Blog | ReversingLabs | Paul Roberts (5)

September 8, 2022

ConversingLabs: Unpacking the Follina exploit

In this ConversingLabs podcast, Paul Roberts interviews ReversingLabs researcher Joseph Edwards about his analysis of Follina, a newly discovered exploit.

September 7, 2022

Enduring Security Framework's software supply chain guidelines: A roadmap for the post-SolarWinds world

The new guidance codifies lessons from the SolarWinds hack, including for securing third-party code and development pipelines. Here are four key takeaways.

August 22, 2022

To secure your CI/CD pipelines, round up the usual suspects

Exploring the “how” of CI/CD compromises, researchers show many of the culprits will be familiar to security teams.

August 12, 2022

Researchers demo flaws in GitHub Copilot AI generated code and warn of AI bias

GitHub updated guidance on using its Copilot AI-powered code bot after researchers showed at Black Hat that it often generates vulnerable code.

August 3, 2022

Software supply chain security takes center stage at Black Hat 2022

Black Hat is best known for hardware and traditional software exploits, but this year it showcases more software supply chain security issues—marking the shift in the threat landscape.

July 21, 2022

The Week in Cybersecurity: SolarWinds attackers tap Google Drive, malware spreads via Play Store apps

The Week in Cybersecurity highlights: An APT group is using Dropbox and Google Drive to cover up attacks, and malware is spreading via Play Store apps.

July 19, 2022

CISA: Log4j threat will linger for years—so be prepared

A survey of the post-Log4j landscape found few successful hacks linked to it. The bad news? Log4Shell will linger for years — so you need to prepare.

July 8, 2022

The Week in Cybersecurity: NPM removes malicious modules, Microsoft backtracks on macros

This week: fallout from another supply chain attack involving malicious NPM modules. Also: Microsoft backtracks on a pledge to disable Office macros.

June 30, 2022

The Week in Cybersecurity: NATO creates cyber rapid response

Welcome to the The Week in Cybersecurity. This week: International relations intersects with cybersecurity, leverage YARA rules, plus AstraLocker 2.0.

June 23, 2022

ConversingLabs highlights: RSA Conference spotlights software supply chain, critical infrastructure risk

ConversingLabs invited Robert Martin of MITRE and Steve Lipner of Safecode, who spoke at RSAC, to discuss supply chain risk, software assurance and more.

June 8, 2022

MITRE’s System of Trust: A standard for software supply chain security

MITRE’s System of Trust framework is aiming to standardize how software supply chain security is assessed. MITRE's Robert Martin explains.

June 3, 2022

What’s hot at #RSAC? Our picks for the big security show

Two years in, and COVID is still threatening to steal RSAC's mojo. But for those willing to brave Moscone (and those attending virtually), you won’t be disappointed. Here are our picks for must-see talks.

Software Supply Chain Security

File Security

Security Operations

Products

Technology

Industry

Partners

Alliances

Resources

Company

Events

Press

ConversingLabs: Unpacking the Follina exploit

Enduring Security Framework's software supply chain guidelines: A roadmap for the post-SolarWinds world

To secure your CI/CD pipelines, round up the usual suspects

Researchers demo flaws in GitHub Copilot AI generated code and warn of AI bias

Software supply chain security takes center stage at Black Hat 2022

The Week in Cybersecurity: SolarWinds attackers tap Google Drive, malware spreads via Play Store apps

CISA: Log4j threat will linger for years—so be prepared

The Week in Cybersecurity: NPM removes malicious modules, Microsoft backtracks on macros

The Week in Cybersecurity: NATO creates cyber rapid response

ConversingLabs highlights: RSA Conference spotlights software supply chain, critical infrastructure risk

MITRE’s System of Trust: A standard for software supply chain security

What’s hot at #RSAC? Our picks for the big security show

Topics

Special Reports

The 2025 Software Supply Chain Security Report

Upcoming Webinars

ConversingLabs

Topics

Follow us

Subscribe

Special Reports