ReversingLabs

June 21, 2019

Digital Certificates - Models for Trust and Targets for Misuse 5

Blog 5: Subverting trust with digital counterfeits

May 28, 2019

Digital Certificates – Models for Trust and Targets for Misuse 4

Blog 4: You are you, but so am I - certificate impersonation

May 13, 2019

Digital Certificates – Models for Trust and Targets for Misuse 3

Tampering with signed objects without breaking the integrity seal

April 17, 2019

Digital Certificates – Models for Trust and Targets for Misuse 2

Blog 2: Trust-based models in the age of supply chain attacks

April 9, 2019

Digital Certificates – Models for Trust and Targets for Misuse 1

Blog 1: Building secure certificate whitelists

March 27, 2019

Forging the ShadowHammer

Operation ShadowHammer is a new and highly targeted supply chain attack discovered by Kaspersky Lab.

January 14, 2019

Customer Use Case: Combatting Undetected Malware with Tanium and ReversingLabs

We’ve seen some exciting customer results from our partnership with Tanium.

torso of man wearing a belt and suspenders with office attire

December 13, 2018

Machine Learning: A Belt and Suspenders Approach

November 29, 2018

Notes from the Field: Extending Carbon Black Visibility to Undetected Malware

On a recent customer visit, I asked the company’s Director of Security Operations how ReversingLabs came to be deployed as a part of their SOC tool set.

November 1, 2018

Join ReversingLabs at Alamo Ace in San Antonio, Texas, to See the Latest in Advanced Malware Hunting

October 26, 2018

Integrating Isolation with Analytics

Guest blog by Edvard Amoroso, Founder and CEO of TAG Cyber

Stylized image with large gray letters "DDE" overlaying a close-up of a person's face wearing glasses. The text includes a visible command string "=rundll32..." highlighted in red, suggesting execution of a potentially malicious Dynamic Data Exchange (DDE) exploit.

September 24, 2018

Three New DDE Obfuscation Methods

The natural order of things is to evolve, so it was just a matter of time until obfuscations and variations would start appearing in the wild.

August 2, 2018

Why Build a Local Threat Intelligence Infrastructure with Automated Static Analysis?

At a recent FS-ISAC event, I listened to a cybersecurity analyst explain that a majority of the global (external) threat intelligence he receives is useless for his organization. “It just doesn’t apply to us,” he said, “and of the data that I think does apply, I have no fast and easy way to confirm that it does. It is still a lot of guesswork.”