Red teaming a country: Lessons learned from hacking India's government
John Jackson and his Sakura Samurai crew took India up on an invitation to test the security of government websites and apps. Here are the lessons learned.
Red teaming a country: Lessons learned from hacking India's government
PyPI paused as automated attack overwhelms admins
The Python repo was flooded with malicious typo-squatting packages. Weekend warriors quit defense and hit pause.
Too costly to fail — and about to get costlier: Why software security matters
The cost of attacks on software supply chains could exceed $80.6B by 2026, a 76% increase over the $45.8B expected in 2023, a market research firm finds.
RATs found hiding in the npm attic
ReversingLabs researchers discovered two malicious packages that contained TurkoRat, an open source infostealer that lurked on npm for two months before being detected.
The Week in Security: Capita AWS bucket exposes benefits data, Toyota leaks customer data on 2M
Welcome to the latest edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of security: application security, cybersecurity, and beyond.
How to Use Threat Intelligence Indicator Feeds with Microsoft Sentinel
Learn how ReversingLabs threat intelligence indicator feeds can enhance Microsoft Sentinel. Plus, get a free trial of Early Detection of Ransomware for Sentinel.
Lessons from MSI's UEFI key breach: How safe are the secrets in your software?
Stolen keys allow bootkits to avoid Intel’s “Guard” features. And there’s no way to revoke them.
7 obstacles to success with software bills of materials
The path to success for SBOMs faces many hurdles. Here are key factors that threaten your investments.
Detecting Debugger Evasion: Exception Flooding
Quantum, once a popular ransomware gang, is no longer an active threat. However, ReversingLabs researchers created detection rules for a debugger evasion recently added to the Malware Behavior Catalog as Exception Flooding.
ReversingLabs and Synopsys join forces to combat software supply chain threats
ReversingLabs Software Supply Chain Security will be paired with Synopsys to spot malware and tampering in commercial, third-party, and open-source software.
The Week in Security: Coalition takes down Russia's Snake espionage tool, GitHub plugs API leaks
...
Why fear rules when it comes to software bills of materials
In this ConversingLabs Cafe interview, Josh Corman, founder of I Am The Cavalry, talks about what’s behind industry skepticism around SBOMs.
Red teamers take on AI at DEF CON 31
It takes a village... Researchers play capture the flag to find vulns in tools like ChatGPT — with a White House assist.
ReversingLabs File Enrichment API for Microsoft Sentinel
Learn how ReversingLabs Threat Intelligence integrates with Sentinel to deliver deep visibility and automation that enhances the efficiency of SOC teams.
SLSA 1.0 delivers build provenance: What application security teams need to know
OpenSSF's updated framework is an essential tool for dev teams, but experts say it's incomplete as a supply chain security solution