Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Compliance is something that developers dislike. Traditionally led by risk and information security teams, compliance standard enforcement in organizations is not something software engineers are trained to do. So when the words “PCI compliance” are tossed around, for many developers it mentally translates to limitations, guardrails, bottlenecks, and drastic changes to their workflows that impact productivity. But that doesn’t have to be the case.

Read also: Private eye gets 6 years in prison for hacking, Marriott hacker fakes his own death, and more.

US authorities have seized almost $9 million worth of cryptocurrency linked to a gang engaged in cryptocurrency investment fraud and romance scams. The US Department of Justice has announced that the seized funds are connected to cryptocurrency wallet addresses alleged to be associated with a "pig butchering" gang that has claimed over 70 victims around the world. "Pig butchering" is one of the world's fastest-growing types of scams.

As part of our efforts to effectively quantify and demonstrate the return on investment (ROI) for our customers, Egress has commissioned Forrester Consulting to conduct a Total Economic Impact of Egress Intelligent Email Security study. As part of this study, Forrester interviewed and gathered data from four Egress customers. This data and the interviewees’ experiences were aggregated to create a composite customer organization – a financial services firm with 9,000 mailboxes.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. Breaches are never timed well, and this one certainly isn’t before the return of the ever popular Black Friday sales storm. Be prepared for some scam emails from them as well as all the others. As always, check before you click! Talking of checking before you click…

New applications emerge at an almost impossible to keep-up-with pace, creating a constant challenge and blind spot for IT and security teams in the form of Shadow IT. Organizations must keep up by using tools that are automatically updated with latest developments and changes in the applications landscape to maintain proper security. An integral part of any SASE product is its ability to accurately categorize and map user traffic to the actual application being used.

Knowledge is power, but it is only as powerful as the way organisations implement what they’ve learned and the subsequent decisions they make. All too often there is a flaw in thinking, in that we tend to be quite tactical and short-term; often we don’t approach problems from a holistic perspective, or we spend too little time considering alternative strategies.

As we know, in today’s era, most applications are deployed using Kubernetes. So that applications can function properly, and the users can use the applications without any issues. The applications sometimes require access to external resources, services or databases for processing or storing data. One of the most efficient ways of accessing sensitive data from other services is the secret object of the Kubernetes environment.