Tomislav Peričin
Recent Posts from Tomislav Peričin
September 19, 2022
The new memorandum calls on firms selling software to the federal government to attest to its conformity with NIST security standards. Here's what you need to know.
December 16, 2020
The SunBurst supply chain attack, which was behind the SolarWinds compromise, took sophistication and patience.
June 30, 2020
YARA is an important piece in the defenders chess set. Depending on how you play the game you can think of YARA as either a bishop or a rook. Powerful weapon in the hands of a threat hunter, or a layer that makes the defenders wall a bigger obstacle to overcome.
May 6, 2020
Next-generation threat detection and hunting algorithms built for humans
February 18, 2020
Observing the direction other security companies have taken, we at ReversingLabs felt that something big was missing: No one was focusing on the human element. We found that there wasn't a solution in the market that tried to bridge the gap between detecting malware and helping analysts understand why such detections happened in the first place.
October 30, 2019
Portable executable is probably the most prolific application format used for code distribution. It can be found on a wide variety of hardware and software platforms. That’s why it is no wonder that many systems, other than its native Windows, end up supporting it in one way or another.
October 30, 2019
Unified Extensible Firmware Interface (UEFI) is a specification that defines the interfaces between the operating system and the platform firmware. Originally developed by Intel, and now supported by an alliance of software and hardware vendors, UEFI quickly became a standard that displaced the legacy basic input/output system (BIOS).
October 30, 2019
Authenticode is a Microsoft code signing technology designed to guarantee the origin and integrity of an application. The core principle of its integrity verification system is code immutability
September 16, 2019
Blog 6: A New Kind of Certificate Fraud: Executive Impersonation
August 22, 2019
Software developers are increasingly being targeted by supply chain attacks. Popularization of package managers and their integration into the development pipelines has made this ecosystem an interesting target for various threat actors.
August 6, 2019
Phishing attacks are deception attempts that try to trick a person into clicking a link that leads to a credential-stealing page or a malicious application download. Relying on social engineering tactics, they have the potential to grant attackers unauthorized access to infrastructure, services, or information.
All Blog Posts
AppSec & Supply Chain Security
Dev & DevSecOps
Threat Research
Security Operations
Products & Technology
Company & Events
