ReversingLabs Accelerates Strategy to Secure Software Supply Chain, Appoints Peter Doggart as Chief Operating Officer
Read More
Secrets Exposed: An Essential Guide to Securing Secrets in Software
Read eBook
New App Sec Series | Software Package Deconstruction
Learn More
ReversingLabs and Synopsys Join Forces to Combat Software Supply Chain Threats
Learn More

ReversingLabs Blog

Robert Simmons

Robert Simmons
Principal Malware Researcher at ReversingLabs. With an expertise in building automated malware analysis systems based on open source tools, he has been tracking malware and phishing attacks and picking them apart for years. Robert has spoken on malware analysis at many of the top security conferences including DEFCON, HOPE, botconf, and DerbyCon among others.

Recent Posts from Robert Simmons

Data Exfiltrator
July 15, 2021

Data Exfiltrator

A New Tactic for Ransomware Adversaries
Read More
Code Reuse Across Packers and DLL Loaders
April 1, 2021

Code Reuse Across Packers and DLL Loaders

Packers and DLL Loaders
Read More
DotNET Loaders
March 12, 2021

DotNET Loaders

Many families of remote access trojan (RAT) are .NET executables
Read More
PoorWeb - Hitching a Ride on Hangul
November 16, 2020

PoorWeb - Hitching a Ride on Hangul

Tearing Down HWP Files To Expose a Trojan
Read More
Excel 4.0 Macros
September 8, 2020

Excel 4.0 Macros

The Risk of Hidden Threats in Compound Files
Read More
Five Uses of YARA
June 26, 2020

Five Uses of YARA

YARA is a useful member of the toolset of researchers, threat hunters, incident responder, and many other defenders.
Read More
Retread Ransomware
June 5, 2020

Retread Ransomware

In March of 2020, MalwareHunterTeam discovered a downloader which installed both a KPot infostealer as well as a second payload which was a ransomware variant that used the string "CoronaVirus".
Read More
Exposing Ryuk Variants Using YARA
March 23, 2020

Exposing Ryuk Variants Using YARA

Getting Ahead of Ryuk attacks using YARA Rules - Continued
Read More
RATs in the Library
January 31, 2020

RATs in the Library

Public hosting sites present a challenge for defenders when exploited by adversaries to conceal payloads using various encoding techniques
Read More
Hunting for Ransomware
January 24, 2020

Hunting for Ransomware

Many ransomware families have changed their tactics and victim-targeting in recent years. Rather than indiscriminate attacks against anyone they’re able to infect, they have moved to a process called “big game hunting”.
Read More
Going Behind the Scenes of Cybercrime Group FIN6’s Attack On Retail and Hospitality
December 13, 2019

Going Behind the Scenes of Cybercrime Group FIN6’s Attack On Retail and Hospitality

A step that an adversary takes during the post exploitation phase of an attack is to establish a command line interface with a computer inside the victim’s network. One recent incident demonstrates the entire intrusion set operated by FIN6, a financially motivated threat actor group.
Read More

SUBSCRIBE

Get the Best of the ReversingLabs newsletter delivered to your in-box weekly to stay up to date on key trends, analysis and best practices across threat intelligence and software supply chain security.

ConversingLabs Cafe: Chris Romeo on the state of application security ConversingLabs Cafe: Chris Romeo on the state of application security
Conversations About Threat Hunting and Software Supply Chain Security
Behaviors & Diffs: Better Together for Software Supply Chain Security Behaviors & Diffs: Better Together for Software Supply Chain Security
Glassboard conversations with ReversingLabs Field CISO Matt Rose
Software Package Deconstruction: Deconstructing UPS Ship Manager Software Package Deconstruction: Deconstructing UPS Ship Manager
Analyzing Risks To Your Software Supply Chain