ReversingLabs Blog

January 5, 2023

How to harden machine learning models against adversarial attacks

As machine learning attacks become more sophisticated, it is imperative to harden ML models and reduce the adversary’s ability to evade detection systems. 
January 5, 2023

The Week in Security: Ransomware attacks close out 2022 with a bang, PyTorch compromise explored

The tail-end of 2022 was plagued by ransomware attacks on critical infrastructure. Also, we break down the PyTorch software supply chain attack.
January 4, 2023

PyTorch supply chain attack: Dependency confusion burns DevOps

The PyTorch open source software supply chain was compromised by a hacker publishing a malicious torchtriton clone on PyPI. Here's the craic.
January 4, 2023

10 software supply chain attacks you can learn from

Supply chain attacks are surging — and no one is immune. That has CISOs and boards worried. Learn from these notable 2022 software supply chain attacks. 
December 22, 2022

The Week in Security: Okta says source code stolen. Also: SentinelSneak: PyPi moduel poses as security SDK

Okta is hit with another supply chain attack. Also, ReversingLabs discovered a malicious PyPI package posing as a SentinelOne SDK client.
December 20, 2022

DraftKings fantasy? How YOU can prevent credential stuffing attacks

There’s been a huge uptick in credential stuffing attacks, including at DraftKings. But dev teams can easily prevent it.
December 19, 2022

SentinelSneak: Malicious PyPI module poses as security software development kit

A malicious Python file found on the PyPI repo adds backdoor and data exfiltration features to what appears to be a legitimate SDK client from SentinelOne.
December 19, 2022

Expert panel: No ‘silver bullet’ for supply chain security

Experts and a top analyst discussed the state of software supply chain security in a recent Webinar. Here are key takeaways from their discussion.