What an SBOM is — and why it matters
Software bills of materials have become key to mitigating software threats. Here's what you need to know — and how to put them to work.
What an SBOM is — and why it matters
4 takeaways from the MITRE software security panel
With software supply chain attacks ramping up, software bills of materials (SBOMs) are getting the nod from both government and industry experts as a "no brainer."
The Week in Security: Google takes next step on supply chain risk, UK issues software security guidance
Welcome to the latest edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of cybersecurity.
DevOps lesson from Toyota FAIL: Crash test secrets
Toyota stands accused of lax DevOps standards, as the company reveals it stored prod database credentials in a public GitHub repo. That’s bad enough, but it also took five years to detect and fix.
Packagist PHP repo supply chain attack: 3 key takeaways
A PHP repository vulnerability threatened millions of sites. Here's why you need to make an SBOM the first step in your software supply chain security journey.
Week in Security: Open source tool used to steal data from defense firm
Welcome to the latest edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of security: application security, cybersecurity, and beyond.
Memory-safe #RustLang shines with its day in the sun
The chatter around the Rust language is growing into a deafening roar.
The Latest Update to the ReversingLabs Threat Analysis and Hunting Solution
We've updated our threat analysis and hunting solution, which provides automated reverse engineering and malware hunting
Gartner: Knowing your software's ingredients is critical to managing risk
With third-party sources — and supply chain attacks surging — Gartner expects adoption of SBOMs to go from less than 5% now to 60% in 2025
The Week in Security: Bill tasks CISA Director with responsibility for open source software security
Welcome to the latest edition of The Week in Security, which brings you the most important headlines from the world and our team across the full stack of security: application security, cybersecurity, and beyond.
DevOps teams: BGP security is BAD. But you can fix it
The security of the Border Gateway Protocol (BGP) is laughable. But we all rely on it every day. For everything.
Gaps in the NVD increase U.S. cyber threat
Discrepancies in reports to the national vulnerability databases (NVD) show the U.S. lags behind China, exposing U.S. firms to cyber attacks.
From the Labs: YARA Rule for Detecting Nokoyawa
ReversingLabs’ YARA detection rule for Nokoyawa can help you find this ransomware in your environment.
The pandemic turned out to be a boon for public-private cybersecurity cooperation
The shift to remote work punched holes in government networks. But it also fostered a transformation in public-private cooperation, one NSA official noted at LABScon.
Threat analysis: Malicious npm package mimics Material Tailwind CSS tool
ReversingLabs has discovered a malicious npm package disguised as the software tool Material Tailwind. Here's an in-depth look at our discovery — and threat analysis.