ReversingLabs Blog

January 13, 2023

The CircleCI secrets hack is a red flag for security teams on software supply chain risk

Security teams should consider consider software supply chain risk through a new lens after the latest CircleCI incident.
January 12, 2023

ReversingLabs Threat Analysis and Hunting Solution January 2023 Update: Driving SecOps Forward

Learn how A1000 can reduce risks (and workload and tool costs) while ensuring privacy. Plus, how it reduces MTTD, and prioritizes malware for triage.
January 12, 2023

The Week in Security: When AI attacks, ChatGPT lowers the bar for developing malware

This week: Trojan Puzzle attack shows how AI can be trained for malicious purposes. Also: ChatGPT is enabling script kiddies to write functional malware. 
January 12, 2023

App sec and the supply chain: Work in tandem with engineers to achieve true software security

Application security is foundational to the software supply chain security ecosystem. But it takes a village. Derek Fisher explains in this fireside chat. 
January 11, 2023

If you don't love me now: JsonWebToken could break the software supply chain (again)

The JsonWebToken library has a serious flaw, which could lead to remote code execution. While exploitability is questionable, it could be a big problem.
January 11, 2023

After hack, CircleCI tells devs to update secrets now

In this latest attack on software development environments, the CircleCI platform may have exposed secrets used by millions of software developers.
January 11, 2023

Danger: Researchers exploit gaps in connected vehicle software supply chain

Researchers compromised source code and development infrastructure for Mercedes-Benz and SiriusXM Connected Vehicle Services, raising security concerns.
January 11, 2023

ReversingLabs Elastic Threat Infrastructure Update: Integration, Automation for SOC Teams

The update improves file and report storage options for Microsoft and AWS platforms, as well as appliance management for SOC admins and other users.