ReversingLabs

Paul Roberts

Director of Content and Editorial at RL. Paul is a reporter, editor and industry analyst with 20 years’ experience covering the cybersecurity space. He is the founder and editor in chief at The Security Ledger, a cybersecurity news website. His writing about cyber security has appeared in publications including Forbes, The Christian Science Monitor, MIT Technology Review, The Economist Intelligence Unit, CIO Magazine, ZDNet and Fortune Small Business. He has appeared on NPR’s Marketplace Tech Report, KPCC AirTalk, Fox News Tech Take, Al Jazeera and The Oprah Show.

find Paul Roberts on:

Posts from Paul Roberts

March 18, 2024

How CISA’s secure software development attestation form falls short

Here’s what we know about the federal government's new software security form — and what needs to change. For one, SBOMs should be required.

red highlighted key saying risk on computer keyboard

February 6, 2024

The Cloudflare source code breach: Lessons learned

This latest incident underscores the continuing risks to organizations posed by both third-party software and leaks of development secrets.

February 1, 2024

Lessons from the Mercedes-Benz GitHub source code leak

Here's what we know about the automaker's latest secrets breach — and lessons your security team can draw from it.

January 30, 2024

HPE, Microsoft breach disclosures mark new era of CISO accountability

New revelations show Russia’s SVR has stepped up cyber-espionage. They also spotlight how public companies are on the hook with the SEC’s disclosure laws.

collage of historical pictures and artifacts

January 16, 2024

SSCS attacks: A (partial) history

The Sunburst hack of SolarWinds put software supply chain attacks on everyone’s radar. But they aren’t new. Here’s an abbreviated history of key attacks and compromises.

protestware word superimposed over gloomy cityscape and the war bolded in red

November 16, 2023

Protestware taps npm to call out wars in Ukraine, Gaza

ReversingLabs researchers have discovered npm packages that hide scripts broadcasting messages of peace related to the conflicts in Ukraine and in Israel and the Gaza Strip.

September 20, 2023

The art of security chaos engineering

What if dev and app sec teams showed the same ingenuity, nimbleness and ruthless efficiency as cybercriminals? Fastly's Kelly Shortridge explains why that's essential to resilience.

August 15, 2023

6 things you may have missed at Hacker Summer Camp

The summertime trio of events in Las Vegas — Black Hat, DEF CON, and BSides — is information overload for cybersecurity leaders and practitioners. Here are the sessions that stood out.

August 7, 2023

8 Black Hat sessions you don’t want to miss

Black Hat USA is a showcase for top security experts and companies. Here's our short list of must-see sessions for 2023.