Security Operations

June 1, 2023

The Week in Security: Barracuda email flaw left open for months, calls for AI governance turn existential

This week: Barracuda’s appliances had an undetected flaw, which was abused by hackers for months. Also: Could AI bring on an ‘extinction event?’
May 25, 2023

The Week in Security: Lazarus targets Microsoft servers in espionage campaign, the future of PyPI

This week: North Korean APT Lazarus uses Microsoft IIS servers to carry out espionage. Also: What’s the future of PyPI amidst continuing attacks?
May 11, 2023

The Week in Security: Coalition takes down Russia's Snake espionage tool, GitHub plugs API leaks

U.S. and other countries take down Russia’s Snake malware, used to conduct global espionage. Also: GitHub auto-blocks API key and token leaks for all repos.
May 8, 2023

Modernize your SOC with advanced malware analysis, real supply chain security — and best practices

Today's SOCs need the right tools for malware and supply chain security. Here's why — and best practices for a modern SOC.
May 2, 2023

How to operationalize SBOMs for incident response

Learn why Software Bills of Materials are essential for cybersecurity incident response — and how to put them to work.
May 1, 2023

RSAC in review: Supply chain security, cyber war and AI

The stakes were raised at RSAC 2023: A “hot” cyber war in Ukraine, supply chain attacks on the rise — and let's not forget about artificial intelligence.
April 27, 2023

The Week in Security: A possible Colonial Pipeline 2.0, ransomware takes bite out of American eateries

This week: Canadian gas pipeline explosion could have been caused by a cyber attack. Also: Financial services firm NCR hit with a ransomware attack.
April 19, 2023

Secrets Exposed: The why, the how – and what to do about – secrets security in software

Secrets are increasingly exposed in code, creating a field-day for malicious actors. Here are key takeaways from our Secrets Exposed special report.
April 18, 2023

What’s hot at RSA Conference 2023: 6 must-see malware analysis and threat hunting talks

There is so much to take in at RSAC. Cut through the noise with our list of threat-focused talks you don't want to miss.
April 6, 2023

The Week in Security: Social engineering-attacks up with the rise of AI tools, Genesis Market seized

This week: Research connects the rise of AI tools and an increase in social engineering attacks. Also: A stolen credentials site is seized by the FBI.
April 5, 2023

CISA Cybersecurity Performance Goals update: Key changes and additions your team should know

CISA has better aligned the CPGs with NIST's Cybersecurity Framework, and added software supply chain goals. Here's what to know — and key insights.
April 3, 2023

Integrate threat hunting into the SOC triage process to mitigate software supply chain risk

Here's how robust threat hunting and malware analysis can enhance your SOC triage process — and help you mitigate software supply chain threats.

SUBSCRIBE

Get the Best of the ReversingLabs newsletter delivered to your in-box weekly to stay up to date on key trends, analysis and best practices across threat intelligence and software supply chain security.

ConversingLabs Cafe: Chris Romeo on the state of application security ConversingLabs Cafe: Chris Romeo on the state of application security
Conversations About Threat Hunting and Software Supply Chain Security
Behaviors & Diffs: Better Together for Software Supply Chain Security Behaviors & Diffs: Better Together for Software Supply Chain Security
Glassboard conversations with ReversingLabs Field CISO Matt Rose
Software Package Deconstruction: Deconstructing UPS Ship Manager Software Package Deconstruction: Deconstructing UPS Ship Manager
Analyzing Risks To Your Software Supply Chain