Recon Infosec is a growing managed security services provider run by a team of seasoned cybersecurity experts. After switching from their custom-engineered security stack to the LimaCharlie SecOps Cloud Platform, they achieved an annual cost savings of $100,000, improved their mean detection and response times by 98%, and laid the groundwork for scalable, long-term growth.

The second annual threat report from the Sysdig Threat Research Team (Sysdig TRT) is packed with their findings and analysis of some of the hottest and most important cybersecurity topics this year. Threat actors are really embracing the cloud and are using it to their advantage to evade detection and speed up their attacks.

In September 2019, California signed Senate Bill 327, also known as the California Internet of Things (IoT) Security Law. While not an extensively written piece of legislation like the California Consumer Privacy Act (CCPA), SB-327 took effect on January 1, 2020, and focuses on manufacturers of connected devices—requiring updated security standards that protect both devices and end-users. Learn how UpGuard can help your organization update security standards and monitor risk >

As the digital landscape evolves, so too does the regulatory environment. One of the latest pieces of legislation to impact organizations across the EU is the Network and Information Security 2 (NIS 2) Directive. This directive, aimed at enhancing cybersecurity across the Union, has far-reaching implications for a wide range of organizations, both within and outside the EU.

GitGuardian Honeytokens are potent tools in the cybersecurity toolkit, notifying you of any unauthorized activities in code repos, Jira, Slack, Linear, and more.

The recent rise of ransomware, attacks on supply chains and increasing costliness of privacy regulations has made cyber insurance an important topic of discussion. But it can be tricky to keep up with cyber insurance requirements. One of the most robust ways to meet those requirements is with multi-factor authentication (MFA).

The landscape of cybercrime continues to evolve, and cybercriminals are constantly seeking new methods to compromise software projects and systems. In a disconcerting development, cybercriminals are now capitalizing on AI-generated unpublished package names also known as “AI-Hallucinated packages” to publish malicious packages under commonly hallucinated package names.

Let’s say you’ve built a PHP application, but you want to separate it from supporting infrastructure in a way that keeps things lightweight, portable, and still quite secure. You’d like other developers to be able to work on it without having to recreate whole environments. In short, what you want to do with your application is containerize it — package it and its dependencies into containers that can be easily shared across environments.

Despite being the second-largest internet market in the world, India has yet to pass a comprehensive data privacy bill. It is important to have policies and regulations in place to protect them and their right to data privacy—a right that India’s Supreme Court recognized in 2017. Since then, the country’s government has been working towards passing a bill that codifies the rights of individuals to data privacy and protection.

Researchers at CYFIRMA warn that the Bahamut threat actor is using a malicious Android app to deliver malware. “The suspected Android malware, known initially as ‘CoverIm’ was delivered to victims via WhatsApp, and was found to be disguised as a dummy chatting application named ‘SafeChat,’” the researchers write.