying attack vectors that most threaten the organization, define their company’s defensive strategy and help other team members make informed decisions about potential threats. However, handling such a vast amount of responsibilities, data and managing repetitive tasks is the exact type of work that makes TI employees prone to burnout.

The health, safety and security challenges that business owners and managers have faced in 2020 have made one thing very clear: COVID-19 has acted as a catalyst for a flurry of investments designed to spur the reopening of retail stores, commercial office space and public venues. Such investments don’t need to be singularly focused on opening the doors, but instead can be part of a more sustainable solution that can offer long-term value and flexibility that can be applied to a variety of situations. This is where smart security cameras connected to the IoT can help.

Check Point Research unraveled an ongoing surveillance operation by Iranian entities that has been targeting Iranian expats and dissidents for years. While some individual sightings of this attack were previously reported by other researchers and journalists, the investigation allowed Check Point to connect the different campaigns and attribute them to the same attackers.

Mozilla has patched a security flaw that could allow cybercriminals to hijack all vulnerable Firefox for Android browsers running on devices connected to the same Wi-Fi network.