February 8, 2022

Microsoft disables Excel, Office macros by default. Will it matter?

Microsoft disabled two decades-old scripting languages in its Office products, long a favorite tool of cybercriminals. The security impact may be less than you think, however.
January 26, 2022

After Russian arrests, REvil implants persist

Almost two weeks after Russian authorities claimed to have dismantled the REvil ransomware group with a string of arrests, evidence for a reduction in the availability of REvil implants has yet to appear.
January 6, 2022

Here’s what happened with Log4Shell while you were out

ReversingLabs assists companies in mitigating software supply chain attacks and vulnerabilities like Log4Shell
December 30, 2021

A look back at 2021: The year ransomware took the gloves off

Ransomware gangs and nation-states launched attacks on critical infrastructure with cyber-physical consequences
December 29, 2021

A look back at 2021: The year supply chain threats went mainstream

Ransomware may have grabbed most of the headlines, but history will remember 2021 as the year that governments and companies finally woke up to the lurking threat posed by vulnerable software supply chains
July 21, 2021

Groundhog day: NPM package caught stealing browser passwords

Today almost everyone knows that they need to protect their publicly exposed services and applications against the potential attacks from the outside
July 15, 2021

Data Exfiltrator

A New Tactic for Ransomware Adversaries
July 7, 2021

Third-party code comes with some baggage

Recognizing risks introduced by statically linked third-party libraries