RATs in the Library

Remote Access Trojans Hide in Plain “Public” Site

Hunting for Ransomware

Getting Ahead of Ryuk attacks using YARA rules

When Malware RATs on their Owners

Uncovering configurations for malicious Remote Administration Tools

The Hunt for NTCrypt: Exposing a Malicious Packer

Researchers demonstrate how threat hunting with Titanium Platform accelerates their analysis

Going Behind the Scenes of Cybercrime Group FIN6’s Attack On Retail and Hospitality

See how ReversingLabs delivers the actionable insights needed for threat hunters to find attacks related to a FIN6 reverse shell

10 Billion Files Classified

Scaling Cybersecurity: How ReversingLabs Analyzed 10 Billion Files to Combat Emerging Threats

3 Ways High-Priority Malware Detection Can Fill SOC Gaps

Breaking the UEFI firmware Authenticode security model

Blog 8 in series: Digital Certificates - Models for Trust and Targets for Misuse

Breaking the Windows Authenticode security model

Blog 7 in series: Digital Certificates - Models for Trust and Targets for Misuse

Breaking the Linux Authenticode security model

Blog 9 in series: Digital Certificates - Models for Trust and Targets for Misuse

Breaking the Microsoft Authenticode security model

Rocking the foundations of a trust-based digital code signing system

Why You Need to Prioritize Software Development and Supply Chain Security

Enterprise software development graduated from the “waterfall” framework of development and operations - and became less linear, more complex and, in several ways, more difficult to secure. And while contemporary software supply chain practices allow developers to manage that complexity and deliver software efficiently at scale, unaddressed gaps and vulnerabilities within the process continue to be exploited by threat actors.

How to Detect Software Supply Chain Attacks

Going Beyond Files: Destructive Object Analysis

Digital Certificates - Models for Trust and Targets for Misuse 6

Blog 6: A new kind of certificate fraud: Executive impersonation