Cybersecurity professionals know what they’re up against. The type, number and severity of cyberattacks grows with time. Hackers display no shortage of cunning and ingenuity in exploiting security vulnerabilities, compromising important data and inflicting damage to both individuals and organizations. Cybersecurity professionals also know that their defenses must evolve along with the attacks, requiring them to display even more ingenuity than hackers when creating security tools.

Magic seems to be very popular at the moment. Just look at last week’s Britain’s Got Talent, which featured an improbable number of magicians in its line-up. These included ‘X’, the masked magician who was wearing something that looked suspiciously like an anonymous mask and managed to supposedly hack Instagram. A lot of cyber security technology seems to work like magic, so is this a coincidence? Is ‘X’ a reformed hacker turned stage magician? Spoiler alert: no.

Custom compliance filters is now GA as part of the SaaS and on-prem release. With Sysdig Secure, enterprises can enforce compliance filters across the container lifecycle. Teams can automate regulatory compliance controls for PCI, NIST, CIS, for Kubernetes and container environments at scale.They also gain visibility into the performance, health, compliance, and security posture of an on-prem and/or multi-cloud environment from a single dashboard.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. A great (or bad depending on how you look at it) example of a supply chain infection this week, luckily it was spotted and a pre-emptive move taken to divert funds before they were stolen. They were very lucky in this case.

Industrial Control Systems (ICS) include Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS) and other control system configurations such as Programmable Logic Controllers (PLC). They are typically used in industries such as electric, water, oil and natural gas, transportation, chemical, pharmaceutical and manufacturing (e.g., automotive, aerospace). These control systems are vital to the operation of U.S.

Database security refers to the various measures organizations take to ensure their databases are protected from internal and external threats. Database security includes protecting the database itself, the data it contains, its database management system, and the various applications that access it. Organizations must secure databases from deliberate attacks such as cyber security threats, as well as the misuse of data and databases from those who can access them.

Those interested in how data breaches occur should be familiar with the general topography of the Internet. In our previous piece, we discussed the difference between the surface web, deep web and dark web. Most estimates about the topography of the Internet conclude that the deep web makes up between 95%-99% of all web sites. The dark web likely comprises less than 1%, while the surface web accounts for only a few percentage points itself. Nearly the entire Internet is the deep web.

It’s no surprise that data creation is rapidly growing, but did you know that we’ve actually created 90% of the world’s data in just the last two years alone? With that kind of growth rate, it’s no wonder that traditional file servers are having trouble handling these massive data sets. To compound the issue, as businesses create and share more data, it’s at greater risk of being stolen, ransomed or misused.

DevOps is revolutionizing the way enterprises deliver apps to the market by blending software development and information technology operations. This convergence creates an assembly line for the cloud, as Tim Erlin wrote for The State of Security, by increasing the rate at which companies can develop apps and deliver them to users.

Impostor email attacks are a growing trend and problem. Attackers will target your employees, customers, and business partners with these advanced attacks. It is now widely known that Cybercriminals aim to exploit users within organizations rather than the technology. Their sole purpose, to steal money and information which could prove financially valuable.